Bug Bounty Isn’t A Scam Here’s Why

I see a lot of misinformation going around these days that “Bug Bounty is a scam” and that “These influencers are just being paid to promote these platforms”. While this may be true on the promoting part, this is no different than any other content creators getting brand deals and is very common online these days. At the same time it doesn’t mean there aren’t scams being promoted out there but Bug Bounty isn’t a “scam”.

We all start from nothing, we all don’t have knowledge when we are born. We gain knowledge as we get older and wiser. The important thing to take from this blog is that there is no “magic button” to life and everything requires hard work and dedication along with some focus.

While it may be frustrating to spend hours, days, months even sometimes years looking for vulnerabilities on a company and not come up with any results, its important to understand that even the top hackers in the world where at your level at one point.

What I have noticed lately especially post pandemic is a lot of newer hackers joining the world of hacking and IT. This is great but a lot of them want to skip the basics and fundamentals of computers and networking and go straight into advanced techniques/topics.

Maybe they saw Nahamsec or Stok on YouTube, or maybe Networkchuck or Linus Tech Tips and maybe even came across a great video by John Hammond. These channels are good to start off with but in no means are the end all be all especially when it comes to actually taking action and learning on your own.

What you actually need to do is put in the work on learning and practicing instead of diving right in. Sign up for some CTF’s (Capture The Flag programs) which offer some great real life examples that will help you learn skills you can use in the real world. Follow blogs/content creators social media’s that post free information especially ones that post tutorials or proof of concepts.

Don’t focus on the monetary value. I really wish people would stop putting “I made $$$ from this report” or “This vulnerability paid me $” in their blog title. Bug Bounty won’t replace your full time income right away. It’s not consistent especially for beginners. Things will get easier IF you put in the effort to always be learning.

I have been in IT for almost 5 years now professionally, I have been “tech savvy” for more than a couple decades now. We preach “always be learning” in this field because technology changes and updates rapidly. If you don’t ask questions and don’t do your own research you will fall behind fast. Things will get frustrating and you will want to give up.

To end off on that note this field/industry takes time to master, have some patients. Don’t be afraid to search on your own. If you fail, start over again and keep going. No one will do everything for you. You are your only motivator.

Thanks for reading my blog. Follow me for future blog post.