HackenProof Blog / For Hackers / [New Bug Bounty] AAX Has Launched Bug Bounty With Up to $1500 Reward Per Critical Vulnerability

[New Bug Bounty] AAX Has Launched Bug Bounty With Up to $1500 Reward Per Critical Vulnerability

Meet AAX

AAX is a digital asset exchange with features like:

  • spot trading
  • futures trading battle
  • P2P trading
  • deposit & staking
  • launchpad

Check Out The Rewards

If you find a vulnerability according to the bounty rules, AAX will reward you:

  • Critical: $1000 – $1500
  • High: $500 – $900
  • Medium: $200 – $300
  • Low: $50 – $100

Join The Bounty Hunt

There are 4 targets to scope:

  • website
  • API
  • iOS app
  • Android app

Make sure your reports contain info about these incidents:

  • Business logic issues
  • Payments manipulation
  • Remote code execution (RCE)
  • Injection vulnerabilities (SQL, XXE)
  • File inclusions (Local & Remote)
  • Access Control Issues (IDOR, Privilege Escalation, etc)
  • Leakage of sensitive information
  • Server-Side Request Forgery (SSRF)
  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)
  • Directory traversal
  • Other vulnerability with a clear potential loss

To increase your chances of finding a critical bug, read AAX API documentation here.

Once you’re ready, click here to join the bounty hunt!