1 12




                                          Other (Out of Scope)



                                                            Vulnerabilities





            We've covered a lot about what you should look forbthe structure of vulnerabilities, and
            how to test for them in both programmatic and manual ways.

            It seems unimportant to talk about what you shouldn't look forbif you don't care about it,
            you'll just ignore it, right? But there are several common findings and false positives that
            you'll see being spit out by scanners, passive analysis tools, extensions, and command-line
            logs again and again. It's useful to have an idea of what vulnerabilities companies are not
            interested in so that you can both avoid wasting your time submitting doomed bug reports
            and configure your tools to report less noise to you in the first place.
            The common theme for most of the vulnerabilities we'll cover here are that they don't have
            a clear path to exploitation. They either only affect the attacker, require other (more serious)
            vulnerabilities to be present before they can be exploited, or in the case of leaked
            information, don't give an attacker any actionable information.

            This chapter will cover what vulnerabilities companies often exclude from bug bounty
            programs, including how they work and why they're often not covered, and some of the
            common themes in what excludes a bug from reward consideration.



            Technical Requirements

            Since we'll mostly be discussing and using examples of vulnerabilities that you need to
            exclude from your workflow, we'll be able to get by with just our browser (Chrome
            version              ).