By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
DIGITAL TRENDDIGITAL TREND
  • Tech Updates
  • Featured
  • Course
  • Tutorial
  • News
  • Technology
  • Mobiles
  • Spotrs
Search
© 2022 digitaltrend.in Company. All Rights Reserved.
Reading: How to Be Bug Bounty Hunters And started with Bug Bounty
Share
Notification Show More
Latest News
Samsung will put charger in the Galaxy S22 and Galaxy S21 FE box – DIGITALTREND
30/03/2023
WWDC 2023 starts on June 5 and may have announcement of Apple’s VR headset – DIGITALTREND
29/03/2023
WhatsApp tests 15 new time options for temporary messages – DIGITALTREND
29/03/2023
Motorola Edge 30 Fusion 256 GB is R$ 2 thousand cheaper on offer from Amazon – DIGITALTREND
29/03/2023
Elon Musk and experts call for a break in AI development – ​​DIGITALTREND
29/03/2023
Aa
DIGITAL TRENDDIGITAL TREND
Aa
  • Tech Updates
  • Mobiles
  • Programming
  • Hacking
  • Featured
  • Technology
  • Tools
  • About Us
  • Contact Us
  • Terms And Conditions
Search
  • Tech Updates
  • Mobiles
  • Programming
  • Hacking
  • Featured
  • Technology
  • Tools
  • About Us
  • Contact Us
  • Terms And Conditions
© 2022 digitaltrend.in Company. All Rights Reserved.
Join Whatsapp Group To get Daily Update.
DIGITAL TREND > Blog > Hacking > How to Be Bug Bounty Hunters And started with Bug Bounty
Hacking

How to Be Bug Bounty Hunters And started with Bug Bounty

SUPERMAN♥
SUPERMAN♥ 09/01/2022
Updated 2022/01/10 at 12:06 AM
Share
7 Min Read
SHARE

How to Get Started into Bug Bounty

Hello guys,

Contents
How to Get Started into Bug BountyWhat is Bug Bounty? What to study?

          After an abundance of requests and questions on topics cognates to Bug Bounty like how to commence, how to beat duplicates, what to do after reading a few books, how to make great reports. I am here with my incipient Updated Blog and answering all of such questions. 

      I am commencing from fundamental as prerequisites to tips and labs along with report inditing skills. I have additionally included some of my personally recommend tips and how to inscribe great reports. Hope you all like it.

What is Bug Bounty? 

If you will search in google and google will say

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

 In short hacker tag with white collar to earn money

What to study?

  • Internet, HTTP, TCP/IP
  • Networking
  • Command-line
  • Linux
  • Web technologies, java-script, PHP, java
  • At least 1 programming language (Python/C/JAVA/Ruby..)
  • Owasp top 10

Choose Your Path:

  • Web Pentesting
  • Android Application Pentesting
  • iOS Application Pentesting

Books:

For Web:

  • Web app hackers handbook
  • Web hacking 101
  • Mastering modern web pen testing
  • Bug Bounty Playbook
  • Real-World Bug Hunting
  • OWASP Testing Guid

YouTube Channels:English

  • [+]Nahamsec

Nahamsec creates educational hacking videos for anyone with an interest in web application hacking with a focus on bug…

https://youtube.com/c/Nahamsec

  • [+]STÖK

Hackers gonna hack creators GONNA CREATE Support my work: Join me on Patreon! https://www.patreon.com/stokfredrik…

https://youtube.com/c/STOKfredrik

  • [+]Zseano

Hey i’m Sean aka @zseano. I am a self-taught hacker & also programmer. I run a website called BugBountyHunter.com which…

https://youtube.com/c/zseano

  • [+]Hackersploit

https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q

  • [+]Cyber Mentor

I’m a hacker by trade, but this channel will contain various lessons and even off-topic stuff from time to time.

