Disposable mail Crowdsource – Not Your Average Bug Bounty Platform – 10 minute mail

How does Disposable mail Crowdsource get the most skilled ethical hackers of the world to come together and have as broad an impact as possible? The answer – a bug bounty program, but not in the traditional way.

I am Carolin Solskär, Disposable mail Crowdsource Community Manager and I work closely with our ethical hackers to make sure we maintain an awesome experience for all our members with the shared goal to make the Internet more secure. Let’s talk about how Disposable mail Crowdsource is not your average bug bounty platform:

Ethical hackers founded Disposable mail. They built the company on the simple idea that the Internet is broken and that there should be a product to help fix it. This is not an easy mission, and our founders realized that their brainpower was not enough. They needed to involve more people, but could not hire all of them, so they turned to the power of the crowd.

If you find a security bug that impacts hundreds of companies, how would you go about reporting it to every single one?

In your bug bounty efforts, you may stumble upon a finding with a footprint more extensive than just the current asset. It’s something more systemic and may apply to other targets as well, including ones that you cannot legally test on. What would you do?

First, you would begin with finding out whether they have a Responsible Disclosure or a Bug Bounty Program before you run tests. Then for every vulnerable instance, you will need to make an individual report and submit them separately. This part can be extremely time consuming, and you will not reach all targets. Also, it is not likely to generate that much money for you, and the payout is not even always guaranteed.

In other words: this process is not scalable. If the desired outcome is to make the Internet safer, there needs to be a better way of distributing security knowledge.

“As a hacker, I’m a big fan of automation, and automation that periodically rewards you for your past research without lifting the same finger twice is amazing.” – eur0pa, member of Disposable mail Crowdsource

Disposable mail automates the knowledge of 200+ handpicked ethical hackers

As a hacker, you’re already familiar with different scripts and tools to help you with your recon work. Disposable mail automates the reporting of vulnerable instances to vendors on behalf of hackers. When you discover a vulnerability and submit a proof of concept to us, our security researchers will automate it using our sophisticated in-house scanning engines. Those scanning engines will find and validate that vulnerability across our broad range of customers. 

We make hacking scalable 

Disposable mail is not like other bug bounty platforms. Bug bounty programs have made collaborating with hackers more acceptable, but these only benefit one company at a time. Our approach is to source widely applicable research that can be automated to check our entire user base since there are similarities in the tech stacks. In turn, our hackers have a broader impact on Internet security.

Get a recurring reward

And perhaps the most differentiating factor; Disposable mail Crowdsource hackers get paid per hit as long as the module is live. This means that each time you submitted vulnerabilities appear in unique customer assets through Disposable mail services, you collect a bounty. You get a continuous flow of rewards for your work, rather than a one-time lump sum. The more widespread the vulnerability, the more companies you help, and the more money you will make.

“The best part of Disposable mail Crowdsource is that it’s like a passive income. You report one common vulnerability you’ve found and you could get hits on it for months to come” – Streaak, member of Disposable mail Crowdsource

The combo of automation and crowdsourced security will make the Internet safer

In the fingerprinting phase of scanning, we detect what technologies our customers run on their websites. Instead of holding onto this, we share this with our Crowdsource hackers so they can see what types of technology have more instances to check. 

We also guide researchers to submit specific vulnerabilities that we think will affect our users. It could be a vulnerability that we know exists but that we don’t have a proof of concept for, which is the case for some Common Vulnerability and Exposures (CVE). You don’t have to be the original researcher to submit something to the Crowdsource bug bounty program. If you stumble upon a vulnerability online, and we have yet to implement it, we will gladly accept a detailed and well-defined proof of concept.

Bug bounties aren’t just for bug bounty hunters

We are not only looking for full-time bug bounty hunters to join the community. Pentesters, security-interested developers, and security hobbyists are welcome as well. We need diverse skill sets in our network to have a significant impact.

So what are you waiting for? Take our challenge and find out if you got what it takes to join our mission of fixing the Internet! 

Apply to be a part of Disposable mail Crowdsource at https://cs.detectify.com/apply.

