LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Getting started in bug bounty

3 years ago 221
BOOK THIS SPACE FOR AD
ARTICLE AD

Xcheater

Getting started in bug bounty

Hey, Amazing Hackers!

So for today, I am going to talk about How you guys can learn bug bounty, so let’s start !!

What is Bug Bounty?

Basically, a bug bounty program offers Ethical hackers to find security weaknesses on web applications, Mobile applications, and other platforms. For that, they will offer good bounties in return for the vulnerability, the hacker has reported as per the impact and type of vulnerability.

Before diving into bug bounty, you have to fulfill some basic requirement:-

LinuxBasics networkingGood understanding of Web applicationA little bit of programming (optional )

From where you can learn bug bounty:-

Portswigger academyHackerOne’s hactivityTryhackme web-based CTF (capture the flag )EJPT free content ( Register here and go for free materials )Medium bug bounty writeups

Some books which will help you in this journey:-

The web application hackers handbookWeb hacking 101OWASP testing GuideMobile Application Hackers HandbookMastering Modern Web Penetration Testing

Some Youtube channel recommended:-

NahamsecXssratInsiderphdHackersploitThe cyber MentorHacksplainedjohn HammondSTOK

Best Bug bounty program platforms:-

HackeroneBugcrowdintigriti

Things you should keep in your mind:-

Don’t focus on the automation part, always try to learn the manual approach.Don’t hunt just for money, first focus on learning.Try to understand the basic usages before exploiting or testing any platform.There is no shortcut for anything, so be patience while facing duplicates/Not applicable or not getting bugs.Read lots of Bug bounty writeups & hacktivity reports and try to find some type of bugs on any other targets.play CTFs related to web-based vulnerabilities and try to implement the same on your real targets.Believe in research and developmentuse Twitter for following lots of security guys who use to share really good content over there.Give your time and your hard work, which will pay you back.Don’t hesitate while asking or sharing resources with other community members.Learn & do practice

Hope this is useful for you guys

Happy Hacking !

Read Entire Article
  3. Getting started in bug bounty

Related

Week 1

Week 1

21.2 Lab: Forced OAuth profile linking | 2024

21.2 Lab: Forced OAuth profile linking | 2024

Unintended File Downloads in Remote Desktop Environments: A Security Vulnerability

Unintended File Downloads in Remote Desktop Environments: A Security Vulnerability

Story of Hall of Fame in Red Hat Linux

Story of Hall of Fame in Red Hat Linux

RCE Through Account Takeover

RCE Through Account Takeover

Root user account takeover via SQL Injection

Root user account takeover via SQL Injection

Trending

1. AP polling percentage
2. PSG
3. GT बनाम KKR
4. AIIMS
5. BJP
6. Election Results 2024
7. Mumbai Weather
8. Announced
9. Election
10. Swati Maliwal

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved