🆓 Free Link (For Non-Members)
I keep exploring lesser-known bug bounty platforms and interesting opportunities. Recently, I came across BI.ZONE, which is a Russian-based bug reporting platform, and rewards are paid in Rubles (₽)
Some beginners and intermediate players, even though they have the right skillset, still face duplicates, which is a nightmare for anyone as platforms like Bugcrowd & HackerOne are heavily crowded!
Example: The moment there is a change in any JS file, there is an automated alert sent to the hunter's private channels in Slack, Discord, Telegram, and they instantly start hunting based on like
- New parameter added
- New endpoint added
- Some juicy information in a developer comment
- New feature etc…
Whereas someone who is analysing only manually might face duplicates. However, it depends on the bug class as well. This statement doesn't imply manual testing is worthless, but using automation to assist in which areas to test manually first will be a good choice. Also depends on their respective bug-hunting niche. Everyone's approach is different!
🌐Website: bugbounty.bi.zone
Access to more than 25+ Programs
There are sub-programs as well
I clicked on one of the programs with rewards to check how many reports are reported, and surprisingly, no reports are valid or approved yet.
🔍 Scopes Available
- Wildcard domains
- Android App
- APIs
- IOS App
🔖 Reward Table and Statistics for one program
- Before you proceed, read all guidelines and terms & conditions for the payment and whether your country fits into it or not.
- Verify its legitimacy through LinkedIn and Twitter(X) OSINT of people who received any swag or rewards.
Custom Dorking 🤖
Let's see Google indexed security policy pages where this platform is mentioned
ext:txt "bugbounty.bi.zone"
-site:bugbounty.bi.zone site:ru "bugbounty.bi.zone"111 results for [.]ru
