.png)
4 years ago
206 BOOK THIS SPACE FOR AD
ARTICLE AD
FOR BUG HUNTERS
I joined Twitter this year, to expand my knowledge and to keep myself updated on bug hunting related news, and this is my small first contribution to you.
Letting you know what to expect, and make maximum use of what bug bounty twitter has to offer.
Plot: I hope, that after reading this article, you save some of your time and energy, and help others do so as well.
I have mentioned some general rules for efficiency. And using twitter in general to find helpful resources.
Here we begin…
Twitter Explore:-
Twitter Explore :- Use Twitter search bar to find stuff like “search=XSS/ or RCE/ or cve-1234–1234/or people like @nnwakelam”, and read the search results. you will find a lot of not so useful tweets, chit chats etc…just keep scrolling until you find something related to what you are looking for.
There are few categories of people I have seen and noticed on Twitter:-
Security ResearchersTool makers, bug bounty hunters, bloggers, quick tip guys and genuinely nice helpful people.Here are some of them:-
@filedescriptor@jobertabma@zseano@brutelogic@s0md3v@ADITYASHENDE17@0xpatrik@securinti@samwcyo@nnwakelam@infosec_au@ngalongc@HusseiN98D@Alra3ees@EdOverflow@NahamSec@tomnomnom@albinowax@Agarri_FR@orange_836@kinugawamasatothey are nice people, we have a lot in common
Other helpful pages on twitter:-
@PortSwiggerRes@disclosedh1I have tried to keep this list clean and small as possible. If i haven’t mentioned someone, It is simply because i don’t know them yet.
then there are:-
those who don’t help much.Take note and avoid them…
These don’t help much:-
People who tweet all their pets, travels and personal life, they mix their personal and professional life on a single twitter account.Excited people
who share half of the bug bounty part “$$$”.(which i appreciate though, but some don’t).
People, who are in the motivation, inspiration and advertising business.Appreciators and Retweeters:- They thank and congratulate people for anything and everything.Those who consume the most, and earn the most, from other peoples works, but contribute excuses for not contributing.
If someone asks you, how do you travel around the world, how is answering — by learning to swim, or by learning to fly, or by learning to walk of any help. I mean knowing the right direction is a thing you know.
Making your timeline:-
Try to follow least no of people, keep your timeline clean so that you have more time to consume. less is good.Following malwares, kamkars and other out of scope people, when you are searching for bug bounty things will rarely be productive.look for following new people “Pros rarely remember what it’s like to be a beginner”.Check at least 10–15 tweets before following anyone, see if they have posted anything useful.
DMing and @ing.
If you decide to ask:-
Don’t ask an obvious question, like how to bug bounty/hack,If you are a complete beginner, Here are a few links that might answer some of your questions:-
JobertAbma’s:- Quora
This blog by @KHIZER_JAVED47:- https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/
A very well written online book by carlos polop:- Pentesting Methodology
Securityidiots.com:- I don’t know who they are.
2. Be direct and ask whatever you want to ask, be specific and tell them what have you done and what you expect to happen.
3. Make sure to google the person you are DMing or @ing. See if they haven’t answered your questions already somewhere on youtube, blogs, or twitter. Scroll down upto the start of their twitter timeline.
4. Wait a few days, or a week, before DMing someone again, they might just be busy/unavailable or have other priorities.
5. If for some reasons they don’t reply at all,
move on, ask others, or try to find out yourself.
If you choose to answer:-
Don’t assume someone hasn’t googled already just because it’s an obvious or simple question, they might have already been through a lot of unuseful blogs and articles that google has to offer, and couldn’t find anything good, or specific.Or maybe they really cant’t figure out where to look and even what to look. Finding quality resources for learning to hack is very frustrating, not to mention time consuming. Try to guide them in the right direction, a little kickstart rarely gets unappreciated.I understand you had to waste a lot of your time, when you were learning, but does it mean everyone else should learn the same way, does it?
**I have tried to keep this article, straight forward, honest and transparent as i have experienced it with time, with a hope that it reaches and helps that one person who needs it.
_________________________________________________________________
Alright, You were reading an article on using bug bounty twitter in a productive way.
Now go save some of your time that is worth saving.
I would leave you with this quote :-
If we knew what it was we were doing, it would not be called research, would it?
___by That famous dude
Alright then,
Thanks, for reading this Best of Luck and Good Bye.
I am hero.
Bengali (Bangladesh) · 
English (United States) ·