Sunday, August 23, 2020

How Do I Get Started With Bug Bounty ?

How do I get started with bug bounty hunting? How do I improve my skills?



These are some simple steps that every bug bounty hunter can use to get started and improve their skills:

Learn to make it; then break it!
A major chunk of the hacker's mindset consists of wanting to learn more. In order to really exploit issues and discover further potential vulnerabilities, hackers are encouraged to learn to build what they are targeting. By doing this, there is a greater likelihood that hacker will understand the component being targeted and where most issues appear. For example, when people ask me how to take over a sub-domain, I make sure they understand the Domain Name System (DNS) first and let them set up their own website to play around attempting to "claim" that domain.

Read books. Lots of books.
One way to get better is by reading fellow hunters' and hackers' write-ups. Follow /r/netsec and Twitter for fantastic write-ups ranging from a variety of security-related topics that will not only motivate you but help you improve. For a list of good books to read, please refer to "What books should I read?".

Join discussions and ask questions.
As you may be aware, the information security community is full of interesting discussions ranging from breaches to surveillance, and further. The bug bounty community consists of hunters, security analysts, and platform staff helping one and another get better at what they do. There are two very popular bug bounty forums: Bug Bounty Forum and Bug Bounty World.

Participate in open source projects; learn to code.
Go to https://github.com/explore or https://gitlab.com/explore/projects and pick a project to contribute to. By doing so you will improve your general coding and communication skills. On top of that, read https://learnpythonthehardway.org/ and https://linuxjourney.com/.

Help others. If you can teach it, you have mastered it.
Once you discover something new and believe others would benefit from learning about your discovery, publish a write-up about it. Not only will you help others, you will learn to really master the topic because you can actually explain it properly.

Smile when you get feedback and use it to your advantage.
The bug bounty community is full of people wanting to help others so do not be surprised if someone gives you some constructive feedback about your work. Learn from your mistakes and in doing so use it to your advantage. I have a little physical notebook where I keep track of the little things that I learnt during the day and the feedback that people gave me.


Learn to approach a target.
The first step when approaching a target is always going to be reconnaissance — preliminary gathering of information about the target. If the target is a web application, start by browsing around like a normal user and get to know the website's purpose. Then you can start enumerating endpoints such as sub-domains, ports and web paths.

A woodsman was once asked, "What would you do if you had just five minutes to chop down a tree?" He answered, "I would spend the first two and a half minutes sharpening my axe."
As you progress, you will start to notice patterns and find yourself refining your hunting methodology. You will probably also start automating a lot of the repetitive tasks.

