Hacker News new | ask | show | jobs
by thaumasiotes 1769 days ago
Email-spoofing-related records will be checked for you probably dozens of times a week if you offer a public bug bounty through any of the popular platforms. You can get all the advice on them you want for under $100 in payouts. They are among the lowest of low-hanging fruit.
1 comments
JohannesH 1769 days ago
What are the popular platforms for this?
link
thaumasiotes 1769 days ago
Off the top of my head, HackerOne and BugCrowd.

If you're thinking of setting up a program, it's worth your time to read over some existing program policies - those policies encapsulate a lot of experience that the existing programs have had on their platforms. Your ideal policy will probably differ, but it's worth thinking about why the other program policies are the way they are.

https://hackerone.com/twitter?type=team

link