Reading Bug Bounty Scopes and Rules
Interpret program scope, exclusions, safe harbor clauses, and what constitutes out-of-scope testing.
Understanding Program Scope
Program scope defines exactly what assets are authorized for testing. In-scope typically lists specific domains, subdomains, IP ranges, or mobile app package names. Testing anything outside scope — even if related — is unauthorized and potentially illegal.
Types of Scope Definitions
Wildcard scope (*.example.com) includes all subdomains. Explicit lists name specific domains (api.example.com, app.example.com). Some programs use ASN-based scope covering all IPs in a company's autonomous system number — the broadest authorization possible.
All lessons in this course
- Reading Bug Bounty Scopes and Rules
- Writing High-Quality Bug Reports
- Vulnerability Chaining for Higher Impact
- Ethics, Responsible Disclosure, and Legal Considerations