Origin Energy

  • $50 – $2,500 per vulnerability
  • Safe harbor

Discontinue use of scanners on Origin Energy

Hi researchers,

This is a friendly reminder that automated scanners is prohibited on this program. Custom scripts and fuzzing tools are still permitted, but if using them, please keep your traffic to six requests per second or less. As state in the brief, be sure they are not configured to submit any type of forms.

Please note that they may block your traffic if you are detected neglecting to adhere to these rules. Additionally, it’s worth noting that the client already runs automated scans from Acunetix, Zap, Nessus, et al., against the in-scope targets – so using these tools is likely of minimal utility to researchers. As such, please avoid using them unless for targeted, specific testing, and then only at less than six requests per second. Thanks!

If you have any questions, please reach out to support@bugcrowd.com for any clarification on why scanners are no longer allowed.