Getting Started with Bug Bounty
Bug Bounty
How to get started in Bug bounty is a common question nowadays. If you think you will become successful overnight or over the week or a month, this is not a field you should join. Doing bug bounties are very competitive, it might take a year at least to do good in bug bounty.
Do not expect someone will spoon feed you everything.
Well i'm not an experienced hunter, i'm also a beginner in this field. My main motive of this blog is to share my learning paths.
You should have a basic understanding of how things work on the internet, and still there are many more things to learn. I'm listing few important topics below :
HTTP -- TCP/IP Model
Linux -- CLI
Web Application Technologies
Networking Basics
Learning Basics of HTML, PHP, JavaScript, SQL.
The list never ends it all depends upon your interest.
Choosing a path in bug bounty field is very important, it totally depends upon the person's interest but i prefer web application security testing because according to me it is the easiest one.
1. Web Application Security Testing
2. Mobile Application Security Testing (Android/IOS)
But not limited to these two it totally depends upon your interest.
Bug Bounty Platforms:
1. Bugcrowd
2. Hackerone
3. Synack
4. Intigriti
5. Safehats
Resources :
Books:
>Web Application Hacker's Handbook
>The Hacker Playbook 1, 2, and 3
>The Mobile Application Hacker's Handbook
>Mastering Modern Web Penetration Testing
In addition to these books, i'll suggest you to read and understand OWASP Testing Guide & OWASP Top 10 Vulnerabilities. owasp.org
YouTube Channels:
Blogs/Write-ups You Should Follow:
Twitter # tag you should follow:
#bugbounty
#bugbountytips
#infosec
#togetherwehitharder
Bug Bounty Tools you should Master:
Burp Suite
Open Vas
Metasploit
Nmap
Scrappy
John The Ripper
Wfuzz
Zaproxy
Still there are many tools but these are the mainly used tools.
Labs To Practice Legally:
Damn Vulnerable Web Application
Bug Bounty field is a very competitive and you should also take care about your physical and mental health. If you get duplicates then don't get demotivated just keep on trying. "Every expert was once a beginner".
Don't tell yourself you'll hack tomorrow or the day after,
Don't put it off until "you're ready", you"ll never be 100% ready!
Don't try and learn everything you think you need to learn.
HACK TODAY!
(Dupes are bugs too, if you find a dupe you found a bug)
Post a Comment
16 Comments
Superb bro
ReplyDelete😽 nice post
ReplyDeleteThanks buddy
DeleteContent 👌
ReplyDeleteThanks bro😊
DeleteVery nice content
ReplyDeleteThanks buddy
DeleteSuper ❣️
ReplyDeleteThanks bro ✌️
DeleteSuper bro
ReplyDelete😘😘
ReplyDeleteThanks bro☺️
DeleteKnowledgeable content keep it up 👍🏻 bro..
ReplyDeleteThanks bro🖤
DeleteGud....one broo quite interesting topic....
ReplyDelete😊
Delete