VRP Programme

Hey, We are inviting all hackers and Cybersecurity Researchers to test their skills and let us know any potential bug or vulnerability in the website. There are a few guidelines you need to keep in mind before doing any testing.

This is to inform that we have set up a separate platform for all testing purposes and you can access it at https://expertsmmpanel.life This is similar to the TheCyberAgents platform and whatever bugs you will find there will be applicable here itself, but we strongly prefer to find and test your skills on the demo platform and report it to us privately by mail at security@thecyberagents.com

Out of scope

Any client sites or services hosted by 3rd party providers and services are excluded from scope.

In the interest of the safety of our users, staff, the Internet at large and you as a security researcher, the following test types are excluded from scope:

Findings from physical testing such as office access (e.g. open doors, tailgating)
Findings derived primarily from social engineering (e.g. phishing, vishing)
Findings from applications or systems not listed in the ‘Scope’ section
UI and UX bugs and spelling mistakes
Resource Exhaustion Attacks
Network-level Denial of Service (DoS/DDoS) vulnerabilities
You do not exfiltrate any data under any circumstances
You do not intentionally compromise the privacy or safety of TheCyberAgents personnel or any third parties
SPF/DMARC related issues.
Host Header Injection without any exploitable scenario.
Self XSS

In-Scope Targets

1. *.expertsmmpanel.life
2. TheCyberAgents Android App (https://play.google.com/store/apps/details?id=in.techagents.cyberagents.app)