Read on Twitter
#bugbounty #pentest #security tips Thread - Post 1
Clear your mindset about #bugbountytips
Don’t rely only an online courses.Reading books and blogs gives much better insight
@intigriti @BugBountyHQ @soaj1664ashar @anshuman_bh @abhaybhargav
Clear your mindset about #bugbountytips
Don’t rely only an online courses.Reading books and blogs gives much better insight
@intigriti @BugBountyHQ @soaj1664ashar @anshuman_bh @abhaybhargav
#bugbounty #pentest #security tips Thread - Post 2
When starting in #bugbounty, have patience. Bugs will not start coming from day 1 (mostly).
Don’t loose hope when you get dupes.
Read blogs and understand techniques from other researchers.
When starting in #bugbounty, have patience. Bugs will not start coming from day 1 (mostly).
Don’t loose hope when you get dupes.
Read blogs and understand techniques from other researchers.
#bugbounty #pentest #security tips Thread - Post 3
Create testbeds to learn the underlying issues and may be try to pick the code which causes the issue.
Don’t just rely on fancy tools. Understand how these tools work.
Picking up a scripting language is actually a good idea
Create testbeds to learn the underlying issues and may be try to pick the code which causes the issue.
Don’t just rely on fancy tools. Understand how these tools work.
Picking up a scripting language is actually a good idea
#bugbounty #pentest #security tips Thread - Post 4
Try going deep into the app. Identifying IDORs on less noticeable entities have got me quite a good amount of money alone.
Possibly hold a consistent source of income, say some penitent projects or a part time job. It helps.
Try going deep into the app. Identifying IDORs on less noticeable entities have got me quite a good amount of money alone.
Possibly hold a consistent source of income, say some penitent projects or a part time job. It helps.
#bugbounty #pentest #security tips Thread - Post 5
Attend Webinars, podcasts. Be active.
Lookout for scholarship / passes for conferences people give away for new comers. Its really important to network.
Attend Webinars, podcasts. Be active.
Lookout for scholarship / passes for conferences people give away for new comers. Its really important to network.
#bugbounty #pentest #security tips Thread - Post 6
Don’t burn out. Take rest and spend days away from your laptop. Spend time with friends and family. Get that XSS out of your mind.
Since working from home, keep a discipline or else work from the daytime will flow into night.
Don’t burn out. Take rest and spend days away from your laptop. Spend time with friends and family. Get that XSS out of your mind.
Since working from home, keep a discipline or else work from the daytime will flow into night.
#bugbounty #pentest #security tips Thread - Post 7
Finding subdomains is cool, but don’t forget the main domain. People tend to miss them out, these days.
Focus on scope or you will be sad quite often.
Finding subdomains is cool, but don’t forget the main domain. People tend to miss them out, these days.
Focus on scope or you will be sad quite often.
#bugbounty #pentest #security tips Thread - Post 8
Once you make some money, setup a good working setup.
Keep an eye on new tools released. @HackwithGithub and @KitPloit can help.
Once you make some money, setup a good working setup.
Keep an eye on new tools released. @HackwithGithub and @KitPloit can help.
#bugbounty #pentest #security tips Thread - Post 9
Keep an eye on projects on GitHub keeping a track of bugbounty programs.
Reply nicely to organizations. They are also humans and learn to respect them. If they disagree for reward, move on.
Don’t primarily do it for money.
Keep an eye on projects on GitHub keeping a track of bugbounty programs.
Reply nicely to organizations. They are also humans and learn to respect them. If they disagree for reward, move on.
Don’t primarily do it for money.
#bugbounty #pentest #security tips Thread - Post 10
If you are new, checkout xss/sqli/csrf challenges.
Make a team and Play CTF.
Keep an eye on content from DefCon Villages @ AppSec_Village @ReconVillage @RedTeamVillage_
If you are new, checkout xss/sqli/csrf challenges.
Make a team and Play CTF.
Keep an eye on content from DefCon Villages @ AppSec_Village @ReconVillage @RedTeamVillage_
#bugbounty #pentest #security tips Thread - Post 11
Above all, be happy. Enjoy the passion of finding bugs.
Happy Holidays. Cheers.
Above all, be happy. Enjoy the passion of finding bugs.
Happy Holidays. Cheers.
