How My Journey Started as a Bug Bounty Hunter

It’s an unpredictable journey, yet the discovery of one’s passion is fulfilling. My journey into the world of bug bounty hunting is a testament to this truth. I am a computer science student with no prior inclination toward cybersecurity. The elective subject that I took in my fifth semester was Ethical Hacking, which sparked a deep interest in the field and set me on the path I walk today.

The Beginning: Finding My Interest

While at my fifth semester of computer engineering, I selected as an elective subject Ethical Hacking. That was when my life changed in terms of direction. It was then that I opened my eyes through lectures on vulnerability assessment, penetration testing, and proper secure coding practices to the whole new world of cybersecurity. I was attracted by the idea of finding vulnerabilities no one knew existed and making the web a safer place.

Curiosity has pushed me beyond the classroom doors. I started finding tutorials online, watched YouTube videos, trying that Video methods in practical manners. It seemed interesting, so I thought that becoming a bug bounty hunter would be worthwhile; thus, I devoted myself to the cause.

The Turning Point: Enrolling in the DCjSP Course

In the hope of getting structured knowledge and some hands-on practice, I opted for the DCjSP course (a cybersecurity special program). The course changed everything for me. It was dealing with fundamental aspects, including:

· The web application vulnerabilities: SQL Injection, Cross-Site Scripting (XSS), and CSRF.

· Tools: SQLMap, Nmap, Burp Suite, and Wireshark.

· Methodology on responsible disclosure and reporting vulnerabilities.

The DCjSP program gave me hands-on knowledge to test real-world systems in controlled environments. Mentorship was very valuable, and it played a pivotal role in shaping my skills as a bug bounty hunter.

First Steps: The World of Bug Bounty Hunting

Being equipped with knowledge from the DCjSP course, I registered on HackerOne, Bugcrowd, and OpenBugBounty. My early days were really difficult. The steeper the curve, the stiffer the competition, which really intimidated me; but, persistence prevailed, and slowly and steadily I began with small steps, like targeting low-severity bugs, gradually moving towards critical vulnerabilities.

The successful reports were learning experiences, and acknowledgment from the companies boosts my morale. In due course of time, I became proficient in the following areas:

· OWASP Top 10 exploitation.

· Finding vulnerabilities in database using SQLmap.

· Using Burp Suite for finding backend vulnerabilities and server vulnerabilities on a website.

· Writing details and actionable proof-of-concept reports.

· Assistance to the security teams to correct the issues.

Challenges Along the Way

Breaking into the cybersecurity job market was another challenge. Although bug bounty hunting provided practical experience, getting a full-time role required a different approach. I targeted a software security internship, using my freelance bug bounty hunting background and academic knowledge.

I reached out to more than 60 companies, emailing HR departments and employees alike, depending on if I knew any there. LinkedIn was my gold, the place where I messaged many professionals, humbly requesting some of their referrals. Many were kind enough to offer assistance, but the timing isn’t always on your side; either there’s no space or it doesn’t even line up with the given position.

Despite facing the rejection, I did not give up. Each “NO” taught me resilience and perfected my approach.

Landing Opportunities

Months of effort finally bore fruit. I landed an internship in cybersecurity, where I could apply my bug bounty skills in a professional setting. The process of landing this opportunity was not straightforward — it was a journey filled with uncertainty and countless hours of effort.

I prepared quite thoroughly for interviews by reviewing the core concepts of cybersecurity, brushing up on my programming languages, and practicing mock interviews. Freelance bug bounty experience helped to set me apart, as it shows practical skills and a proactive attitude. Also, I have made sure to tailor my applications so that each role would know exactly what kind of unique skills I could bring into the company.

Networking was also crucial. Connecting with industry professionals on LinkedIn, participation in cybersecurity communities, and attending webinars have helped me keep up to date and visible within the field. These connections not only provided referrals but also valuable advice on how to approach job applications and interviews.

Ultimately, my determination and willingness to learn paid off. The internship allowed me to work with professional experts, participate in real-world security projects, and hone my skills further. It was a validation of the hard work and resilience I had put into my journey.

Key Takeaways from My Journey

In a nutshell, my journey has been a roller-coaster ride that has been full of learning experiences and with growth-a roller-coaster ride.

Passion leads to success: One can discover their passion from anywhere. For me, it was an elective subject.

Don’t ever stop learning: You can bridge that gap from being curious to an expert by self-learning and taking structured courses like DCjSP.

Resilience is the key: Job hunt is hard, but perseverance always pays off.

Networking matters: Building connections genuinely on LinkedIn will open doors you never knew existed.

Conclusion: A journey worth sharing.

I started from being a curious student, then a passionate bug bounty hunter, and finally making it to the professional ranks within cybersecurity. My journey was challenging yet rewarding simultaneously. It would do you good to remind yourselves that if you are a student or an aspiring professional in cybersecurity, it is alright to have setbacks as long as you move forward.

The cybersecurity domain calls for passionate and committed people eager to create differences. In short, endless opportunities are before anyone who wishes to take on the journey.

Let us talk and share our experiences as we forge an even better safe digital world together.