https://youtube.com/c/TheCyberMentor

  • [+]InsiderPhD

PhD (Def&Sec) Student investigating Insider Threats using Natural Language Processing at Cranfield University. BSc in…

https://youtube.com/c/InsiderPhD

  • [+]Farah Hawa

Farah Hawa

Hi! Welcome to my channel. Join me as I learn new things everyday and share useful resources as I move along in my…

https://youtube.com/c/FarahHawa

  • [+]codingo

Instructional videos on Information Security, and bug bounties by a top 20 bug hunter, ex penetration tester and now…

https://youtube.com/c/codingo

  • [+]The XSS rat

The XSS rat

Hello everyone! I’m a full time dad and part time bug bounty hunter. My day job is mostly QA/QC but my heart is at…

https://youtube.com/c/TheXSSrat

  • [+]Cristi Vlad

Cybersecurity Analyst | OSCP 

Disclaimer: If you engage in penetration…

https://youtube.com/c/CristiVladZ

  • [+]Hakluke

hakluke

Dad, husband, computer hacker, life hacker, growth fanatic.

HTTPS://youtube.com/c/hakluke

  • [+]Hacking Simplified

Hacking Simplified

Wanted to learn about hacking and cybersecurity? You’re at the right place.

https://youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng

  • [+]Bugcrowd

Learn more about security, testers, and the bug bounty through Bugcrowd’s official YouTube Channel. Bugcrowd provides…

https://youtube.com/c/Bugcrowd

  • [+]Hackerone

HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities…

www.youtube.com

  • [+]Hacksplained

Hacksplained

Hacksplained = Hacking Explained! Hacksplained is here for you to give you practical guidance on hacking in order to…

www.youtube.com

  • [+]RougeSMG

Let’s get Hackin’👨‍💻

https://youtube.com/c/RogueSMG

YouTube Channels:Hindi

  • [+]Bitten Tech

This is Ansh Bhawnani from India. I’m an aspiring learner of ethical hacking and technology and try to share whatever I…

https://youtube.com/c/BittenTech

  • [+]Technical Navigator

Technical Navigator

Hey guys welcome to “Technical Navigator” my name is Nitesh Singh. I am a RHCSA ,Certified Ethical Hacker (CEH), Web…

https://youtube.com/c/TechnicalNavigator

  • [+]Spin The Hack

https://youtube.com/c/SpinTheHack

Write-ups, Articles, Blogs:

  • [+]Intigriti Bug Bytes

bugbytes Archives — Intigriti

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem…

blog.intigriti.com

  • [+]Medium (infosec writeups)

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub…

medium.com

  • [+]HackerOne Hack activity

hackerone.com

  • [+]Pentesterland

pentester.land

  • [+]Security Workbook on Application Security

Security Workbook on Application Security

Here’s a small collection of resources on Application Security, This work is still in progress, will be completed soon…

info.ninadmathpati.com

  • [+]HowToHunt

KathanP19/HowToHunt

Some Tutorials and Things to Do while Hunting Particular Vulnerability. Note: You Can Help Me Complete This List By…

github.com

Resources to Learn

Testing Labs:

  • bWAPP
  • Webgoat
  • PortSwigger Academy

Tools:

  • Burpsuite
  • Nmap
  • dirt buster
  • Sqlmap
  • Netcat
  • OwaspZap
  • Ffuf
  • Project Discovery

Types of Bug Bounty program:

  • Only Hall of Fame
  • Hall of Fame With Certificate of Appreciation
  • HoF with Swags / only Swags
  • Hall of Fame with Bounty
  • Only Bounty
  • Bug Bounty Program:
  • Open For Signup
  • Hackerone
  • Bugcrowd
  • hackenproof
  • Bugbountyjp
  • Intigriti
  • Open Bug Bounty

Report Writing/Bug Submission:

  1. Create a descriptive report.
  2. Follow responsible disclosure policy.
  3. Create POC and steps to reproduce
  4. Sample format of the report:
  5. Vulnerability Name
  6. Vulnerability Description
  7. Vulnerable URL
  8. Payload
  9. Steps to Reproduce
  10. Impact
  11. Mitigation

Vulnerabilities Priorities:

P1 -Critical: Vulnerabilities that cause a privilege escalation from unprivileged to admin or allow for remote code execution, financial theft, etc.

