Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 329,323 coordinated disclosures
190,859 fixed vulnerabilities
411 bug bounties with 868 websites
9,227 researchers, 854 honor badges

Toudai Bug Bounty Program

Toudai runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of Toudai

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between Toudai and researchers.

Bug bounty program allow all submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

kibo.fm

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

- Cross Site Scripting (XSS)
- Open Redirect


- Cross Site Request Forgery (CSRF)
- Improper Access Control

Testing Requirements:

Use of Open Source Pentesting Tools

Possible Awards:

Mention on our Facebook Page

Special Notes:

We are unable to use monetary means

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  How quickly researchers get responses to their submissions.
Remediation Time  How quickly reported submissions are fixed.
Cooperation and Respect  How fairly and respectfully researchers are being treated.

  Latest Patched

 25.03.2019 ocn.ne.jp
 25.03.2019 lexisnexis.com
 24.03.2019 datpiff.com
 24.03.2019 gruppocarige.it
 24.03.2019 javhd.pro
 24.03.2019 flirt4free.com
 23.03.2019 redcross.org
 23.03.2019 etsu.edu
 23.03.2019 dump.xxx
 23.03.2019 vipon.com

  Latest Blog Posts

22.03.2019 by HackerGautam
TLS 1.3 Genesis, Mechanism and Working
19.03.2019 by Open Bug Bounty
GDPR PII exposure can now be securely reported via Open Bug Bounty
24.02.2019 by ismailtsdln
Apple XSS Vulnerability - Proof of Concept (PoC)
24.02.2019 by ismailtsdln
How do you use an xss as a keylogger ?
23.02.2019 by ismailtsdln
Everything about XSS is in this source!

  Recent Recommendations

    25 March, 2019
     RESTPOSTENde:
Dear Armin, thank you very much for reporting a vulnerability to us in such a respectful, professional way! Your extensive documentation helped us tremendously to solve the issue in almost no time.

It's guys like you that make the internet a better and safer place! Thanks alot!
    24 March, 2019
     granthughes17:
Thank you for reporting this vulnerability to us responsibly and for your professional conduct. Your assistance and professionalism is much appreciated.
    22 March, 2019
     jcfmachado:
Thank you for your time and notification.
    19 March, 2019
     rogerdc01:
Ezio has helped me with a vulnerability. Answered very fast after some questions and showed the way to examine the issue. Very professional!
    19 March, 2019
     interactmultim1:
Thank you k0t for reporting this bug. We appreciate your work!