Thread: Facebook Security Bug Bounty - $500 Reward

Find a bug for only $500.. which you can make in 15 minutes in case of autoshare scripts..

read what facebook has to say

Security Bug Bounty

To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs.

Here's how it works:
Eligibility

To qualify for a bounty, you must:

Adhere to our Responsible Disclosure Policy:
... give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research ...
Be the first person to responsibly disclose the bug
Report a bug that could compromise the integrity or privacy of Facebook user data, such as:
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF/XSRF)
Remote Code Injection
Reside in a country not under any current U.S. Sanctions (e.g., North Korea, Libya, Cuba, etc.)

Our security team will assess each bug to determine if qualifies.
Rewards

A typical bounty is $500 USD
We may increase the reward for specific bugs
Only 1 bounty per security bug will be awarded

Exclusions
The following bugs aren't eligible for a bounty (and we don't recommend testing for these):

Security bugs in third-party applications (e.g., http://apps.facebook.com/[app_name])
Security bugs in third-party websites that integrate with Facebook
Security bugs in Facebook's corporate infrastructure
Denial of Service Vulnerabilities
Spam or Social Engineering techniques

Source: https://www.facebook.com/whitehat/bounty/

This very intrsesting let's go bug hunting

Very cool. I'm so paranoid of allowing apps because my computer got a virus from one. Takes all the fun out of using FB.