x
Error Success Please Note Info

Welcome to the TechGig Bug Bounty Program

Welcome to the TechGig Bug Bounty Program

At TechGig, we are truly thankful to our team of experts who have put in best efforts to ensure there are no bugs on our platform. While doing so, we realize that there is no system in the world that can be 100% bug-free. It is here that we solicit your cooperation, whether you are an individual or part of an independent security group, we invite you to go through our platform and help us make it a safe browsing destination for our technology community. If you detect a bug, we request you to responsibly report it to us so that we can have it fixed at the earliest. For any security related vulnerability or bug that you manage to identify, we will be offering you rewards and recognition as mentioned below.

The Bug Bounty Program is only applicable on security-related bugs/vulnerabilities.

Guidelines

Participating in TechGig's Bug Bounty Program requires you to responsibly investigate/report bugs and vulnerabilities to us. It is also important that you adhere to the following guidelines:

  • In the process of investigating issues, bugs, vulnerabilities, please remember not to violate the privacy of other users on our platform, attempt to destroy data or disrupt any of our services.
  • During the investigation stage, you are expected to not target any other user, attempt to access their accounts, or disrupt their experience on our platform in any way.
  • Any attempts to use social engineering techniques, distributes denial of services (DDoS) attacks, or attempts to target our security measures is a clear violation.
  • If you've detected a serious vulnerability on our platform, you are expected to discontinue using it and report it immediately by following the process of submitting your report using the form only.
  • TechGig will use its discretion to identify a reported issue as a bug/vulnerability and we will decide how it will be addressed.
  • Reporting any issue to anyone other than TechGig is forbidden.
  • Exploiting any bug or vulnerability in the system for personal benefit will lead to your disqualification from the program.
  • No futute updation of user details will be done, so please provide your valid details.

Please investigate and report bugs in a responsible manner as these should not be disruptive or harmful to us or our users in any way.

Eligibility

Remember: For you to earn any reward or recognition from this program, the bug/vulnerability needs to be security-related. It is the sole discretion of TechGig to determine whether the reported issue qualifies for the reward or not.
Some common security-related issues could include the following:

  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)[Stored XSS/DOM XSS/Reflected XSS which affects other users]
  • Code Executions
  • SQL injections
  • Server Side Request Forgery (SSRF)
  • Privilege Escalations
  • Authentication Bypasses
  • File inclusions (Local & Remote)
  • Protection Mechanism bypasses (CSRF bypass, etc.)
  • Leakage of sensitive data
  • Directory Traversal
  • Payment manipulation
  • Administration portals without authentication mechanism
  • Open redirects which allow stealing tokens/secrets

Ineligibility

Some of the issues that will not be eligible for reward under this program include:

  • Application stack traces (Path disclosures, etc.)
  • Self-type Cross Site Scripting
  • Self affecting Reflected Cross Site Scripting
  • Denial of Service attacks
  • CSRF issues on actions with minimal impact
  • Brute force attacks
  • Security practices (banner revealing a software version, etc.)
  • Vulnerabilities on sites hosted by third parties unless they lead to a vulnerability on the main website.
  • Vulnerabilities on non-production environments(Even If url is available online).
  • Vulnerabilities contingent on physical attack, social engineering, spamming, DDOS attack, etc.
  • Vulnerabilities affecting outdated or unpatched browsers / Operating Systems.
  • Vulnerabilities in third party applications.
  • Bugs that have not been responsibly investigated and reported.
  • Bugs already known to us, or already reported by someone else (reward goes to first reporter).
  • Issues that aren't reproducible.
  • Issues that we can't reasonably be expected to do anything about.
  • Reports of current or previous employees of TechGig and subsidies and partners
  • Issues related to this page are not part of this program
  • Rate Limiting related Issues

Rewards

  • Each accepted bug will earn reward point and based on earned reward points Gift Vouchers/TechGig goodies will be given.
  • Multiple "accepted issues under different categories" reported by the same individual/group will find a mention in the Hall of Fame. Please don't send queries asking adding your name in Hall Of Fame. If you are eligible, you will be added in TechGig HOF.

How to Report a Bug ?

  • Fill the form to report the issue to us.
  • In case you are not able to submit your findings due to any issue in the form Only then you can send an email to customercare@techgig.com to report any bug. We will not accept email sent to customercare@techgig.com without proper reason. So use the Bug Bounty Form only for reporting the issues.
  • When using the email medium, try to detail out the issue as far as possible. Include a description of your findings, you will have to include steps to reproduce the bug/vulnerability and the affected component such as the API endpoint.
  • In the event you wish to share images/videos for PoC, please upload it to your Google Drive and email the link to us.
  • Allow us up to 10 working days to respond to your issue before sending another email on the same matter.

To report a Security vulnerability in our systems, please fill out this form below. Note: fields marked * are mandatory.

  • Only doc,docx and pdf type files are allowed.
  • Learn through hands on Coding Practice sessions
  • Attend interactive Webinars from Industry Experts
  • Compete in Challenges and Events
  • Showcase your AI generated Tech Resume
We use cookies on our website to provide you with a more personalized digital experience. To learn more about how we use cookies and how you can change your cookie settings, please refer to our Privacy Policy and Terms and Conditions.