.png)
4 months ago
33 BOOK THIS SPACE FOR AD
ARTICLE AD
Hi, Ajak Amico’s welcome back to another blog. Today, I will share the personal mistakes I made when I started my bug bounty journey so that you can avoid them. And start your journey with full confidence. Before starting, if you haven’t subscribed to our channel, do subscribe, guys.
Follow our Youtube Channel: @ajakcybersecurity
Follow on Instagram: @ajakcybersecurity
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
This is the first basic mistake people make as a beginner. When I started my journey, I used to see lots of people getting bounties from top MNCs. and that was the time where I didn’t even had one hall of fame in my pocket. The key point here is if you compare yourself with other security researchers, you will lose confidence, and your motivation to do bug bounty will be low. Trust me bounties take time. The only thing you need to ask yourself every day is, did I Learned something new today eg, reading blogs, watch POC’s
2) NOT Getting proper resources to learn
When you start your journey, you will need a mentor and sources such as live classes or any online courses. The mistake I made here was buying many courses from udemy without any reviews and leaving them half-baked. What you need to do here is research and find one perfect course, In your mother tongue language, so that you won’t face any language barrier, but always remember, no online courses are worth above 10K INR, unless it is a certification, so be mindful with course budget also, and for mentor no need of any worries, you can simply ping any researchers from Twitter or Instagram they would definitely help you.
3) Not sticking with One program
This was the worst mistake I made as a beginner, When I started my journey, I simply go into Hackerone program, check any random features on a website and jump to other programs one by one. This will make you hell-depressed here. The psychology here is you have digged all the programs, but not even one simple bug you have found, trust me, this feeling will make you mad. Later I stuck with one VDP program that made bounties, and I was one of the top security researchers in the panel.
4) No proper checklist and Recon methodology.
If you are a beginner, just take a web application penetration testing checklist from GitHub and follow that checklist because chances you can miss some important flaws and methods. This is the same case with recon also, there are N number of tools out there for bug bounty, you can’t rely on all, but still, there are some basics recon methodology where every researchers do, like subdomains, URL gathering and many more, I would recommend you to watch a youtube video for this, once you are good with that basic recon, go ahead with open source tools and add it your recon checklist.
Conclusion:
So, this was the basic mistake I made in my journey, yet only through experience you will learn a lot. Always remember HOF is bit easy, but bounties will be a bit hard, especially if you are a beginner, all you need to do is learn and practice consistently and have a bit of patience, Victory will be yours! I hope you would have learned some information from this blog if so, kindly press that follow button for further updates. Best wishes from Ajak Cybersecurity. ❤️
“கற்றவை பற்றவை🔥”
Learn Everyday, Happy Hacking 😁🙌
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Follow our Youtube Channel: @ajakcybersecurity
Follow on Instagram: @ajakcybersecurity
Bengali (Bangladesh) · 
English (United States) ·