quinta-feira, 20 de agosto de 2020

How Do I Get Started With Bug Bounty ?

How do I get started with bug bounty hunting? How do I improve my skills?



These are some simple steps that every bug bounty hunter can use to get started and improve their skills:

Learn to make it; then break it!
A major chunk of the hacker's mindset consists of wanting to learn more. In order to really exploit issues and discover further potential vulnerabilities, hackers are encouraged to learn to build what they are targeting. By doing this, there is a greater likelihood that hacker will understand the component being targeted and where most issues appear. For example, when people ask me how to take over a sub-domain, I make sure they understand the Domain Name System (DNS) first and let them set up their own website to play around attempting to "claim" that domain.

Read books. Lots of books.
One way to get better is by reading fellow hunters' and hackers' write-ups. Follow /r/netsec and Twitter for fantastic write-ups ranging from a variety of security-related topics that will not only motivate you but help you improve. For a list of good books to read, please refer to "What books should I read?".

Join discussions and ask questions.
As you may be aware, the information security community is full of interesting discussions ranging from breaches to surveillance, and further. The bug bounty community consists of hunters, security analysts, and platform staff helping one and another get better at what they do. There are two very popular bug bounty forums: Bug Bounty Forum and Bug Bounty World.

Participate in open source projects; learn to code.
Go to https://github.com/explore or https://gitlab.com/explore/projects and pick a project to contribute to. By doing so you will improve your general coding and communication skills. On top of that, read https://learnpythonthehardway.org/ and https://linuxjourney.com/.

Help others. If you can teach it, you have mastered it.
Once you discover something new and believe others would benefit from learning about your discovery, publish a write-up about it. Not only will you help others, you will learn to really master the topic because you can actually explain it properly.

Smile when you get feedback and use it to your advantage.
The bug bounty community is full of people wanting to help others so do not be surprised if someone gives you some constructive feedback about your work. Learn from your mistakes and in doing so use it to your advantage. I have a little physical notebook where I keep track of the little things that I learnt during the day and the feedback that people gave me.


Learn to approach a target.
The first step when approaching a target is always going to be reconnaissance — preliminary gathering of information about the target. If the target is a web application, start by browsing around like a normal user and get to know the website's purpose. Then you can start enumerating endpoints such as sub-domains, ports and web paths.

A woodsman was once asked, "What would you do if you had just five minutes to chop down a tree?" He answered, "I would spend the first two and a half minutes sharpening my axe."
As you progress, you will start to notice patterns and find yourself refining your hunting methodology. You will probably also start automating a lot of the repetitive tasks.

Related links

  1. Hacker Tools Free Download
  2. Hack Tools 2019
  3. Hack Tools Mac
  4. Hacking Tools 2020
  5. Hack Tools For Pc
  6. Hacking Tools Mac
  7. Hack Tools Github
  8. Best Pentesting Tools 2018
  9. How To Hack
  10. Pentest Tools Website
  11. Usb Pentest Tools
  12. Hacker Tools Free
  13. Nsa Hack Tools Download
  14. Underground Hacker Sites
  15. Hack Tools For Windows
  16. How To Install Pentest Tools In Ubuntu
  17. Hacking Tools For Beginners
  18. Pentest Tools For Windows
  19. Top Pentest Tools
  20. Hacker Tools For Ios
  21. Tools For Hacker
  22. Pentest Tools Website
  23. Hacker Tools Software
  24. Hacker Tools Windows
  25. Hacker Security Tools
  26. Github Hacking Tools
  27. Tools For Hacker
  28. Nsa Hack Tools
  29. How To Make Hacking Tools
  30. Hacking App
  31. Pentest Tools For Ubuntu
  32. Pentest Tools Website
  33. Hacker Tools Software
  34. Hacking Apps
  35. Blackhat Hacker Tools
  36. Hacking Tools Windows
  37. Pentest Tools Find Subdomains
  38. Hacker Tools Online
  39. Pentest Tools Website
  40. Pentest Tools For Windows
  41. Pentest Tools Url Fuzzer
  42. How To Hack
  43. Pentest Tools Framework
  44. Hack Tools 2019
  45. Hack Tools For Pc
  46. Hacker Tools Mac
  47. Install Pentest Tools Ubuntu
  48. Blackhat Hacker Tools
  49. Hacking Tools Name
  50. Game Hacking
  51. Hack Tools For Windows
  52. Pentest Tools Alternative
  53. Hacker Tools
  54. Hacking Tools Windows
  55. Pentest Tools Tcp Port Scanner
  56. Pentest Tools Port Scanner
  57. Hacking Tools Usb
  58. Hacker Tools Online
  59. Hacker Tools Free
  60. Pentest Tools Apk
  61. Pentest Tools Website
  62. Pentest Tools Android
  63. Pentest Tools Free
  64. Hacker Tools For Mac
  65. Nsa Hack Tools Download
  66. Hack Tools For Pc
  67. Hack Tools For Mac
  68. Underground Hacker Sites
  69. Hacking Tools
  70. Hacking Tools For Beginners
  71. Best Hacking Tools 2019
  72. Hackrf Tools
  73. Pentest Tools For Mac
  74. Hacking Tools Hardware
  75. Hacking Tools Download
  76. Pentest Tools Bluekeep
  77. Hacking Tools Free Download
  78. Computer Hacker
  79. Hack Tools For Pc
  80. Pentest Tools Subdomain
  81. Android Hack Tools Github
  82. Pentest Tools Website
  83. Hacker Tools Windows
  84. Hacker Tools For Ios
  85. Pentest Tools Find Subdomains
  86. Hacking Tools For Windows 7
  87. Physical Pentest Tools
  88. Tools 4 Hack
  89. Pentest Tools Review
  90. Hacking Tools Name
  91. Pentest Tools Kali Linux
  92. Hack Tool Apk No Root
  93. Hack Tools
  94. Pentest Tools For Ubuntu
  95. Pentest Tools Windows
  96. Hack Tools For Mac
  97. Nsa Hacker Tools
  98. Best Pentesting Tools 2018
  99. Hacking Tools And Software
  100. Usb Pentest Tools
  101. Pentest Reporting Tools
  102. Hack Tools Mac
  103. Tools Used For Hacking
  104. Hacker Tools 2019
  105. Hacker Tools Hardware
  106. Hacker Tools Windows
  107. Pentest Tools Free
  108. Tools Used For Hacking
  109. Hacking Tools Usb
  110. Pentest Tools Nmap
  111. Hacker Hardware Tools
  112. Pentest Tools Url Fuzzer
  113. Hack Tools Online
  114. Hacker Tools 2019
  115. Hack Tool Apk No Root
  116. Hacker Security Tools
  117. Tools For Hacker
  118. Hacking Tools Windows 10
  119. Top Pentest Tools
  120. Hacker Tools For Mac
  121. Hacking Tools Mac
  122. Hacker Tools Free
  123. Pentest Tools Website Vulnerability
  124. Free Pentest Tools For Windows
  125. Hacker Tools For Pc
  126. Hack Tools Download
  127. Hacking Tools Hardware
  128. Hacking Tools Mac
  129. Hacking Tools Online
  130. What Are Hacking Tools
  131. Pentest Tools Subdomain
  132. Hack Tools For Ubuntu
  133. Hacker Tools 2020
  134. Hacker Techniques Tools And Incident Handling
  135. Install Pentest Tools Ubuntu
  136. Wifi Hacker Tools For Windows
  137. Hacks And Tools
  138. Pentest Tools Review
  139. Hacking Tools For Pc
  140. Hacking Apps
  141. Tools For Hacker
  142. Top Pentest Tools
  143. Android Hack Tools Github
  144. Hacking Tools 2019
  145. New Hacker Tools
  146. Pentest Tools Framework
  147. Growth Hacker Tools
  148. Pentest Tools For Mac
  149. Hacker Tools Hardware
  150. Hack Rom Tools
  151. Hacker Tools Free Download
  152. Pentest Tools Url Fuzzer
  153. Pentest Tools For Mac
  154. Hacking Tools Hardware
  155. Pentest Tools Apk
  156. Hacker Tools Free
  157. Pentest Tools Free
  158. Best Pentesting Tools 2018
  159. Nsa Hack Tools
  160. Hacker Tools Apk
  161. Pentest Tools Website Vulnerability
Postado por às

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)