We get hackers working for you!
Find vulnerabilities earlier, more reliably, and more cost-effectively with the Swiss Bug Bounty platform.
As we get friendly hackers working for our customers - we certainly have our platform hacked as well. Happy hunting!
Not in scope:
- Third-party services and products such as Fidentity (ID verification) and Gmail etc.
- id.gobugfree.com: Missing ratelimit on forms, known bugs from Keycloak Issues and Security Advisories
- Website: gobugfree.com
- IAM: id.gobugfree.com (only misconfigurations are in scope)
- Register / Login @ GObugfree
- Start looking for vulnerabilities, respecting the definitions in this program (scope, rules, ...).
- Report found vulnerabilities and support the platform and the customer in verifying them.
- Get paid for confirmed, new vulnerabilities.
The organisation gives their approval for Friendly Hackers to use hacking methods based on the specified bug bounty program. Due to this consent, the criminal liability criterion of unauthorized obtaining/unauthorized use and thus the criminal liability of the Friendly Hackers with regard to the criminal offenses in Art. 143 Swiss Criminal Code (Unauthorised obtaining of data) and Art. 143bis Swiss Criminal Code (Unauthorised access to a data processing system) does not apply.