How to get started with Bugbounty


If your beginner and don't know where to start read the following article and Try to Understand, and read the books mentioned in this article.

Bug Bounty


Before starting bug bounty you must know the following things
1. First, you must know the basics of web development. how HTML, JavaScript, PHP and MySQL, Perl, Ruby works. following topics  rest API, JSON data, raw, headers very important
2. Basic Understanding of computer does browser and server communicate.
3.python,c is also very important if you want to write  your own advance scripts to perform penetration testing on websites

Let's start our topic  how to start With Bugbounty

I would suggest you learn firstly computer networking and languages like Html, JavaScript, PHP, Mysql. you no need to learn deeply these must know the basic understanding of these can learn from following websites
 2. JavatPoint
After perfection at you must take Bugbounty course which is available in Udemy or Pluralsight.
After learning you want to test on real-world websites.there are sites like Hackerone and BugCrowd where you can find programs that you have to test whether it has bugs or not.if you find bugs you will get rewards that may be money, or their company logo, t-shirts. it's not compulsory that you must get only money.
Rewards will be given according to critical in the bug.if you find XSS vulnerability on a will get nearly 500$ because it is critical bug.
You have to test websites patiently which is very important. you must test on every parameter on the will use frequently use burp suite for intercepting the browser traffic. Many websites like PayPal and Facebook, Google implement Bug bounty programs every year. if you find any vulnerability you get a very high-income. the average bounty for finding the bug is 1000$

Earning money in Ethical hacking field is possible through bug bounty.i would suggest following books to start a bug bounty

Bug Bounty as Career
Are you having doubt-can I choose Bugbounty as a career option? how much salary do you get per annum.i would say that choosing bug bounty as a career option is not a good idea.
If you're interested to read penetration books I would suggest following books which makes you perfect at bug bounty
1. Web Application Hackers Handbook-which is really a very good book for the intermediate and advanced level students who want to get started with a bug bounty. But for a beginner, this book is not good. terms used in this book is not understood by normal person
2. Master Modern Web penetration Testing-these is a really awesome book for the beginner, the author of this book explains clearly about penetration testing without using any technical terms.
For beginners it is a very good book, it can be understood clearly.
3. Web hacking 101- In this book the author tries to explain each vulnerability with practical examples like XSS vulnerability found in  Shopify and he says ways to make money from penetration testing. But for beginners, it is a little bit tough to understand. But intermediate and advance level can understand easily
I suggest to read Master modern web penetration testing book for a beginner after that you can refer 1 and 3rd books.

Post a Comment