More articles


  1. Hacker Tools Software
  2. Hacking Tools Online
  3. Hacker Tools Mac
  4. Hacker Hardware Tools
  5. Hacking Tools Online
  6. Hackrf Tools
  7. Pentest Tools Website
  8. Tools 4 Hack
  9. Pentest Tools Alternative
  10. Hacking Tools Free Download
  11. Tools For Hacker
  12. Hacker Tools Free Download
  13. Pentest Tools Bluekeep
  14. Hacker Tools Windows
  15. Hacking Tools For Kali Linux
  16. Hack Rom Tools
  17. Hacking Apps
  18. Nsa Hack Tools
  19. Hack Tools For Ubuntu
  20. Hacker Tool Kit
  21. Pentest Tools Find Subdomains
  22. Hacking Tools And Software
  23. Hacking Tools For Mac
  24. Hacker Tools For Mac
  25. Hack Tools For Ubuntu
  26. Underground Hacker Sites
  27. Hacker Security Tools
  28. Hacking Tools For Games
  29. Github Hacking Tools
  30. Pentest Tools Subdomain
  31. Nsa Hack Tools Download
  32. Nsa Hack Tools Download
  33. Hack Tools
  34. Pentest Reporting Tools
  35. Pentest Tools For Ubuntu
  36. Hacking Tools Hardware
  37. Pentest Tools Subdomain
  38. Free Pentest Tools For Windows
  39. Hack App
  40. Hackers Toolbox
  41. Hacking Tools Windows 10
  42. Nsa Hack Tools Download
  43. Hacking Tools
  44. Hack Tools For Mac
  45. Nsa Hack Tools Download
  46. Hacking Tools For Mac
  47. Usb Pentest Tools
  48. Hacking Tools For Pc
  49. Tools For Hacker
  50. How To Hack
  51. Hacking Tools And Software
  52. Hacker Tools For Mac
  53. Pentest Tools
  54. Pentest Tools
  55. Hak5 Tools
  56. Hacker Tools For Windows
  57. Hacking Tools Windows 10
  58. Hacking Tools Mac
  59. How To Install Pentest Tools In Ubuntu
  60. Pentest Reporting Tools
  61. Hacker Search Tools
  62. Hack And Tools
  63. Pentest Tools Framework
  64. Pentest Tools
  65. Hacker Tool Kit
  66. Pentest Tools Apk
  67. Pentest Tools Tcp Port Scanner
  68. How To Install Pentest Tools In Ubuntu
  69. Pentest Tools Android
  70. Top Pentest Tools
  71. Black Hat Hacker Tools
  72. Hacker Tools Free
  73. Hacker Search Tools
  74. How To Hack
  75. Android Hack Tools Github
  76. Pentest Tools For Mac
  77. Hacker Tool Kit
  78. Hacker Security Tools
  79. Hacking Tools Kit
  80. Easy Hack Tools
  81. Beginner Hacker Tools
  82. Pentest Tools Alternative
  83. Hacker Tools For Pc
  84. Blackhat Hacker Tools
  85. Pentest Tools Framework
  86. Hacker Tools
  87. Hacking Tools Github
  88. Hacking Tools Kit
  89. Tools 4 Hack
  90. Best Hacking Tools 2019
  91. Pentest Tools Bluekeep
  92. Hacking Tools For Windows Free Download
  93. Hack App
  94. Kik Hack Tools
  95. Hacks And Tools
  96. Hacker Tools Software
  97. Hack Tools Download
  98. Hacker Tool Kit
  99. Bluetooth Hacking Tools Kali
  100. Pentest Tools Android
  101. Pentest Tools For Windows
  102. Hacker Tool Kit
  103. Hacker Tools For Mac
  104. Hacking Tools For Games
  105. Hacking Tools Github
  106. Hacking Tools Free Download
  107. Hacking Tools For Pc
  108. Hack Tools For Pc
  109. Install Pentest Tools Ubuntu
  110. Hacker Tools Mac
  111. Hacker Hardware Tools
  112. Hack Tools Github
  113. Hacker Tools Software
  114. World No 1 Hacker Software
  115. Hacker
  116. Pentest Tools Port Scanner
  117. How To Hack
  118. Hacker Tools Mac
  119. Hacker Tools
  120. Pentest Tools Find Subdomains
  121. Pentest Tools Bluekeep
  122. Hak5 Tools
  123. New Hacker Tools
  124. Hacker Security Tools
  125. Best Hacking Tools 2020
  126. Pentest Recon Tools
  127. How To Make Hacking Tools
  128. Hacker Tools Apk Download
  129. Hacking Tools
  130. Pentest Tools Download
  131. Underground Hacker Sites
  132. Hack And Tools
  133. Hack Tools For Windows
  134. Pentest Tools Kali Linux
  135. Hacker
  136. Best Hacking Tools 2019
  137. What Are Hacking Tools
  138. Hacker Tools Github
  139. Hacking Tools Kit
  140. Hack Tools Online
  141. What Is Hacking Tools
  142. Best Hacking Tools 2019
  143. Pentest Tools Download
  144. Best Pentesting Tools 2018
  145. Black Hat Hacker Tools
  146. Free Pentest Tools For Windows
  147. Pentest Box Tools Download
  148. Pentest Tools Apk
  149. Kik Hack Tools
  150. Hacker Security Tools
  151. Pentest Tools Review
  152. Hacking Tools Github
  153. Pentest Tools Open Source
  154. Pentest Tools Apk
  155. What Are Hacking Tools
  156. Pentest Tools For Mac
  157. Hack Rom Tools
  158. Pentest Tools For Mac
  159. Pentest Tools Subdomain
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)