ManPython
diff --git a/‎docs/hackers/images/retest-findings-form.png
121 KB b/‎docs/hackers/images/retest-findings-form.png
121 KB
diff --git a/‎docs/hackers/images/retest-invitation-email.png
46.1 KB b/‎docs/hackers/images/retest-invitation-email.png
46.1 KB
diff --git a/‎docs/hackers/retesting.md
Lines changed: 36 additions & 26 deletions b/‎docs/hackers/retesting.md
Lines changed: 36 additions & 26 deletions
@@ -4,46 +4,56 @@ path: "/hackers/retesting.html"
 id: "hackers/retesting"
 ---
 
-As programs receive vulnerability reports and work on deploying fixes, they need proof that their vulnerabilities have actually been fixed. Asking hackers to verify whether a vulnerability has been fixed is a good way to secure the protection of data. Programs can elect to invite you and other hackers to retest your vulnerabilities to verify fixes.  
+As programs receive vulnerability reports and work on deploying fixes, they need proof that their vulnerabilities have actually been fixed. Retesting enables programs to ask hackers to verify whether a vulnerability has been fixed in order to secure the protection of their data. If you submit a valid vulnerability report, programs can elect to invite you to retest the vulnerability to verify the fixes.
 
-><i>There’s currently no effect to reputation for participating in the retest. Although there’s no time limit, we recommend you to complete the retest within 24 hours after accepting the invitation.</i>
+Upon successful completion of a retest, you’ll receive $50 in bounty as well as +2 reputation.
 
-If you’re invited to retest a vulnerability, you’ll receive an invitation in your email to retest the report.
+### How it works
 
-![retesting-1](./images/retesting_update_2.png)
+If you’ve submitted a valid vulnerability for a report, the program can request to have you retest the vulnerability to make sure it’s been fixed.
 
-If you're the original reporter of the report, you'll also receive an email asking you to participate in retesting your report.
+If you’re invited to retest the vulnerability, you’ll receive a notification in your email to retest the report.
 
-![retesting email for original reporter](./images/retesting-6.png)
+![retest hacker invitation email](./images/retest-invitation-email.png)
 
 To participate in the retest:
-1. Click <b>View retest invitation</b> in your email.
-2. <b>Accept</b> or <b>Reject</b> your invitation for retesting. <i>Note: The invitation is only valid for 24 hours.</i>
 
-![retesting invitation](./images/retesting-2b.png)
+1. Click **View retest** in your notification email.
+2. Check to see that the vulnerability has been fixed.
+3. Submit your findings in the **Retest findings** form at the bottom of the report. The form consists of these fields:
+     * Are you able to reproduce the vulnerability report?
+     * Please provide us with a short summary of how you retested the vulnerability and upload any attachments of your validations.
 
-3. Familiarize yourself with the contents of the report and check to see that the vulnerability has been fixed.
-4. Click the <b>answer these questions</b> link in the report banner or just scroll to the bottom of the report to access the questionnaire.
+![retest form](./images/retest-findings-form.png)
 
-![retesting-2](./images/retesting_update_3.png)
+4. Click **Submit**.
 
-5. Answer these questions in the questionnaire:
-   * Are you able to reproduce the vulnerability?
-   * Are you able to identify a bypass to the fix?
+The program can either approve or reject your results. If they choose to:
 
-![retesting questionnaire](./images/retesting_update_1.png)
+Action | Scenario | Details
+------ | -------- | -------
+**Approve and resolve** the retest | You say the vulnerability is fixed. | You’ll be awarded a $50 bounty. <br><br>The report will close and will be marked as *Resolved*.
+**Reject** the retest | You say the vulnerability is fixed. | The program will provide you with a summary explaining why they’ve rejected the retest. They can choose to request another retest for the vulnerability. <br><br>The status of the report will be changed to Triaged. the report will be changed to *Triaged*.
+**Approve** the retest | You say the vulnerability is not fixed. | You’ll be awarded a $50 bounty. <br><br>The report will move back to *Triaged* and will stay open for the program to implement a fix.
+**Reject** the retest | You say the vulnerability is not fixed. | The program will provide you with a summary explaining why they’ve rejected the retest. The program can choose to request another retest for the report. <br><br>The status of the report will be changed to *Triaged*.
 
-6. Submit a new report if you found a new vulnerability by clicking on the <b>submit a new report</b> link, and enter the report ID number in the <b>Report ID</b> field.
+### Claiming Retest Opportunities
+If you’re not the original hacker, and the original hacker of the report chooses to reject the retest, you and other hackers can claim the retesting opportunities depending on your retesting rights.
 
-![retesting-4](./images/retesting-4b.png)
+If the program is:
 
-7. Provide a short summary of how you retested the vulnerability and upload any attachments of your validations.
+Program Type | Details
+------------ | --------
+Private | If you’re part of the private program offering retests, you can find and claim the retesting opportunities under **Hacker Dashboard > Retesting**.
+Public | You’ll be able to claim retests for programs where you submitted at least 1 valid vulnerability (the report is resolved or triaged) under **Hacker Dashboard > Retesting**.
 
-![retesting summary and attachments example](./images/retesting-5c.png)
+To claim a retest:
+1. Go to **Hacker Dashboard > Retesting**.
+2. Click **Claim retest** for the retest you’re interested in. Keep in mind that you can only claim and work on 1 retest at a time. Upon claiming a retest, you’ll have 24 hours to complete the retest.
+3. View steps 3 and 4 in the section above to complete the retest.
 
-8. Click <b>Submit</b>.
-9. Click <b>Yes!</b> to finalize your submission.
-
-![retesting-5](./images/retesting_update_4.png)
-
-Upon completion, you'll be awarded with a $50 bounty.
+### Managing and Viewing Retests
+You can keep track of all of your retesting work under Hacker Dashboard > Retesting. You’ll be able to:
+* Claim open retests
+* See which retest you need to complete and the time you have left to complete it.
+* View all of your completed retests