Who don’t love complimentary gifts regardless of how much cash you have. One advantage for me after involving in Bug Bounties is I love particular organization Shirts, Swags and stickers and now I have a bunch of collection. I frequently called myself freebies hunter rather then Bug Bounty Hunter 😛
Well in my social circles a person posted a photo of his lid back with stuck couple of stickers and unsplash stickers was additionally a piece of that accumulation. I went to their site and founded that it’s a website dedicated to sharing copyright-free photography under the Unsplash license. I founded the best room for me. I established the best space for me.
Unsplash is a website dedicated to sharing copyright-free photography under the Unsplash license. The website claims 25,000 contributing photographers and generates an estimated 1 billion photo impressions per month. Other uses for Unsplash art include album art, advertisements, and product art for companies.
At the time I don’t know whether they have responsible disclosure policy or not. Without sitting idle and looking for any security policy page, I registered myself here and began pentesting not for bounty hunting but for bug freebies reward hunting. I know it sounds unfathomably horrendous. After searching and looking into pages I discovered a security and it initiates my inner monster of Bug Hunting, just joking.
I was searching for security related issues, I experienced their API documentation and discovered many intriguing things here.
In couple of hours I established three security vulnerabilities in their Web Application and one in their APIs which can disclose private and delicate data.
I reported these security vulnerabilities to their security team with detail explained and got response from them in next couple of hours.
Because of their security policy I can’t uncover finish bug reports with Proof of Concept. After addressing these security discoveries, Unsplash Co founder & CPO recommended me on LinkedIn.
They will be adding me in their security page soon. It was truly a good experience with Unsplash and I truly appreciate there support team. A debt of gratitude is in order for perusing. Keep in contact to peruse more nitty-gritty reviews on bug bounty and more identified with InfoSec.