You cannot copy content of this page

Eshan Singh

Responsible Disclosure

Responsible Disclosure Program. Hey Hacker, If you think you found a Bug in my website. Please share that bug with me I want to learn how you found the bug and by that I train my mind to make cyber world and my website more secured with another skill that is Development ;).

For reward I’ll send you Certificate Of Appreciation and Give Hall Of Fame on my website. So please find the bug and report me. Happy Hunting… [#ignore grammar]

Exclusions

  • Cookie flags ie. Secure, HTTPOnly.
  • Volume related issues ie. Brute-force, rate-limiting, denial of service.
  • Email configuration ie. SPF, DKIM, DMARC.
  • Error pages ie. verbose error messages, stack traces, invalid status codes.
  • Admin or maintenance pages ie. monitoring system login pages, pages with no sensitive information.
  • Clickjacking ie. missing X-Frame-Options header.
  • CSRF on unauthenticated resources ie. login/logout, pages with anonymous access, non-sensitive information.
  • Mobile issues that require root access or unsupported OS versions ie. credentials in Android SharedPreferences.
  • Non-sensitive exposed API keys ie. Google Maps, Raygun.
  • Absent or misconfigured HTTP headers ie. Content-Security-Policy, Strict-Transport-Security, X-XSS-Protection, Cache-Control.
  • Configuration that is not directly exploitable ie. weak TLS ciphers, password policy, session expiration, certificate pinning.

Submit Your Bug Details

Close Menu
error:

Take a break,
Take a look

Let’s make something awesome and secured together. I’m here to help your online presence. Let’s make cyber world secured and friendly.

Let's Discuss Your Project