Bug Bounty Program by IEMLabs

Hunt for bugs in our system and get awarded with Hall of Fame’s and Exciting Rewards

About the Program

Bug Bounty Program by IEMLabs is an initiative to encourage young talents in the field on Cyber Security to find out and report critical vulnerabilities. We invite all Ethical Hackers and Cyber Security Professionals to participate in our Bug Bounty Program and raise the standard of the Cyber Security industry. A researcher who successfully finds and report vulnerability will be awarded with “Hall of Fame Certificate” and “Exciting Goodies” from IEMLabs.

Scope Area's

In Scope

    1. Remote Code Execution (RCE)
    2. Web Shell Injection
    3. Different types of Injections (SQLi, XSS, XXE, OS command, LDAP etc.)
    4. Security Misconfiguration
    5. Sensitive Data Exposure
    6. Components with Known Vulnerabilities
    7. Authentication bypass
    8. Insecure direct object references

Out of Scope

    1. Reflected Cross Site Scripting (Self Xss)
    2. Descriptive error messages (e.g. stack traces, application or server errors).
    3. Misconfigured or lack of SPF records
    4. Out of date software versions
    5. Content Spoofing
    6. Vulnerabilities that are limited to unsupported browsers will not be accepted. Exploit must work at least on > IE 8.
    7. .htaccess downloadable file without a real security misconfiguration that can have security impact Login page or one of our websites over HTTP.
    8. Clickjacking or any issue exploitable through clickjacking Vulnerabilities in our 3rd party partners source code on which we don’t have any control regarding the fix. This vulnerability should be directly reported to the 3rd party host (e.g. Hubspot).
    9. Lack of Secure and HTTP Only flags.
    10. Weak SSL related issues
    11. Username / Email enumeration
    12. Cross Origin Resource Sharing (CORS) issues without a working Proof of Concept (POC)
    13. Denial of Services (DOS)
    14. Social Engineering Attacks
    15. Cross Site Request Forgery (CSRF) in Contact form
    16. Parameter Tampering in Payment Gateway

Submission Form

Responsible Security Disclosure

Abdessamad Lahlali – January, 2021

Foysal Ahmed Fahim – February, 2021

Our Certifications

Collaboration | ISO | IEMLabs

Our Accreditation

Collaboration | EC Council | IEMLabs

Our Memberships

Collaboration | Nasscom | IEMLabs
DSCI Logo | IEMLabs
ICC Logo | IEMLabs
US Chamber of Commerce Logo
CII Logo | IEMLabs
Public Relations Society of India

Important Links

Activity Corner

Visit us

Copyright © IEMLabs, All rights Reserved. Design by Elementor | Developed by IEMLabs

Terms & Condition

Privacy Policy

Facebook
Linkedin
Youtube
Whatsapp
Instagram
Twitter

Get In touch to Get Free Demo

We are available 24 * 7, Contact Us and Avail Exciting Discount Offers

WhatsApp Now