When an application contains functional / architectural flaws that allow for remote interactions to consume large quantities of the host system’s resources, which can lead to the system locking-up or otherwise failing to deliver content.
Outlines the rules of engagement for a bounty program, thereby setting the expectations for how both parties will behave throughout the process.
Broken Access Control is when an application does not thoroughly restrict user permissions for appropriate access to administrative functionality. The consequences associated to broken access control may include viewing of unauthorized content, modification or deletion of content, or full applicatio...
A Bug Bounty Program utilizes a pay for results model, ensuring you only pay for valid results, versus paying for time and effort spent like with traditional testing methods. It’s also important to note that through these programs, companies authorize researchers to not only identify vulnerabilities...
A list of publicly known cybersecurity vulnerabilities commonly found on specific products and systems.
Common Vulnerability Scoring System is a free and open industry standard for assessing the severity of security vulnerabilities. CVSS attempts to assign scores to vulnerabilities, allowing responders to prioritize responses and resources according to severity. The Common Vulnerability Scoring System...
A classification and categorization of common software vulnerability types.
Also known as one-click attack, CSRF is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts.
Typically found in web applications, XSS enables attackers to inject client-side scripts into web pages viewed by other users.
A powerful platform connecting the global security researcher community to the security market.
Crowdsourced security is an organized security approach wherein a number of ethical hackers are incentivized to search for and report vulnerabilities in the assets of a given organization, with the full understanding and awareness of the organization in question. The power of crowdsourced security i...
Email spoofing is the forgery of an email header with a false address. Email spoofing is often used in phishing and spam campaigns. The purpose of email spoofing is usually to obtain sensitive material about the recipient, or to get the recipient to install malicious malware.
If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a quintessentially green computer terminal. They’re up to no good… Stealing your data, crashing critical systems, or causing general Internet badness. In reality, th...
Any device (often called a “smart” or “connected” device) that connects to and exchanges information over the internet.
A list of the most critical security risks to web applications.
The money paid to a researcher once their vulnerability submission has been validated.
A penetration test, commonly known as a pen test, is an authorized test of a computer system, network or application where human operators attempt to find vulnerabilities that an attacker could exploit.
Points awarded or deducted for submissions to the researcher, builds status and used to measure the leaderboard.
A controlled testing environment with a small set of highly vetted and experienced researchers, ideal for targets that are not publicly accessible such as staging environments, applications that require credential access, or devices.
A bug bounty program that is publicly accessible to the researcher crowd, helping scale testing efforts and gain access to an extensive, diverse skill set.
Whereby an attacker can remotely execute commands on someone else's computing device. We have a t-shirt that explains this phenomenon quite succinctly.
A community platform for researchers to follow and join programs, submit and manage vulnerabilities and receive rewards for their work.
The payment for a valid vulnerability submission. This is defined in the scope of a program and can include anything from points to swag and cash.
Outlines the rules of engagement for a bounty program. This includes a clearly defined testing parameter to inform researchers what they can and cannot test, as well as the payout range for accepted vulnerabilities.
Hacker or bug hunter are common terms used to describe a security researcher or any skilled computer expert that uses their technical knowledge to identify vulnerabilities. Our crowd of security researchers comes from all walks of life, most are working information security specialists by day and bu...
In a SQL injection attack malicious code is embedded in a poorly-designed application and then passed to the backend database. The malicious data then produces database query results or actions that should never have been executed.
The report a researcher submits to Bugcrowd describing the vulnerability or bug they found.
A target is the thing (web or mobile application, hardware, API) that the crowd test for vulnerabilities.
The global community of white-hat hackers on the Bugcrowd platform who compete to find vulnerabilities in bug bounty programs.
The process of validating a vulnerability submission from raw submission to a valid, easily digestible report.
Valid refers to the state of a vulnerability that has been tested and confirmed real.
A security flaw or weakness found in software or in an operating system (OS) that can lead to security concerns.
A Vulnerability Disclosure Program creates clear guidelines for researchers to submit security vulnerabilities to organizations while also helping organizations mitigate risk by supporting and enabling the disclosure and remediation of vulnerabilities before they are exploited. Vulnerability Disclos...
P1 - Critical: Vulnerabilities that cause a privilege escalation from unprivileged to admin or allow for remote code execution, financial theft, etc. P2 - High: Vulnerabilities that affect the security of the software and impact the processes it supports. P3 - Medium: Vulnerabilities that affect mul...
An attack against application(s) that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port sca...