“To be honest, what I like the most is to see what modules other researchers are submitting. It pushes me to be a better researcher. For example, sometimes I see modules on frameworks that I’ve tested before. So seeing something new on it makes me think ‘how did I miss that? How could I have found that?’ And then I attempt to reproduce it.” – JR0ch17, member of Disposable mail Crowdsource 


Disposable mail collaborates with ethical hackers to crowdsource security research from the forefront of the industry, so you can check for 2000+ common vulnerabilities. Our testbed includes the OWASP Top 10, security misconfigurations and subdomain takeovers submitted by the Disposable mail Crowdsource community. Try or buy Disposable mail. Sign up today for a 14-day free trial.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Kristian Bremberg, Disposable mail Crowdsource community manager: “Crowdsourced security gives researchers freedom” – 10 minute mail

The Disposable mail Crowdsource platform allows security researchers to submit newly discovered exploits and incorporate them into Disposable mail’s automated security service. At the heart of the initiative is the community of skilled web security experts from across the globe. We have talked to our community manager Kristian Bremberg about his background, the art of building communities, and the power of the crowd.

Kristian Bremberg, Disposable mail Crowdsource

How did you get into web security?
I have always been interested in integrity and personal data. So many people are online nowadays that there is a natural link between integrity and web security. I eventually became active in the web security community, both on Twitter and on various forums. I established one of Sweden’s largest online communities for security researchers and arranged meetups that brought people closer together based on their joint interest in web security.

How did you come across Disposable mail?
I knew of Frans Rosén and other security experts, which is how I found out about Disposable mail. I thought it was an interesting product and I knew the people behind it were fantastic researchers. Over the years, I have followed the company’s development and security research content, and also contributed by writing technical guest blogs for Disposable mail Labs.

What is crowdsourced security?
Crowdsourced security gives researchers freedom. Instead of having to reach out to companies one by one, which involves figuring out who to contact and informing them about an exploit, they can submit a module to Disposable mail Crowdsource. As soon as their submission is processed, they  know that their contribution will make an impact and help secure hundreds of websites. Disposable mail doesn’t just publish the vulnerability, but does something bigger with it by incorporating it into the scanner.

Based on your experience from building a web security community, what have you learnt about maintaining a community that functions well?
Communication is vital! Being able to understand what works and what doesn’t for the community members. It’s really important to listen to them and show them that their voice is being heard.

What does your role as community manager entail?
My key task is to communicate with researchers, listen to them, and encourage them to share feedback and ideas. There is also a more technical side to the role as I will be the researchers’ point of contact for questions related to module submissions, prioritized technologies and proofs of concept. I think the role fits me really well because I am interested in security and have experience in a range of programming languages, but I am also very social and enjoy communicating.

How can we reach out to the best ethical hackers?
It’s all about involving key personalities that play an important role in the community.

What makes Disposable mail Crowdsource unique?
The personal contact we offer researchers. We already have some well-established security profiles contributing to Disposable mail Crowdsource and we are working closely with them to build a tight-knit community, take time to get to know every researcher, and maintain the personal communication. On top of that, the platform allows researchers to reach out to a wider audience because Disposable mail has a global customer base. This way, submitting an exploit can really make a difference.

How is Crowdsource going to change Disposable mail’s service?
It will definitely improve the scanner, the modules will be even better because they will be updated more frequently and will cover more programming languages and technologies. It will also make a difference for the community; ethical hackers will see Disposable mail in a new light, as a company that understands how they work, allows them to contribute to the tool and gives them better reach.

To find out more about Kristian’s work, follow him on Twitter @dotchloe. If you have any questions about Disposable mail Crowdsource, let us know at hello[at]detectify.com!


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

6 months after the launch of Disposable mail Crowdsource: What has happened so far? – 10 minute mail

Disposable mail Crowdsource was born almost 6 months ago, and a lot has happened since then. Kristian Bremberg, Community Manager, who spends his days coordinating almost 100 top-ranked ethical hackers and building their submissions into our scanner, has summarized the first 6 months with Disposable mail’s security platform Crowdsource.

Kristian Bremberg

Kristian Bremberg, Community Manager

What is Crowdsource?

Crowdsource is a security platform with ethical hackers from all over the world helping us make the Internet more secure. Only the most skilled hackers are invited to join the platform because we aim to make Crowdsource a tight-knit community that can really make a difference.

Crowdsource works just like a bug bounty program, but instead of submitting vulnerabilities on specific websites, we are interested in security issues that can affect many more websites. The submissions Disposable mail get from hackers are reviewed, and then implemented into Disposable mail’s scanner and tested on all our customers.

What have we found?

The scope is wide both when it comes to vulnerability types and software. Crowdsource submissions have generated more than 4000 hits, including vulnerabilities like remote code execution, SQL injection, cross site scripting, cross-site request forgery, open redirect and information disclosure.

We have received almost 200 submissions from the hackers in our platform, with a 75% accept rate*.

