What price to choose?

L

LorDo2014-11-22 15:28:03

Android

LorDo, 2014-11-22 15:28:03

Hello, such a question, there is a certain commercial application on android that I managed to hack, after which one of the organizers of the application suggested that I find all the existing vulnerabilities of the application and provide them to them for a certain amount, which I myself must name. A month is given for work, I have never worked in this format, I'm wondering how much would you charge for such work?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

V

Vadim Kyssa, 2014-11-22
@cissav

It all depends on how difficult the task is. If many people can do this, then in principle there is no point in asking a lot for such work, since they will not give it.
To begin with, when evaluating, you can proceed from the time that you spend during the month to identify all the vulnerabilities of the application. The amount can be slightly increased if you feel that the app developers will bargain :)

R

Ruslan, 2014-11-22
@buttersmai

I advise you to look at competitions from large / well-known companies (Yandex, Telegram, and so on), where they offer developers to find vulnerabilities within the framework of the competition. In my opinion, there are amounts of about $ 500-1000. But it all depends on the customer, the application, and the customer's risk in case the application is hacked. If the application is commercial, then it is connected with the profit of the organizers. If it is hacked, they may lose their profits for a while. If there is an assumption of how much they may lose, then you can figure out how much to take for such work.