How to start Bug Bounty and What is Learning path
Hello Everyone, Today I will tell you how to start Bug Hunting journey with proper learning path. First understand What is Bug Bounty?
According to google “A reward offered to a person who identifies an error or vulnerability in a website or application Identification and reporting of bugs and vulnerability in a responsible way.”
Just understand in simple way, Bug Bounty is a security program that rewards individuals (often referred to as “bug hunters” or “security researchers”) for discovering and reporting security vulnerabilities or “bugs” in software, websites, or digital systems.
Who is the Bug Hunter?
A bug hunter, also known as a security researcher or ethical hacker, is an individual who identifies security vulnerabilities or “bugs” in software, websites, or digital systems. Bug hunters play a crucial role in improving cybersecurity by identifying weaknesses that could potentially be exploited by malicious hackers.
Characteristics of Bug Hunters
- A person they have Technical Expertise.
- A person follows ethical guidelines and legal boundaries when searching for vulnerabilities.
- Bug hunters must document their findings thoroughly, including detailed descriptions of the vulnerabilities and, in many cases, proof-of-concept demonstrations. Clear documentation helps organizations understand and address the issues.
- Bug hunters are excellent problem solvers. They use their knowledge and creativity to uncover security flaws that might not be immediately obvious.
- Finding security vulnerabilities can be challenging and time-consuming. Bug hunters need to be persistent and patient when conducting their research and testing.
Now talk about, how to start bug hunting? First clear your path and know which filed (Web penetration Mobile penetration {Android or IOS} Desktop penetration) you find bug.
Before start Bug Hunting learn about these things
- Computer Fundamental
- Networking
- Internet
- Command Line Interface (Linux Terminal, Power Shell, command prompt)
- Operating System
- Web Technology
- Attest one Programing and Scripting Language You Know just like Python, Ruby, Java, C, and so on.
- Create and write exploit
Note: Rember one thing when you start learning do practice side by side what you learn and how to implement in real world.
I share some useful Resources they can help you to achieve you bug hunting journey. We know that books are more supreme to learn anything and understand anything. So, these books are reference for learn bug hunting:
- The basic of hacking and penetration testing
- Web Application Hacker’s Handbook
- Mastering Modern Web App pentesting
- Mastering Modern Web App pentesting
- Web Hacking 101
- Hacker’s Play Book
- Hacking: The Art of Exploitation
- OWASP Testing guide
Now, talk about more resources, Writer’s up, Blog and Articles also play an important role of learning. So, these are help you learning and day to day updates in community like new bug, how to find vulnerability and so on...
Now, We known about how to learn but wait a minute where we Practices for this 🤔? Don’t worry I am here dude. So, these are best website and labs where you can Practices and implement your skills:
- TryHackMe
- Bugcrowd
- HackerOne
- Damn Vulnerable Web App (DVWA)
- Web goat
- bWAPP
- Vulnhub VMs
- Hack The Box
- Play CTFs
I hope this article help you out how to start your Bug Hunting journey and what is the learning path… So, start your journey and stay update be curious.
Thanks for Reading.
For more you can contact me here:
