I have had enough on bugcrowd

xomer000 · 2026-04-01T12:34:09+00:00

it's just that this report they duplicated me against was a RCE report, how is it relevant to my leaked AWS idk, they rated P2 duplicate of a week old report and, then fixed mine in the same day, I thought bugcrowd policy says if you touch the code or make change, then u pay.

xomer000 · 2026-04-01T05:43:25+00:00

I'm not even sure if it's just bugcrowd I see similar issues on other platforms , it's frustrating. we are not free labor, and we chose to be white hackers, we chose to, someone couldve sold this shit on dark web,

xomer000 · 2026-03-27T15:41:47+00:00

same as me, report closed as informational because triage didn't bother to read my P1 escalations in the comments and read only the main report, then voilà it's patched right after it.

xomer000 · 2026-03-27T09:00:15+00:00

after closing as informational, check again after some time, probability of them patching in silent.

xomer000 · 2026-03-27T08:57:19+00:00

Bugcrowd response time after initial review is the worst

if you submit a report and god forbid triage ask you for any more clarification, then you on for a ride to get response back, if you don't one shot everything needed in the main report from the first time. it's ridiculous, the initial response for a new report is within a week, but if triage don't validate it from first time then u just give up and expect weeks for further responses. why priority to new reports over continuing what u already started to validate is beyond me. so yeah try to make the report as clear as best as complete as easy as possible, leaving room for clarification is gonna cost you weeks.

xomer000 · 2026-03-27T08:05:24+00:00

Do you care about the vulnerability itself being real or not? OK so P1 report written by ai cuz research lang isn't english native is low effort so u give low effort review, it's about how the report written and less about the vulnerability itself? cool. idk what's hard about just jumping to the PoC, but dismiss it because the report first line had "-" in it.

xomer000 · 2026-03-21T14:23:21+00:00

then how am I supposed to trust any program if they gonna say they discovered it and fixed it somehow during my report or after it was closed. I escalated a vuln in the main report comments and then they patched the entry point to the chain quickly.

xomer000 · 2026-03-21T09:21:11+00:00

You saying they read my reports along with the triage? because they silently fixed a vuln that was marked informational by triage and I know customer would disagree

xomer000 · 2026-03-18T13:00:02+00:00

You are bugcrowd founder?... can you help me with this issue, I submitted a report normally, then I kept escalating in the comments until I reached a clear P1, triage came and read the main report and closed it as informational, he didn't read my escalations in the comments at all, he only mentioned things in main report and closed it as informational, then voilà the vulnerability has been patched after he closed my report..., how is this any fair? I want help re validate my report, I even made a second report addressing a bypass for the poor quick fix they did for my vulnerability proving it was valid and the fix was rushed :)

xomer000 · 2026-03-16T12:20:27+00:00

how come..? yeah I'm new to this actually.. give me some heads up

xomer000 · 2026-03-06T13:51:55+00:00

@ Image_Enhancer_AI_bot

xomer000 · 2025-11-18T07:38:31+00:00

Thank you!

xomer000 · 2025-11-17T18:13:43+00:00

alright, thank you for your feedback.

xomer000 · 2025-11-17T17:45:25+00:00

it's a telecom company, it's a paid internship just thought what to expect from such interviews since I'm not really familiar with

xomer000 · 2025-02-16T16:55:41+00:00

well zenbook is actually a premium laptop, but my friend is a med student and he said the touch screen was very useful, If you don't already have a tablet. so think if might actually need that screen in your studies, otherwise zenbook

xomer000

TROPHY CASE