Sticky: "Help me find a security contact at XYZ company"

Have you struck out trying to connect with a contact at an organization to report a vulnerability, data leak, or other security problem?

Post a new thread in this channel starting with “CONTACT ASSISTANCE” and the folks who monitor this channel will try to assist.

Please include the following:

  • The name of the organization,
  • Brief description of what you need,
  • Any information on what you’ve tried so far.

In particular, before you post please make sure you’ve:

  • Checked for contact details via diodb, any security.txt listings that might exist, and on Bugcrowd/Hackerone/etc,
  • Attempted contact/conversation via the recommended channels if available.

This is a community service so please treat it with respect. Spamming, solicitation of services, and time-wasting will not be tolerated (or treated kindly).

Hi again, I hope the community could help me.

I need to report a vulnerability to

I tried to contact them by their website, but they don’t put it easy tbh.
DMed them in Twitter… no answer. Tagged them as well… Google dorked hoping they had a security email contact, but didn’t found anything as well.

I hope you can help me.


1 Like

Hey @d4rkhunt3r!

This is pretty lame by them :snail: if you know the specific part of the framework or application, you might be able to submit an issue on their GitHub, better yet, submit a PR.

Else, you will be able to find developers who work for Booking on their GitHub and DM them on twitter.

Since they’re a holiday/seasonal and highly covid affected enterprise/company, this should be an interesting exercise!

PS: logging the issue on GitHub is also proving that you are the person or team that identified the bug.

PPS: they’re nowhere to be found on diodb/program-list.json at master · disclose/diodb · GitHub
If you do end up getting in touch with them, it would be good to submit a PR back to the diodb program database so future bounty hunters don’t have to repeat the same process!

Let us know how you go please :slight_smile:

1 Like