Resources for Security Testing @ Shopify

This repo contains resources meant to help researchers with security testing on Shopify, associated with our public bug bounty program on HackerOne. To get started, please make sure you read and understand our program page!

Currently Available Resources:

• CVSS Calculator
• CVSS Scoring Guide
• Intro to GraphQL Testing
• Permission Overrides

Product & Engineering Updates:

• Shopify Change Log
• Partners Blog
• Engineering Blog

Contact:

To report vulnerabilities, please submit to our bug bounty program on HackerOne as linked above. For questions about rules or program scope, you can reach out to us at [email protected].