How Do I Get Started With Bug Bounty ?

How do I get started with bug bounty hunting? How do I improve my skills?



These are some simple steps that every bug bounty hunter can use to get started and improve their skills:

Learn to make it; then break it!
A major chunk of the hacker's mindset consists of wanting to learn more. In order to really exploit issues and discover further potential vulnerabilities, hackers are encouraged to learn to build what they are targeting. By doing this, there is a greater likelihood that hacker will understand the component being targeted and where most issues appear. For example, when people ask me how to take over a sub-domain, I make sure they understand the Domain Name System (DNS) first and let them set up their own website to play around attempting to "claim" that domain.

Read books. Lots of books.
One way to get better is by reading fellow hunters' and hackers' write-ups. Follow /r/netsec and Twitter for fantastic write-ups ranging from a variety of security-related topics that will not only motivate you but help you improve. For a list of good books to read, please refer to "What books should I read?".

Join discussions and ask questions.
As you may be aware, the information security community is full of interesting discussions ranging from breaches to surveillance, and further. The bug bounty community consists of hunters, security analysts, and platform staff helping one and another get better at what they do. There are two very popular bug bounty forums: Bug Bounty Forum and Bug Bounty World.

Participate in open source projects; learn to code.
Go to https://github.com/explore or https://gitlab.com/explore/projects and pick a project to contribute to. By doing so you will improve your general coding and communication skills. On top of that, read https://learnpythonthehardway.org/ and https://linuxjourney.com/.

Help others. If you can teach it, you have mastered it.
Once you discover something new and believe others would benefit from learning about your discovery, publish a write-up about it. Not only will you help others, you will learn to really master the topic because you can actually explain it properly.

Smile when you get feedback and use it to your advantage.
The bug bounty community is full of people wanting to help others so do not be surprised if someone gives you some constructive feedback about your work. Learn from your mistakes and in doing so use it to your advantage. I have a little physical notebook where I keep track of the little things that I learnt during the day and the feedback that people gave me.


Learn to approach a target.
The first step when approaching a target is always going to be reconnaissance — preliminary gathering of information about the target. If the target is a web application, start by browsing around like a normal user and get to know the website's purpose. Then you can start enumerating endpoints such as sub-domains, ports and web paths.

A woodsman was once asked, "What would you do if you had just five minutes to chop down a tree?" He answered, "I would spend the first two and a half minutes sharpening my axe."
As you progress, you will start to notice patterns and find yourself refining your hunting methodology. You will probably also start automating a lot of the repetitive tasks.

More articles

1. Wifi Hacker Tools For Windows
2. Hacking Tools For Windows
3. Hack Tools Download
4. Pentest Tools For Android
5. How To Hack
6. Pentest Automation Tools
7. Easy Hack Tools
8. Hak5 Tools
9. Physical Pentest Tools
10. Github Hacking Tools
11. Github Hacking Tools
12. Tools Used For Hacking
13. Hacker Tools Mac
14. Hackrf Tools
15. Hacking Apps
16. Hacker Tools Free Download
17. Hacker Tools Free
18. Pentest Tools Open Source
19. Pentest Tools List
20. Hacker Tools Github
21. Best Hacking Tools 2020
22. Hack Tools 2019
23. Pentest Tools Free
24. Hacking Tools
25. Hack Tools For Games
26. What Is Hacking Tools
27. Best Hacking Tools 2019
28. Hacking Tools Kit
29. Pentest Tools Alternative
30. Hacker Tools 2020
31. Hacking Tools Software
32. Hackrf Tools
33. Pentest Box Tools Download
34. Hacking Tools Software
35. Pentest Tools For Android
36. Pentest Tools Url Fuzzer
37. Hacking Tools Software
38. Pentest Tools For Windows
39. Pentest Tools Alternative
40. Hacker Tools For Pc
41. Pentest Tools Review
42. Hacking Tools
43. Best Pentesting Tools 2018
44. Github Hacking Tools
45. Hack Tools For Mac
46. Hack Tools For Ubuntu
47. Hacking Apps
48. Pentest Tools Alternative
49. Hack Tools
50. Pentest Tools Subdomain
51. Hacker Security Tools
52. Hacking Tools Online
53. Hacker Security Tools
54. Hacker Tools Github
55. Hacker Tools Online
56. Hack Tools For Pc
57. Pentest Tools Bluekeep
58. Nsa Hack Tools Download
59. Hack Tools Pc
60. Hacking Tools And Software
61. Hacking Tools For Windows
62. Hacker Tools 2019
63. Pentest Tools Windows
64. Hacking Tools 2019
65. Hacking Tools For Mac
66. Hacking Tools Software
67. Hacker Tools List
68. Pentest Tools Linux
69. How To Make Hacking Tools
70. Hacking Tools Software
71. Hack Tools For Ubuntu
72. Hacking Tools Hardware
73. What Are Hacking Tools
74. Growth Hacker Tools
75. Hacking Tools Kit
76. World No 1 Hacker Software
77. Hack Tools Online
78. Pentest Tools Nmap
79. Hacking Tools Software
80. Hacker Tools Apk
81. Hacking Tools Kit
82. Hacking Tools Download
83. Hack Tools For Mac
84. Hacking Tools For Kali Linux
85. Hack Tools Online
86. Nsa Hack Tools Download
87. World No 1 Hacker Software
88. Hack Tools Github
89. Tools Used For Hacking
90. Game Hacking
91. Pentest Recon Tools
92. Pentest Tools Alternative
93. Hacking Apps
94. What Are Hacking Tools
95. Hack Tools
96. Hacker Tools Apk Download
97. Hackrf Tools
98. Install Pentest Tools Ubuntu