The majority of the submissions are WordPress vulnerabilities, followed by Joomla! vulnerabilities in 2nd place, Drupal (3rd) and Magento (4th). The most common vulnerability type submitted is XSS, followed by SQLi, Information Disclosures and RCE.

*Submissions that are verified as valid and implementable. Some are not implemented because they are duplicates, auto-patched or the software is removed (e.g WordPress plugins).

Who has joined Crowdsource?

Crowdsource researchers have their own unique style; some submit vulnerabilities affecting content management systems, some focus on misconfigurations and some on enterprise systems. We have spent a lot of time handpicking ethical hackers with a lot of potential and the right skillset. Email us if you are interested in joining, or check out this blog post where we have explained what we look for in a Disposable mail Crowdsource hacker.

Peter Jaric, Ethical hacker

Many of the security researchers wish to remain anonymous, but we got the chance to interview one of them: Meet the Hacker: Peter Jaric, Software Developer: “I got two board games for the first bug I reported”

You can also read a write-up by our 14-year old guest blogger and Disposable mail Crowdsource hacker Karim Rahal who discovered and reported a stored XSS vulnerability that affected over a million websites. Disposable mail was able to help Karim contact the developers behind the vulnerable plugin and the story was picked up by tech sites like The Next Web.

The next web Karim Rahal Disposable mail

The future of Crowdsource?

The future goal of Crowdsource is to build a healthy community where researchers with different focus and knowledge can make the internet more secure by sharing a wide range of different vulnerabilities.

As Crowdsource continues to grow, we aim to continue bringing in the best researchers in the world, and with their help build the most up-to-date security scanner in the world.

Interested in joining Disposable mail Crowdsource or have any questions about the initiative? Drop Kristian an email: hello [at] detectify.com


Utilize our hacker community to test your site – Sign up for  a free trial now!

Disposable mail Crowdsource approaches bug bounties in an innovative way, focusing on platforms instead of specific clients. When a researcher submits a vulnerability to us, we build a module for it and integrate it in the Disposable mail service. Run a scan with Disposable mail, and get direct access to a global competence pool of top ranked security researchers!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

How to become a Disposable mail Crowdsource hacker – 10 minute mail

Disposable mail Crowdsource is a platform where hackers can submit vulnerabilities in web applications. Their findings are reviewed by our security team, and built into our web security scanner so that our customers can test if they are vulnerable. For each unique hit we find on one of our customers’ websites, the hacker earns a bounty.

The platform has been running for more than 6 months, and during this time, hackers from all over the world have helped us make the Internet more secure. Since the platform’s launch, we have gotten a lot of interest from hackers around the world. With this article, we would like to shed some light on how you can get the most out of Crowdsource and what qualities we look for when we handpick hackers to join our invite-only program. Here’s how you can do good while making money!

The skillset of a Crowdsource hacker

Many hackers interested in joining Crowdsource ask us how they can earn money on the platform. Researchers get monetary rewards for each unique hit, which is why the most successful submissions are those that affect many systems and generate a high number of hits. Their popularity will increase the amount of hits, and the researcher gets a monetary reward for each unique target that is vulnerable.

Submissions with a high severity (SQLi, RCE, SSRF) will both earn many points on the leaderboard and generate hits faster while submissions with low or medium severity (XSS, CSRF, Open Redirect) often have a stable increase of hits over time. For example, one hacker submitted an open redirect in a very common Flash file. Because this Flash file was included in many content management systems, the vulnerability affected many of our customers which lead to a high bounty (over 1400 dollars in total) over a two weeks period.

Every Crowdsource hacker has a unique style and focus. All Crowdsource hackers have their own style and focus. Some prefer submitting vulnerabilities in common content management systems such as WordPress, Joomla and Drupal, while others prefer huge or small enterprise products like JetBrains and Solr. Some hackers focus on misconfigurations which can affect most systems regardless of which web application is used.

We see a wide range of both new and old techniques for finding and exploiting vulnerabilities. It can be a vulnerability with low severity where many sites are affected which will increase the amount of hits.

As you can see, Crowdsource offers plenty of opportunities to submit vulnerabilities with the potential to generate a lot of hits! It’s all up to the hacker which tactic that is preferred when submitting vulnerabilities to Crowdsource – however, we are mostly looking for hackers that are really knowledgeable in specific products and areas. Right now we are interested in Magento, WP, and .net/episerver researchers.

