huntr

What is huntr?

huntr is the world’s first bug bounty platform specifically designed for AI and machine learning applications. It provides a centralized space for security researchers to submit vulnerabilities, ensuring the security and stability of AI/ML applications, including those built with Open Source Software (OSS).

What are the main features of huntr?

1. Vulnerability Disclosure: A streamlined process for submitting security vulnerabilities in AI/ML applications.

2. Bounty Rewards: Researchers can earn bounties for valid vulnerability submissions.

3. Transparency: The platform allows researchers to monitor the status of submitted reports and offers guidelines for maintaining secure libraries.

4. Wide Scope: Over 250 AI/ML repositories are covered, including popular frameworks like TensorFlow, PyTorch, and Hugging Face.

How to use huntr?

To use huntr, security researchers can:

1. Disclose: Find a vulnerability and submit it through a secure form on the huntr platform.

2. Validation: Stay updated as huntr validates the report and communicates with the relevant maintainers.

3. Reward: Receive a bounty for valid reports. Optionally, researchers may submit patches and earn additional rewards.

4. Publication: After a specified period, reports are made public, offering transparency and community awareness.

What is the pricing for huntr?

huntr operates on a bounty reward basis, meaning that the platform does not charge users for reporting vulnerabilities. Researchers earn $1500 for each valid report on various AI/ML repositories. This incentivizes active participation and contribution to securing AI technologies.

Helpful Tips for Using huntr

• Familiarize with Target Repositories: Knowing the vulnerabilities of over 250 AI/ML repositories can give you an edge in research.

• Stay Informed: Regularly check for updates on your submitted reports to respond promptly.

• Engage with the Community: Join discussions or forums related to huntr to enhance your understanding of AI/ML security.

Frequently Asked Questions

How do I submit a report on huntr?

To submit a report on huntr, fill out the secure submission form on the platform with details about the vulnerability you've discovered.

What happens after a report is submitted?

Once a report is submitted, huntr will validate the submission, contacting the maintainer for a response within a specified time frame.

How are researchers rewarded?

If a vulnerability is validated, the researcher will receive a bounty. If the maintainer patches the vulnerability, they may also receive a patch bounty.

Are reports made public?

Yes, reports are made public after 90 days unless a maintainer requests an extension. Invalid or informational reports may go public immediately.

Is my personal information safe on huntr?

Absolutely, huntr prioritizes user privacy and data protection. Users can delete their accounts at any time, removing all associated data.