Min Doktor aims to keep its service safe for everyone, and data security is of utmost priority. If you are a security researcher and have discovered what might be a security vulnerability within our service, we appreciate your help in disclosing it to us in a responsible manner and welcome your assistance. Min Doktor will engage with security researchers when vulnerabilities are reported to us in accordance with this responsible disclosure policy. We will validate, respond and fix vulnerabilities in accordance with our commitment to security and privacy. We won’t take legal action against or suspend or terminate access to those who discover and report security vulnerabilities in accordance with this policy.
You may test only against your own account but we have a penetration testing environment and prefer if you use it. The information around this environment is found within our HackerOne profile. In no event are you permitted to access, download or modify data residing in any other account or that does not belong to you or attempt to do any of the foregoing. You are also prohibited from:
We only accept bugs through our HackerOne program which is currently private. Only vulnerabilities submitted there will be eligible for a reward. We reward the first reporter with a clear written report containing a proof of concept.
Please email us at firstname.lastname@example.org with from email address associated with your HackerOne profile, and you will be added to our program. From there you can securely report any findings.
We look forward to your work and wish you happy hunting.