What is Bug Bounty? and How to become a pro Bug Hunter?
Welcome To World Of Bug Hunting!
- S.Yaakulya
1) How to become a successful Bug Hunter?
2) What is Bug Hunting or Bug Bounty?
3) How to earn money legally by hunting bugs?
4) Does any prior experience or technical staff or skills required to hunt bugs?
5) Any age restriction for becoming hunters?
6) Is Bug Hunting so hard?
7) Can I depend on bounty as an active income?
8) Do companies pay a good hike to Hunters?
9) How and when to learn Bug Hunting?
10) Can I choose my career totally towards Bug Hunting?
The above questions might raise your thoughts into different dilemmas and conditions resulting in a big confusion state. So just chill, take a deep breath and continue reading down! The complete article goes on with a user-friendly guide with simple understandable language, so what are we for? Let's get started...
A) What is Bug Hunting?
Vulnerability: It is the weakness of the system.
Bug Hunters: The people who hunt bugs are called Bug Hunters.
B) What is Bug Bounty?
As we've discussed above the word "Bug" refers to vulnerability and "Bounty" refers to pay-on credit. So companies or organizations pay hunters for finding the flaws in their systems. And this program is called BUG BOUNTY.C) Where can I hunt Bugs and Report to?
The below platforms give a wide range of finding targets throughout the world. Here few main platforms to check,
Platforms:
- YesWeHack
- Integrity
- HackerOne
- Bugcrowd
- Cobalt
- Bountysource
- Bounty Factory
- Coder Bounty
- FreedomSponsors
- FOSS Factory
- Synack
- HackenProof
- Detectify
- Bugbountyjp
- Safehats
- BugbountyHQ
- Hackerhive
- Hacktrophy
- AntiHACK
- COPPA
D) Is Bug Hunting so hard to learn?
Well, the answer would be NO. It's much easier than you think. If you're passionate about it. Definitely, it'll be easier and it should be. Even a student of 9th grade can hunt these days.E) Do companies pay a good hike to hunters?
Yes, they really do pay large enough bounties. Few programs such as Google, Facebook pay millions for finding bugs. Everyone gets an opportunity to hunt. The lucky one is who utilizes the given opportunity.F) Does any prior experience or technical staff or skills required to hunt bugs?
As a beginner, the answer would be no, apart the answer would depend on the system or environment you hunt. For website applications, you should've a minimum knowledge of how a website works and basic HTML, script commands. For APC's no core skill is required and for ios, should've a basic knowledge of Unix and ios interface.G) When to start bug hunting?
There is no particular time to start. The ultimate answer would be RIGHT NOW!H) Any age restriction for a hunter?
Anyone who is up to 17 years can hunt, and student who's under 17 can also try but there is also no official report saying they can report. The age restriction was only meant for the level of understanding maturity, nothing mean apart from it.I) Can I depend on bounty as an active income?
On the positive side, the answer is no, it's because if you end up finding no vulnerability you might be depressed. Just kept it as a secondary income just don't completely depend on it. This is not to discourage you but let's always hope for the best:)K) Can I choose my career totally towards bug hunting?
If you're very much passionate about hunting bugs then you definitely choose your career towards it. It helps you in many fields such as Security Forensic Engineer or as a cyber cop or private penetration tester.So hope you get a clear cut picture of what bug hunting is and how it is functioning in the real world and how to relate it with you. Great! More upcoming series and blogs would be covering queries such as "How to become a successful hunter?" and "Where to start hunting?" further. Hope you enjoyed it:) Any doubts please contact us.
About me: S.Yaakulya | Bug Hunter, Pentester, DM if any help required! Thank you.
Continued BH Series #2...
Comments