Bug Bounty is not only about finding bugs, it about making the Internet as a secured space & getting paid for that. A bug Bounty Hunter is a hacker who finds vulnerabilities in the Software & websites.

Anyone with high coding skills & interest can be a Bug bounty hunter irrespective of age. The most important thing you should maintain is to keep on learning and practicing.

Bug Bounty Hunting : Make Money by Finding Bugs

Are you new? Doesn’t matter. Everything has a starting a starting point & this may be that point to you.

How to Start your career as Bug Bounty Hunter?

Bug bounty hunting is all related to security, ethical hacking. You not only need to know web development but also you should have a good understanding of Protocols like IP, Http, TCP etc.

That is where you start your career as Bug Bounty hunter.

Reading & Practicing

There are some Go-to books to start Bug Bounty for learning penetration testing & bug bounty. Bug bounties often target websites, so let’s start with web hacking & later we will branch out.

Web Application hackers hand book

OWA SP Testing Guide

Penetration testing

The Hacker playbook 2: Practical Guide to penetration testing

The Tangled web: A Guide for Securing Web Applications

The Mobile Application hacker’s Handbook

IOS Application Security

There are some Blogs which concentrates on Bug Bounty. They Blog about the issues they found & will be helpful as a  great resourse for insights to find types of Bugs.

hacker One

BugCrowd

Egor Homakov

Bitquark

Neal Poole

Behrouz Sadeghipour

Stephen Sclafani

Christian Lopez

Josip Franjkovi

Oliver Beg

Take a Bug bounty challenge with friend

One of the best ways to learn anything is learning with the compitition. If you have another geeky friend, combine with him and learn Bug bounty. Start finding bugs with compitition to him. This process will enhance your spirit & also helps to learn fastly.

Mostly, you feel the bugs you found are too minor & think they will not be appreaciated by the companies. So you will never publish such bugs. But when you are in a challenge you will try your most to publish even the bug is a minor one, which is totally good way.

Most of the successfull bug bounty hunters stated that, when they are in the beginning, the most important and hardest stage in bug bounty process is submiting them passing through shy and inferiority.

Read Write-up’s & POC’s ( Proof of Concepts )

Knowing what other people are finding in the wild & how they are doing, helps to get you into the process. Luckily, the people in the community are too happy to share their process with us in multiple platforms.

I collected some list of write-up’s from sucessfully bug bounty hunters

Join  in the community

People in the community are happy to share their experiences and concepts with others. & here are some places where most of them submit their write-up’s etc.

White-hat hackers on twitter.

Bug crowd IRC channel.

Bug crowd in twitter

Join in bug crowd forum

Bug crowd & hacker one are some famous websites, you need to follow

Tools that helps you in bug bounty game

Tools itself don’t make the hacker, but they help a lot & make the work easier if you are in the field of bug bounty.

Here is an exclusive list made in bug crowd forum by samhouston.

Tools listed in Bugcrowd forum.

Things to learn before starting your career as Bug bounty hunter

At this point, you know the community, tools, books & resourses to read. Now you need the process of how to find bugs & submit them.

To find a bug, first you need to approach the target.

This is the best answer I found in the BugCrowd forum.

Other important resources, you should check,

Here is an article from techjini which helps you to create a Proof of concept which clients like.

Here is an article from cobalt which helps you to write a great vulnerability report

A document from Bugcrowd that explains the process of how to report a bug to your client.

 

 

Ravi Teja KNTS
I am Admin of Student Companion & I am too much passionate about Film Making & Blogging. I started Student Companion to help others to start Blogging & make living.
Ravi Teja KNTS on EmailRavi Teja KNTS on FacebookRavi Teja KNTS on GoogleRavi Teja KNTS on LinkedinRavi Teja KNTS on PinterestRavi Teja KNTS on Twitter

What's Your Opinion

Close Menu