April huntr highlights - Disclosure & Giveaway Published by the huntr team

{{ blog.author }}'s blog image

April is now over and we're sure its been as weird and wonderful for you as it has been for us. This month was filled with disclosures, fixes and great conversations. We rolled out a few front-end design changes to the site, started to develop the profile page and implemented the disclosure capability, so you can start getting rewarded for disclosing vulnerabilities in open source code.


For those that missed it, we'll pay $10 for any vulnerability you find ($20, for the first 10 each week) in open source packages that:

  • have over 1000 downloads per month
  • a severity score of 3+ (CVSS)
  • don't already have a fix available

If you find one that doesn't fit this criteria; don't worry we will still reward you credits as usual.

Giveaway 🎁

Fill out this simple questionnaire and tell us about your experience using huntr.

Enter the prize draw here

The questions are for everyone, whether you use huntr weekly, or haven't been back since signing up, your feedback is extremely valuable.

Make sure to have your answers back to us before 8th May 2020 to be entered!

Heroes πŸ¦Έβ€β™€οΈ πŸ¦Έβ€β™‚οΈ

Every month, we will pick the huntr of the month, giving the most successful huntrs the recognition they deserve.

Without further ado, the huntr of the month is - Michele Romano - well done! πŸ‘ πŸ‘

Michele disclosed over 20 vulnerabilities including remote code execution and cross site scripting vulnerabilities in packages including logkitty, gitlib and git-wrapper! πŸ›

To say thank you, we have awarded him this months gold huntr of the month badge and will be sending him a huntr hoody shortly! πŸ†

To all other huntrs, a huge thank you for the love and support - there's plenty more vulnerabilities to find, bounties to win, and badges to collect, so keep an eye out! 🧐

Until next time...