Bug Bounty Program

Help us improve the security of Interview Captain and earn rewards up to $30,000.

Reward Ranges

Critical

$5,000 - $30,000

Vulnerabilities that can lead to significant data breaches, unauthorized access to user accounts, or compromise of core systems.

High

$1,000 - $5,000

Security issues that could potentially lead to data exposure, account takeover, or service disruption.

Medium

$500 - $1,000

Vulnerabilities that pose moderate risk but require specific conditions or have limited impact.

Low

$150 - $500

Minor security issues with minimal impact or requiring significant user interaction.

What We're Looking For

Authentication Vulnerabilities

Issues related to login systems, session management, and authentication flows.

Injection Vulnerabilities

Vulnerabilities where untrusted data is sent as part of a command or query.

Sensitive Data Exposure

Improper protection of sensitive data such as financial information, credentials, or personal data.

Broken Access Control

Restrictions on what authenticated users are allowed to do are not properly enforced.

Out of Scope

The following types of issues are not eligible for rewards under our bug bounty program, but we may reward you with something as a good gesture if your report is valuable:

Social engineering attacks

Physical security issues

DoS/DDoS attacks

Rate limiting issues

Self-XSS requiring user interaction

Issues in outdated browsers or platforms

Reports from automated vulnerability scanners without verification

Issues already reported by another researcher