And we are back with huntr highlights, this time with a bunch of new features coming to huntr.dev!
As always, here are a few of the top fixes we received this month:
Boxbilling is an open source billing and client management software that has been used & integrated with hundreds of worldwide systems including Paypal. A cross-site scripting vulnerability was identified in the package and was fixed by Mik317. Check out his fix here to learn how he did it!
Vizion is a Git/Subversion/Mercurial repository metadata parser which is downloaded almost 400,000 times every week. It was vulnerable to command injection until RadioAndrei fixed it by checking the revision string against a regex, making sure it only contains letters and digits. Check out the fix here.
New bounty board
We have given the bounty board a new paint job, making it easier for you to pick your bounties. You can now filter by language, and set your priorities, so you are shown the bounties that suit you best - check it out here.
New profile page
You now have a personal profile page that you can develop throughout your open source journey. Keep track of your disclosures, fixes and reviews, collect badges, and share your successes with your friends!
Podcast: Bug huntr
There are three new episodes of Bug huntr out, Jimony speaks with a bunch of huntr users as well as Jamie Slome (or DUCKL1N6) who is huntrs' tech lead. Check it out on the huntr blog to find out what's coming in the next few weeks. 🔥
We held a few competitions this month, to be entered all we asked was for you to either get set up and fork the huntr-repo, or create a huntr meme. Without further ado, the winners of the contest are Hacktivist and d3mon-r00t - congratulations! we will be sending you some huntr swag shortly.
huntr of the month 🦸♀️ 🦸♂️
This month's huntr of the month is Toufik Airaine - well done! 👏 👏
Not only has he been working as a community sheriff, reviewing your disclosures and fixes, he has also been spreading the huntr word around his home town, attracting new huntrs who are ready to secure the worlds open source code. Check out the conversation with him on EP003 of bug huntr.
To say thank you, we have awarded him this month's gold huntr of the month badge and will be sending him a huntr hoody shortly! 🏆
As always, a huge thank you for your love and support - your fixes have now been downloaded over 20 million times...let's make it to 1 billion!
Until next time...