Formatting Your Report                                                     Chapter 10

            GitHub

            GitHub's bug bounty page (IUUQT   CPVOUZ HJUIVC DPN ) not only features the
            leaderboard for all the security researchers who have participated in its program,
            displaying the username, profile picture, and Twitter handle of the contributor, it also gives
            you some basic information about the bugs they've discoveredbtheir category, subtype,
            and a high-level explanatory paragraph about where the vulnerability was discovered and
            its impacted services:





























            As valuable as these reports are, though, they don't feature the technical detail (code
            snippets, screenshots, and relevant file attachments) that the previous two collections of
            vulnerability reports typically show.



















                                                    [ 170 ]