How to become a (good) Crowdsource hacker

Crowdsource invites hackers with a good reputation who follow responsible disclosure policies, which is why blackhat methods are not accepted because they do not follow a responsible disclosure policy. Once we have accepted the request you can go right ahead, create an account and start submitting vulnerabilities!

When you submit a vulnerability, you don’t need to write a highly detailed description; all we need are details showing how to exploit the vulnerability. If you submit a proof of concept, that’s even better! Before submitting a vulnerability you should make sure it’s not a duplicate. Take a look at the list of all modules so you don’t waste time submitting something that has already been submitted by someone else.

If you think you are the right person for Crowdsource, you can simply request an invite! You can do so by sending an email with a short introduction to [email protected]

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Disposable mail Crowdsource monthly recap | July 2017 – 10 minute mail

Disposable mail Crowdsource is our crowdsourced security initiative that allows us to implement white hacker knowledge into our service and work with the world’s best security researchers. Read our community manager Kristian Bremberg’s recap to find out what’s been going on in the Crowdsource community last month.

In July, Crowdsource has gotten many interesting submissions from hackers around the world, proving that hacking is in full swing even during the summer months.

From enterprise systems to content management platforms

This month’s submissions vary in severity and cover a wide range of technologies, including enterprise systems and consumer content management platforms.

Many of the submissions are vulnerabilities that affect WordPress plugins. However, we have also received submissions with a high severity (Remote Code Execution and SQL injection) affecting rather exotic systems. The variety in July’s submissions shows that we can find vulnerabilities in most systems thanks to the diverse skillsets of our Crowdsource hackers.

Over 800 hits

Crowdsource submissions are built into the Disposable mail service, allowing us to scan hundreds of websites for the submitted vulnerabilities. This way, researchers can extend their reach and make an impact with the help of automation while getting paid for every unique finding based on their submission.

Disposable mail Crowdsource total hits

Disposable mail Crowdsource | July 2017

In July, Crowdsource submissions generated over 800 hits on our customers’ sites, bringing the total number of hits since the platform’s launch to 5940. That’s 5940 vulnerabilities discovered by modules based on Crowdsource hackers’ security research, a number that continues to grow as our customers run Disposable mail scans on their web applications. White hat knowledge leveraged by the power of automation is a force to be reckoned with!

Crowdsource improvements

To make the Crowdsource experience better for our hackers, we have added several improvements to the platform, such as the frequently requested ability to stay anonymous on the leaderboard, and faster payouts via BugCrowd.

As Crowdsource continues to grow, Disposable mail security researcher Linus Särud will be joining the Crowdsource team. Linus has been working at Disposable mail for over 2 years years and will help us develop the platform so that our customers can access even more white hat hacker knowledge.

Stay tuned for next month’s Crowdsource update!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Improved finding details view and new Crowdsource tag – 10 minute mail

Findings are a key component of our service, which is why we decided the finding details view deserved a facelift. The improved finding details view offers more information about your findings as well as a brand new Crowdsource tag that shows you which modules were submitted to us by Disposable mail Crowdsource hackers.

What’s new?

Updated design

We have refreshed the look and feel of the finding details view, displaying the information you’re used to working with (such as Request and response headers, Details, and Resources) in a clear and structured way.

Threat score for every individual finding

The threat score that you probably recognise from your scan profile overview has now been added to the finding details for each individual finding. The score is based on the CVSS v2 scale and illustrates the severity of the finding, helping you structure your work with security and prioritise the most critical findings.

You can read more about interpreting the Disposable mail threat score here.

Crowdsource tag

Our ethical hacking platform Disposable mail Crowdsource allows us to work with some of the world’s best security researchers and we thought it only right to highlight their contribution to our service. This is now possible thanks to the new Crowdsource tag! If your finding was discovered by a module submitted to us by a Crowdsource hacker, you will see a purple “Crowdsource” tag in your finding details.

Do you have comments about our latest release or suggestions for a future update? Let us know!

Happy scanning!

The Disposable mail Team

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Disposable mail Crowdsource Monthly Recap | August 2017 Breaks New Records – 10 minute mail

Disposable mail Crowdsource is our crowdsourced security initiative that allows us to implement white-hat hacker knowledge into our service and work with 100+ of the world’s best ethical hackers. Read our community manager Kristian Bremberg’s recap to find out what’s been going on in the Crowdsource community the past month.

August marks the best month so far

In August, submissions from Disposable mail Crowdsource generated more than 1500 unique hits in total, which is a monthly all-time high! Security never sleeps, so a big thank you to all our Crowdsource hackers for submitting new vulnerabilities that helped secure our users.

