Bug Bounties

Twitter

Powered by: 

Allows bounty splitting: 

Average time to first program response: 8

Average time to bounty awarded null: 379

Average time to report resolved: 748

Handle twitter

Managed program: false

Name: Twitter

Offers bounties: true

Offers swag: false

Response efficiency percentage: 99

Submission state: open

Url: https://hackerone.com/twitter

Website: https://twitter.com

In scope:

  • Asset identifier: *.twimg.com
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: medium
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: *.twitter.com
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: *.vine.co
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: com.atebits.Tweetie2
  • Asset type: APPLE_STORE_APP_ID
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: com.twitter.android
  • Asset type: GOOGLE_PLAY_APP_ID
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: gnip.com
  • Asset type: URL
  • Availability requirement: 
  • Confidentiality requirement: 
  • Eligible for bounty: true
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: 
  • Max severity: critical



  • Asset identifier: t.co
  • Asset type: URL
  • Availability requirement: low
  • Confidentiality requirement: none
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction:  We are already working on fixing issues with our t.co service, and are not accepting reports regarding this behavior at this time.
  • Integrity requirements: low
  • Max severity: medium



  • Asset identifier: twitterflightschool.com
  • Asset type: URL
  • Availability requirement: low
  • Confidentiality requirement: low
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: 
  • Integrity requirements: low
  • Max severity: medium