HuntDash - malwarebytes

Target Policy

https://hackerone.com/malwarebytes?type=team

Structured Scope

Asset Identifier

Asset Type

Max Severity
Malwarebytes for Windows

Advanced antivirus and anti-malware with faster, safer web browsing.

* Product page: https://www.malwarebytes.com/premium
* Documentation: https://support.malwarebytes.com/hc/en-us/categories/360002458014-Malwarebytes-for-Windows

DOWNLOADABLE_EXECUTABLES

critical
www.malwarebytes.com

URL

critical
http://*.mbamupdates.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
http://*.cloud.malwarebytes.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
http://*.mwbsys.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
http://*.malwarebytes.com

Domains supporting many Malwarebytes services and products.

Exclusions:

* academy.malwarebytes.com

WILDCARD

critical
http://*.mb-cosmos.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
http://*.mwb-threatintel.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
Malwarebytes Privacy (VPN)

With a single click, our next-generation VPN helps protect your online privacy, secures your WiFi connection, and delivers speeds way faster than older VPNs.

* Product page: https://www.malwarebytes.com/vpn
* Documentation: https://support.malwarebytes.com/hc/en-us/categories/360003545953-Malwarebytes-Privacy

**Note**:
The standalone VPN (Win/macOS) is no longer supported, VPN features are now available in the Desktop Security application.

OTHER

medium
Malwarebytes Incident Response

Malwarebytes Incident Response is the trusted standard in automated endpoint remediation. The solution bolsters your enterprise cyber resilience and incident response process by compressing response times with fast and complete remediation.

* Product page: https://www.malwarebytes.com/business/incident-response
* Documentation: https://www.malwarebytes.com/business/incident-response

DOWNLOADABLE_EXECUTABLES

critical
Malwarebytes Anti-Ransomware

DOWNLOADABLE_EXECUTABLES

none
*.threatdown.com

WILDCARD

critical
cloud.malwarebytes.com

Platform that support most of Malwarebytes for business products.

* Product page: https://cloud.malwarebytes.com
* Documentation: https://www.malwarebytes.com/business/cloud

URL

critical
Malwarebytes Windows Firewall Control

Windows Firewall Control is a powerful tool which extends the functionality of Windows Firewall and provides new extra features which makes Windows Firewall better. It runs in the system tray and allows the user to control the native firewall easily without having to waste time by navigating to the specific part of the firewall.

* Product page: https://www.binisoft.org/wfc
* Documentation: https://www.binisoft.org/pdf/guides/Malwarebytes-WFC-User-Guide.pdf

DOWNLOADABLE_EXECUTABLES

medium
my.malwarebytes.com

Portal to manage your subscriptions and billing.

* Documentation: https://support.malwarebytes.com/hc/en-us/categories/360002458094-My-Account-Billing

URL

critical
Malwarebytes Support Tool (MBST)

The Support Tool troubleshoots and repairs issues with Malwarebytes Desktop Security for Windows devices.
Product page: https://help.malwarebytes.com/hc/en-us/articles/31589431159579-Repair-Desktop-Security-with-the-Support-Tool

DOWNLOADABLE_EXECUTABLES

critical
Malwarebytes Endpoint Protection

Comprehensive security that keeps your devices safe and teams productive.

* Product page: https://www.malwarebytes.com/business/endpoint-protection / https://www.malwarebytes.com/business/endpoint-protection/server-security

OTHER

critical
oneview.malwarebytes.com

The Malwarebytes OneView multi-tenant dashboard enables you to grow revenue while lowering costs with a single pane of glass to centrally manage customer and partner accounts, cloud subscriptions for servers and workstations, invoicing, and integrations. The admin console provides direct linkage to the Malwarebytes internal team for rapid creation and resolution of support tickets.

* Product page: https://www.malwarebytes.com/partners/managed-service-providers
* Documentation: https://service.malwarebytes.com/hc/en-us/categories/4413802057491-OneView

URL

critical
Malwarebytes Device Control

Advanced antivirus and anti-malware with faster, safer web browsing.

* Product page: https://www.malwarebytes.com/business/cloud
* Documentation: https://service.malwarebytes.com/hc/en-us/articles/4417282329491-Device-Control-in-Malwarebytes-Nebula

OTHER

critical
*.cloud.malwarebytes.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
Malwarebytes ToolSet (MBTS)

Advanced antivirus and anti-malware with faster, safer web browsing.

* Product page: https://www.malwarebytes.com/techbench
* Documentation: https://service.malwarebytes.com/hc/en-us/categories/4413802057875-Toolset

DOWNLOADABLE_EXECUTABLES

critical
*.mwbsys.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
BrowserGuard (Firefox/Chrome/Safari browser extension)

Malwarebytes Browser Guard crushes unwanted and unsafe content, giving you a safer and faster browsing experience. Not only that, it is the world’s first browser extension that can identify and stop tech support scams.