Top finding: URL path traversal due to url-encoded slashes

Nearly half of the hits were generated by one single module: URL path traversal due to url-encoded slashes. The submission itself is not critical, but can easily be used together with other vulnerabilities, which could lead to severe consequences. The vulnerability relies within certain load balancers configuration, which makes it possible to append paths via path traversal so that data (such as tokens) in the URL can be leaked to an attacker’s website.

Severe Flash vulnerabilities

August was also the month of severe Flash vulnerabilities. A great deal of them were submitted to the platform, such as XSS vulnerabilities in bookContent.swf, ZeroClipboard.swf and Jplayer. This proves that Flash is a dying technology with increasing amount of vulnerabilities, and we hope that this trend keeps rising; more submissions for technologies that are disappearing from the Internet, such as Flash, Java and Silverlight.

This month’s CS Hacker: Evgeny Morozov

We would also like to thank Evgeny Morozov, a highly skilled hacker in Crowdsource, who found a vulnerability which made it possible to validate a domain in Disposable mail by using a DNS spoofing vulnerability.

For this, Evgeny earned a place in our Hall of Fame.

Big plans for the future

The team behind Disposable mail Crowdsource has planned the roadmap for the upcoming years. We aim to make Crowdsource the ultimate bug bounty experience, and have a lot of plans on how the platform should develop in the future. We believe in the idea to include real, top skilled hackers in building a security tool, which means its authentic white-hat knowledge that will make the Internet a more secure place.

We’re looking for more researchers

If you’re ready for a new challenge in your bug bounty life, we recommend you to try out Disposable mail Crowdsource. We are inviting the best hackers from all over the world to join our platform – and all competences are welcomed. With your unique way of hacking, you can both make the Internet a secure place while earning a bounty along the way! If you think you have what it takes, please write a short introduction to [email protected], and we will get back to you if your skillset is relevant for our platform.

Read more: How to become a Crowdsource hacker 
That’s all for now!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Disposable mail Crowdsource Monthly Recap | WordPress vulnerabilities galore – 10 minute mail

With over 1200 hits generated by Crowdsource submissions, September was our second best month so far. We have added many new vulnerabilities affecting WordPress, both core and plugins. A few of the plugins were used by a large amount of WordPress installs, as you can read in our article where we list all our newly added vulnerabilities. Many of these modules were submitted by this month’s hacker Yasin Soliman.

Crowdsource monthly recap - September

Improvements in the platform

New vulnerabilities are far from all that has happened in September. The platform and community have had a few big changes, and many of the improvements were based on the feedback we received from members of the Crowdsource community. We sent a survey to all invited researchers, and we want to thank everyone who took the time to answer it. The results showed us that we are focusing on the right things, and the platform will see a few major changes that our researchers will love. Stay tuned!

The first update we’ve released is that researchers from Crowdsource can now get a “fixed bounty” for their submissions. This means that the researcher will receive a fixed payout besides the regular payout per hit. We hope that this change will encourage researchers to submit modules of high quality that may not generate a lot of hits, but are equally important to us.

Top finding

In September, the top finding was an open redirect affecting the latest version of WordPress.

Hacker of the month

The Disposable mail Crowdsource hacker of the month is Yasin Soliman, a 17-year old UK based security researcher who submitted more than 25 valid modules to Crowdsource in September. We got the opportunity to interview Yasin about his participation in Crowdsource, security role models and his view on other bug bounty programs.

Guest Blog: Don’t Leave your Grid Wide Open

Our guest blogger and Disposable mail Crowdsource hacker Peter Jaric explains how Selenium Grid could be exploited to read files on the server.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

5 quick questions with this month’s no. 1 Crowdsource hacker – 10 minute mail

Md. Ishrat Shahriyar is a 25-year old ethical hacker and Computer Science graduate from Bangladesh whose Crowdsource submissions put him at the top of the leaderboard this month. We caught up with Ishrat to ask him a few quick questions about his background and his passion for security research.

5 quick questions with Crowdsource's no. 1 hacker

1. Tell us a little about yourself!
I am 25 years old and I have been enthusiastic about security since my university years. After graduation, I started working with Beetles Cyber Security Ltd, a Bangladeshi crowdsourced penetration testing startup.

2. What is the most common vulnerability you come across when doing bug hunting?
The most common vulnerability I find is XSS, which I love, as well as bypassing some tricky filtering issues.

