What do you check for when doing a bug bounty? https://www.rallypoint.com/answers/what-do-you-check-for-when-doing-a-bug-bounty <div class="images-v2-count-0"></div>I&#39;m fairly new to bug bounties, but I was reading an article about a 10 year old finding a vulnerability in Instagram and facebook paid him $10,000 for his find. What do you check for and tools do you use for site analysis? <a target="_blank" href="https://hackerone.com">https://hackerone.com</a> is a good site to check out <div class="pta-link-card answers-template-image type-default"> <div class="pta-link-card-picture"> </div> <div class="pta-link-card-content"> <p class="pta-link-card-title"> <a target="blank" href="https://hackerone.com">HackerOne: Vulnerability Coordination and Bug Bounty Platform</a> </p> <p class="pta-link-card-description">HackerOne provides a platform designed to streamline vulnerability coordination and bug bounty program by enlisting hackers to improve your security.</p> </div> <div class="clearfix"></div> </div> Wed, 04 May 2016 09:30:56 -0400 What do you check for when doing a bug bounty? https://www.rallypoint.com/answers/what-do-you-check-for-when-doing-a-bug-bounty <div class="images-v2-count-0"></div>I&#39;m fairly new to bug bounties, but I was reading an article about a 10 year old finding a vulnerability in Instagram and facebook paid him $10,000 for his find. What do you check for and tools do you use for site analysis? <a target="_blank" href="https://hackerone.com">https://hackerone.com</a> is a good site to check out <div class="pta-link-card answers-template-image type-default"> <div class="pta-link-card-picture"> </div> <div class="pta-link-card-content"> <p class="pta-link-card-title"> <a target="blank" href="https://hackerone.com">HackerOne: Vulnerability Coordination and Bug Bounty Platform</a> </p> <p class="pta-link-card-description">HackerOne provides a platform designed to streamline vulnerability coordination and bug bounty program by enlisting hackers to improve your security.</p> </div> <div class="clearfix"></div> </div> SPC(P) Private RallyPoint Member Wed, 04 May 2016 09:30:56 -0400 2016-05-04T09:30:56-04:00 Response by 1stSgt Private RallyPoint Member made May 4 at 2016 9:37 AM https://www.rallypoint.com/answers/what-do-you-check-for-when-doing-a-bug-bounty?n=1499717&urlhash=1499717 <div class="images-v2-count-0"></div>Most certainly not in my wheel house of skills. How does this hackerone site work? I would think companies would prefer not to have people trying to reverse engineer their products to find glitches. 1stSgt Private RallyPoint Member Wed, 04 May 2016 09:37:10 -0400 2016-05-04T09:37:10-04:00 Response by SN Greg Wright made May 5 at 2016 8:28 PM https://www.rallypoint.com/answers/what-do-you-check-for-when-doing-a-bug-bounty?n=1504635&urlhash=1504635 <div class="images-v2-count-0"></div>Gonna tag in <a class="dark-link bold-link" role="profile-hover" data-qtip-container="body" data-id="77973" data-source-page-controller="question_response_contents" href="/profiles/77973-25u-signal-support-systems-specialist">SGT Private RallyPoint Member</a>. Pretty sure he&#39;d be interested in this. SN Greg Wright Thu, 05 May 2016 20:28:08 -0400 2016-05-05T20:28:08-04:00 2016-05-04T09:30:56-04:00