P2 -High: Vulnerabilities that affect the security of the software and impact the processes it supports.

P3 -Medium: Vulnerabilities that affect multiple users and require little or no user interaction to trigger.

P4 -Low: Vulnerabilities that affect singular users and require interaction or significant prerequisites to trigger (MitM) to trigger.

P5 -Informational: Non-exploitable vulnerabilities in functionality. Vulnerabilities that are by design or are deemed an acceptable business risk to the customer.

Looking for more programs using Google Dorks

inurl:”bug bounty” and intext:”€” and inurl:/security

intext:bounty inurl:/security

intext:”BugBounty” and intext:”BTC” and intext:”reward“

intext:”BugBounty” and inurl:”/bounty” and intext:”reward

Words of wisdom:

  • PATIENCE IS THE KEY, takes years to master, don’t fall for overnight success
  • Do not expect someone will spoon feed you everything.
  • Confidence
  • Not always for bounty
  • Learn a lot.
  • Won’t find at the beginning, don’t lose hope
  • Stay focused
  • Depend on yourself
  • Stay updated with InfoSec world 

Thanks 😊 

You Might Also Like

How to Trace someone Mobile Or IP address?

Top 7 ways your WhatsApp chats can be hacked

TAGGED: Bug Bounty Hunters, Bug hunters, How to bug

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
[mc4wp_form]
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
SUPERMAN♥ 09/01/2022
Share this Article
Facebook TwitterEmail Print
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry1
Dead0
Wink0
Previous Article How to Trace someone Mobile Or IP address?
Next Article How to Add Chapter Marker in YouTube Videos?

Stay Connected

235.3k Followers Like
69.1k Followers Follow
11.6k Followers Pin
56.4k Followers Follow
136k Subscribers Subscribe
4.4k Followers Follow

Latest News

Samsung will put charger in the Galaxy S22 and Galaxy S21 FE box – DIGITALTREND
Artificial intelligence 30/03/2023
WWDC 2023 starts on June 5 and may have announcement of Apple’s VR headset – DIGITALTREND
Apps And Software 29/03/2023
WhatsApp tests 15 new time options for temporary messages – DIGITALTREND
Artificial intelligence 29/03/2023
Motorola Edge 30 Fusion 256 GB is R$ 2 thousand cheaper on offer from Amazon – DIGITALTREND
Apps And Software 29/03/2023
https://pbs.twimg.com/profile_images/1542611508093661184/MR5LYGqH_normal.jpg
@envato
1.5k Following
71k Followers
https://pbs.twimg.com/profile_images/1542611508093661184/MR5LYGqH_normal.jpg 4 hours ago
@NelikenM Thank you for reaching out. I am happy to answer general questions here. For more personalized assistance… https://t.co/acA755D5Cj
https://pbs.twimg.com/profile_images/1542611508093661184/MR5LYGqH_normal.jpg 11 hours ago
@ScrumProductOwn When it comes to item specific support or issues, we recommend you contact the author of the item… https://t.co/uTuQnEfKXX
https://pbs.twimg.com/profile_images/1542611508093661184/MR5LYGqH_normal.jpg 11 hours ago
@a_melruiz Hey there! Could you please open a suppor ticket with us via  https://t.co/WrLZctSsZX  We'd be happy to… https://t.co/OLszTzMN1A

You Might also Like

Hacking

How to Trace someone Mobile Or IP address?

09/01/2022
Hacking

Top 7 ways your WhatsApp chats can be hacked

14/10/2021
//

We influence 20 million users and is the number one business and technology news network on the planet

DIGITAL TRENDDIGITAL TREND

© 2022 Foxiz News Network. Ruby Design Company. All Rights Reserved.

Removed from reading list

Undo
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?