As a bug bounty hunter myself, I value the work of security researchers. If you have found a vulnerability in our website or product please let us know. I am committed to working with you to verify, reproduce and fix the issue. We do not offer rewards of any kind.
Fuzz Stati0n runs on AWS as an Amazon Machine Image (AMI) - our customers have complete control over (and are responsible for) the security of their AWS instances. We recommend following Amazon's security practices when securing an instance running Fuzz Stati0n. This includes security group configuration and limiting the inbound IP addresses/ranges that can access the instance.
Please send vulnerability reports (including an issue description and steps to reproduce) to: firstname.lastname@example.org -
David Moore, CEO / Founder