- Bug Bounty Hunting Essentials
- Carlos A. Lozano Shahmeer Amir
- 148字
- 2021-06-10 18:35:32
Responding to the queries of the team
At this point, you have submitted the report and the team has seen it. Now, there are two scenarios. If your report is clear and thorough, the team would readily accept it given that the vulnerability exists. However, even if the report is clear the team may still have some questions, which is natural and does not need to diminish your confidence. Here are a few tips on how to respond to the team if they have queries:
- Always be respectful
- Never ask them about the resolution or fix timeline
- Include more technical details with every comment
- Be thorough in your provision of technical details
- Have patience, as the team does have other reports
- Always ask about the bounty after the resolution
- Accept politely if the team rejects your report
- If you still think the issue is valid, you can interject
推薦閱讀
- 數據恢復方法及案例分析
- 工業互聯網安全
- Metasploit Penetration Testing Cookbook(Second Edition)
- 暗戰亮劍:黑客滲透與防御全程實錄
- 深入淺出隱私計算:技術解析與應用實踐
- 安全技術運營:方法與實踐
- .NET安全攻防指南(上冊)
- 網絡用戶行為的安全可信分析與控制
- 網絡關鍵設備安全檢測實施指南
- Disaster Recovery Using VMware vSphere Replication and vCenter Site Recovery Manager
- Mastering Metasploit
- INSTANT Kali Linux
- Web安全攻防從入門到精通
- 網絡空間安全體系
- 網絡安全設計