Originally Posted by
Lionet
if he finds the problems first, that should sound a little insecure and illegal for the company so im not sure if it works this way
It's not illegal lol, and I find them first, I use a platform called Hackerone which even some department of the US government uses.
https://hackerone.com
Basically a bunch of companies set up a "bug bounty" program on there, you go to their websites/etc, find bugs in them, report it to the company and potentially get awarded for it.
Last edited by hanna; Mar 9, 2019 at 05:16 PM.