exinity-bug-bounty-program

YesWeHackView on YesWeHack

RawAI Enhanced

18

In Scope

6

Out of Scope

In-Scope Assets (18)

Asset	Category	Bounty	Quick Links
https://api.boxwind.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://api.trade.alpari.com/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://api.trade.fxtm.com/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://app.nemo.money	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://app.nemo.money/nemoai	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://apps.apple.com/ae/app/alpari-trading-app/id6740474696	IOS	Yes	-
https://apps.apple.com/ae/app/invest-trade-nemo-money/id6478511610	IOS	Yes	-
https://apps.apple.com/au/app/fxtm-trading-app/id6738046376	IOS	Yes	-
https://boxwind.com/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://buzz.nemo.money/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://my.boxwind.com/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://nemo.money/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://play.google.com/store/apps/details?id=com.exinity.alpari	ANDROID	Yes	Play Store APKPure APKMirror
https://play.google.com/store/apps/details?id=com.exinity.fxtm	ANDROID	Yes	Play Store APKPure APKMirror
https://play.google.com/store/apps/details?id=com.exinity.nemo	ANDROID	Yes	Play Store APKPure APKMirror
https://trade.alpari.com/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://trade.boxwind.com/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://trade.fxtm.com/	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Out-of-Scope Assets (6)

Asset	Category	Bounty
Any findings obtained via unethical research practices, including spam, denial-of-service, social engineering, brute force, physical access.	OTHER	Yes
Any services or applications not explicitly listed in the program scope.	OTHER	Yes
Any vulnerability detected by automated scanner.	OTHER	Yes
Any vulnerability discovered on third-party services: KYC providers, email services etc.	OTHER	Yes
Any vulnerability without working PoC or demonstrated impact on Exinity-owned/controlled assets.	OTHER	Yes
Exceptions: CRITICAL vulnerabilities discovered on Exinity-owned/controlled assets outside the defined program scope may be reported. Abuse of this exception through low-quality or non-critical out-of-scope findings may result in removal from the program.	OTHER	Yes