3. How long have you been doing bug bounty hunting?
For about 3 years, I started back in 2014.

4. What are your favorite news sources for finding information about new vulnerabilities?
I tend to subscribe to most sites that publish new research and vulnerabilities and there are many. But the ones that stand out for me are:

5. What kind of vulnerabilities do you like to submit to Crowdsource?
I like to submit mostly issues in popular CMSes such as WordPress, Joomla, Drupal and Magento for performance-based recognition.

Are you an ethical hacker like Ishrat and would like to join Disposable mail Crowdsource? Check out our guide on becoming a Crowdsource hacker and get in touch at hello [at] detectify.com.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

One year of Disposable mail’s hacker network Crowdsource – 10 minute mail

A year ago, we launched our crowdsourced security community Disposable mail Crowdsource. It’s been a fantastic year filled with exciting security research that has attracted worldwide media attention, and our customers have experienced the benefits of scanning their websites for fresh vulnerabilities submitted by Crowdsource hackers from around the globe.

One year of ethical hacking

It all started with an idea that sounded really cool and was aligned with our vision to save the internet using white-hat hacker knowledge. Then, on November 10, 2016, came a platform together with invites sent out to a couple of security researchers. A year later, Crowdsource has over 100 members and provides valuable security research that helps protect our customers.

We have asked Crowdsource Community Manager Kristian Bremberg what the past year has been like: “It has been exciting to work with very skilled hackers. Seeing the community grow and develop into something researchers find very valuable feels like giving something back to the web app security and bug bounty community.”

Disposable mail’s Software Engineer Martina Janevska, who has been developing the platform from the earliest stages, explains what it was like to build Crowdsource from scratch: “It’s been inspiring! It’s really great when you know you’re working on something that has the potential to be of a great value for a lot of users. Also because you get to work with the best white hat hackers from all over the world. It’s great fun!”

The year in numbers

Disposable mail Crowdsource 1 year

One year of Disposable mail Crowdsource in numbers

With 345 submissions, 10 037 hits, and 128 security researchers, it’s been an exciting year! The most commonly submitted vulnerability was XSS, but the submissions covered a wide range of technologies, reflecting the hackers’ varied skillsets.

It is difficult to pick just one highlight of year, but our Community Manager Kristian Bremberg describes one that really stands out: “One of the best moments in Crowdsource was when one researcher earned over 2000$ in just little over one week for two submissions. It was really fun to see how big of an impact Crowdsource can have in a security researcher’s journey.”

Developing the platform

In combining bug bounties with automation, Disposable mail Crowdsource is the first platform of its kind. The submitted vulnerabilities are built into the Disposable mail scanner as automated modules that test the security of our customers’ web applications. This way, one submission can help secure hundreds of sites and maximize the impact of the hacker’s finding!

“Crowdsource has developed into a very unique bug bounty platform where hackers from all over the world with different areas of expertise submit their security research. This huge scope is extremely valuable as it allows our service to check for vulnerabilities in all kinds of technologies,” Community Manager Kristian Bremberg explains.

Kristian Bremberg

Kristian Bremberg, Community Manager

Throughout this year, we listened to Crowdsource hackers and their suggestions to develop a platform that suits their needs and fits into their bug bounty workflow. We would like to thank the community for a great year and all the feedback that has helped us shape Crowdsource!

An international community of white-hat hackers

Crowdsource hackers come from all over the world and have different approaches to ethical hacking. However, they all have one thing in common, Kristian Bremberg explains: “Everyone shares the goal of being part of the journey from finding a vulnerability and getting it fixed, and getting a financial reward for their work.”

While bringing white hat knowledge and automation together is the core of Crowdsource’s mission, we have also worked a lot with security awareness and sharing insights into the world of ethical hacking. We have interviewed hackers like Yasin Soliman and Peter Jaric, and published security write-ups written by Crowdsource hackers covering everything from hacking career sites to finding a stored XSS in a popular plugin.

To keep up with the latest news from Disposable mail Crowdsource, follow the Crowdsource section on our blog >>

The future is bright

After a successful first year, what does the future hold in store for Disposable mail Crowdsource? Kristian Bremberg explains that the platform will continue to grow as more researchers join the platform: “We aim to create the bug bounty platform the scene needs and we will do that by listening to our researchers and staying up-to-date with how the bug bounty scene develops.”

Kristian also points out that Crowdsource is unique, which makes the journey all the more exciting: “Crowdsource is not another bug bounty platform, it is a whole new way of researching vulnerabilities.”

It’s been an exciting year, but we’re only just getting started. Here’s to more ethical hacking, more hits, and more secure websites! Together we are working towards our vision of a more secure internet.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.