1IMPROVING YOUR REPORTSdiscoverySection

Welcome to Bug Hunter University

Here you'll find all you need to sharpen your ability, whether you’re an advanced hunter or just starting out.
2showTargets

Target recommendations

Our suggested bug targets and where to start hunting them.

3improveReports

Master your reporting

Reports that clearly and concisely identify the affected component, present a well-developed attack scenario, and include clear reproduction steps are quicker to triage and more likely to be prioritized correctly.

4

Invalid reports

Approximately 90% of the submissions we receive through our vulnerability reporting form are ultimately deemed to have little or no practical significance to product security and are thus invalid and do not qualify for a reward. In the spirit of openness, we have published a group of articles outlining some of the most common non-qualifying report types, with a brief explanation of our reasoning behind not treating them as a security risk.

5

Rewarded reports

Explore thousands of successful submissions and see what makes a reward-worthy report.

6

report a bug

Found something? Report it here

PRESENTATIONS

Pick up tips and tricks from the Google security team.