* Product page: https://www.malwarebytes.com/browserguard
* Documentation: https://support.malwarebytes.com/hc/en-us/categories/360002468293-Malwarebytes-Browser-Guard

OTHER

critical
AdwCleaner

AdwCleaner is the world’s most popular adware cleaner finds and removes unwanted programs and junkware so your online experience stays optimal and hassle-free.

Product page: https://www.malwarebytes.com/adwcleaner

Documentation:
https://help.malwarebytes.com/hc/en-us/categories/31589180730139-AdwCleaner

DOWNLOADABLE_EXECUTABLES

critical
Any other Malwarebytes asset

Please use this category to report vulnerabilities in any other assets not listed in other categories.

Note: Due to the broad scope of this category, eligibility and rewards will decided on the case-by-case basis.

OTHER

critical
*.malwarebytes.com

Domains supporting many Malwarebytes services and products.

Exclusions:

* academy.malwarebytes.com

WILDCARD

critical
Malwarebytes Anti-Exploit

Standalone Anti-Exploit, for Windows.

* Product page: https://forums.malwarebytes.com/forum/126-anti-exploit-beta/
* Documentation: https://support.malwarebytes.com/hc/en-us/sections/4416574256915-Malwarebytes-Anti-Exploit-for-Windows

DOWNLOADABLE_EXECUTABLES

medium
org.malwarebytes.antimalware

Advanced antivirus and anti-malware with faster, safer web browsing.

* Product page: https://www.malwarebytes.com/android / https://www.malwarebytes.com/chromebook
* Documentation: https://support.malwarebytes.com/hc/en-us/categories/360002458034-Malwarebytes-for-Android-Chrome-OS

GOOGLE_PLAY_APP_ID

critical
Malwarebytes Endpoint Detection and Response (EDR)

Cross-platform threat prevention and remediation for Windows, Mac, and Linux

* Product page: https://www.malwarebytes.com/business/edr / https://www.malwarebytes.com/business/edr/server-security/

OTHER

critical
Malwarebytes Remediation for CrowdStrike

Malwarebytes Remediation for CrowdStrike works seamlessly with CrowdStrike Real Time Response (RTR) functionality. It provides automated remediation that thoroughly removes malware on machines where CrowdStrike Falcon has stopped an attack.

* Product page: https://www.malwarebytes.com/business/crowdstrike
* Documentation: https://service.malwarebytes.com/hc/en-us/articles/4413798516627-Malwarebytes-Remediation-for-CrowdStrike-integration-guide

DOWNLOADABLE_EXECUTABLES

critical
Malwarebytes for Teams

Advanced antivirus and anti-malware with faster, safer web browsing.

* Product page: https://www.malwarebytes.com/business/teams
* Documentation: https://service.malwarebytes.com/hc/en-us/categories/4414671777043-For-Teams

DOWNLOADABLE_EXECUTABLES

critical
Vulnerability & Patch Management

Understand risks quickly and strengthen defenses across your digital ecosystem with modules for our cloud-based security management platform.

* Product page: https://www.malwarebytes.com/business/vulnerability-patch-management
* Documentation: https://www.malwarebytes.com/business/vulnerability-patch-management

OTHER

critical
Malwarebytes for Mac

Advanced antivirus and anti-malware with faster, safer web browsing.

* Product page: https://www.malwarebytes.com/mac
* Documentation: https://support.malwarebytes.com/hc/en-us/categories/360002468253-Malwarebytes-for-Mac

DOWNLOADABLE_EXECUTABLES

critical
*.mwb-threatintel.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
*.mb-cosmos.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical
com.malwarebytes.Malwarebytes

Get all the extra iOS security you need in one app. Protect yourself from online threats and put a stop to annoying spam calls and texts. Browse the web with confidence and focus on the messages that matter.

* Product page: https://www.malwarebytes.com/ios
* Appstore: https://apps.apple.com/us/app/malwarebytes-mobile-security/id1327105431
* Documentation: https://support.malwarebytes.com/hc/en-us/categories/360002468273-Malwarebytes-for-iOS

APPLE_STORE_APP_ID

critical
*.cyrus-security.com

WILDCARD

critical
*.mbamupdates.com

Domains supporting many Malwarebytes services and products.

WILDCARD

critical

Target Scope Domains

cloud.malwarebytes.com
cyrus-security.com
malwarebytes.com
mb-cosmos.com
mbamupdates.com
mwb-threatintel.com
mwbsys.com
my.malwarebytes.com
oneview.malwarebytes.com
threatdown.com
www.malwarebytes.com

Tech Stack

Last Finished Scan:

Scan Name

Fleet

Finished

State

auto-gausubs-2-kor

allkxss

1 week, 1 day ago

Finished

auto-gausubs-2-kor

Fleet: allkxss
Duration: 25 Seconds
Finished: 1 week, 1 day ago

Malwarebytes HackerOne

Target Policy

Structured Scope

Asset Identifier

Asset Type

Max Severity

Target Scope Domains

Tech Stack

Last Finished Scan: