Omar's Bug Bounty Program Scope Template

Introduction

Briefly describe the objectives of your bug bounty program and what you hope to achieve through it.

Target Systems

In-Scope Targets

Web Applications
- app1.websploit.org
- app2.websploit.org
Mobile Applications
- Android App (version x.x and above)
- iOS App (version x.x and above)
APIs
- api.websploit.org/v1/
- api.websploit.org/v2/

Out-of-Scope Targets

app3.websploit.org

Vulnerability Types

In-Scope Vulnerabilities

Cross-Site Scripting (XSS)
SQL Injection
Cross-Site Request Forgery (CSRF)
Business Logic Vulnerabilities

Out-of-Scope Vulnerabilities

Denial of Service (DoS) attacks
Social Engineering Attacks

Reward Structure

Critical Vulnerabilities: $1000 - $5000 (or alternative rewards)
High Severity Vulnerabilities: $500 - $1000 (or alternative rewards)
Medium Severity Vulnerabilities: $100 - $500 (or alternative rewards)
Low Severity Vulnerabilities: $50 - $100 (or alternative rewards)

(Include criteria for determining the severity)

Reporting Guidelines

Provide details on how the researchers should report the vulnerabilities, the format of the report, and the information required.

Legal Protections

Outlining the legal protections available for the researchers, including terms and conditions that govern the responsible disclosure of vulnerabilities.

Contacts

Provide contact details for researchers to reach out in case of queries or clarifications.

1.5 KiB Raw Blame History