Security/BugBountyOnramp/AMO

From MozillaWiki
Jump to: navigation, search

Bugzilla Web Bug Bounty Program Documentation

addons.mozilla.org Bug Bounty Onramp

Production Site

addon.mozilla.org
addons.mozilla.org
blocklist.addons.mozilla.org
builder.addons.mozilla.org
controller-review.apk.firefox.com
controller.apk.firefox.com
services.addons.mozilla.org
static.addons.mozilla.net
versioncheck-bg.addons.mozilla.org
versioncheck.addons.mozilla.org

Notes
Wiki Page https://wiki.mozilla.org/Webdev/GetInvolved/addons.mozilla.org

https://wiki.mozilla.org/AMO
https://wiki.mozilla.org/Services/Sync/Addon_Sync
https://wiki.mozilla.org/AMO:Developers
https://wiki.mozilla.org/Add-ons/Contribute/AMO/Code
https://wiki.mozilla.org/Add-ons/Contribute

Source https://github.com/mozilla/addons-server

nginx config
amo validator

Documentation https://github.com/mozilla/addons-server/tree/master/docs
Mailing List List URLs here
Bugzilla bugzilla.mozilla.org records for amo containing wsec- keywords
Blog posts Example
Threat model Example
Frameworks Example
Libraries Example
Other Resources Confidential Internal Mozilla Security Bug - Risk Record/RRA


Mozilla Services:

Component name Description Documentation
Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link


External Services:

Component name Description Documentation
Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Example Example Bugzilla Link:

CVE: cvedetails.com?name=val
Docs: https://website.bla/?zyx=321
Docker File: https://website.bla/zyx321
Security Review: internal link

Similar products

Name Description Links
Example Example Project Home: www.bar.foo.com

CVE: cvedetails.com?name=val
Other links:

Example Example Project Home: www.bar.foo.com

CVE: cvedetails.com?name=val
Other links:

Example Example Project Home: www.bar.foo.com

CVE: cvedetails.com?name=val
Other links:

Example Example Project Home: www.bar.foo.com

CVE: cvedetails.com?name=val
Other links:

Testing Resources

Tools/Toolchains https://wiki.mozilla.org/Security/TestingToolchains/WebApps/
Checklists https://wiki.mozilla.org/Security/TestingToolchains/WebApps/
Articles Example
Videos Example
Other Links Example