Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to get started in bug bounty
Search
Tushar Verma
June 18, 2021
Education
1
490
How to get started in bug bounty
Learning path for Bug Bounty
Bug Bounty Platforms
Report Writing/Bug Submission
Tushar Verma
June 18, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
180
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
680
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
780
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
580
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
Other Decks in Education
See All in Education
Introduction - Lecture 1 - Web Technologies (1019888BNR)
signer
PRO
0
5.7k
高校におけるプログラミング教育を考える
naokikato
PRO
0
170
あなたの言葉に力を与える、演繹的なアプローチ
logica0419
1
200
言葉の文化祭2025:IKIGAI World Fes:program
tsutsumi
1
620
みんなのコードD&I推進レポート2025 テクノロジー分野のジェンダーギャップとその取り組みについて
codeforeveryone
0
300
SISTEMA DE MEMORIA Y SU IMPACTO EN LAS DECISIONES.
jvpcubias
0
180
1021
cbtlibrary
0
330
Library Prefects 2025-2026
cbtlibrary
0
110
情報科学類で学べる専門科目38選
momeemt
0
640
The knowledge panel is your new homepage
bradwetherall
0
200
Ch1_-_Partie_1.pdf
bernhardsvt
0
420
Introdución ás redes
irocho
0
370
Featured
See All Featured
Measuring & Analyzing Core Web Vitals
bluesmoon
9
630
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
Building Adaptive Systems
keathley
44
2.8k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
Optimising Largest Contentful Paint
csswizardry
37
3.5k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Why Our Code Smells
bkeepers
PRO
340
57k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.7k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.7k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
Building Better People: How to give real-time feedback that sticks.
wjessup
369
20k
Transcript
HOW TO GET STARTED IN BUG BOUNTY BY: TUSHAR VERMA
WHOAMI Bug Bounty Hunter Synack Red Team Member Infosec Trainer
AGENDA • Learning path for Bug Bounty • Bug Bounty
Platforms • Report Writing/Bug Submission
WHAT IS BUG BOUNTY? Bug Bounty is a deal offered
by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.
BASIC TECHNICAL THINGS TO GET STARTED INTERNET, HTTP, TCP/IP LINUX
AND BASH SCRIPTING LEARNING BASICS OF HTML, PHP, JAVASCRIPT
CHOOSING YOUR INITIAL PATH Web application Security Testing Mobile Application
Security Testing
FOR WEB APPLICATION PENETRATION TESTING Web Application Hacker’s Handbook Web
Hacking 101 PortSwigger Academy Pentesterlab BugBountyHunter
FOR MOBILE APPLICATION PENETRATION TESTING OWASP Mobile Testing Guide Mobile
application hacker’s handbook Mobile Security Wiki by Aditya Agrawal DIVA (Damn insecure and vulnerable App) Android & iOS
BUG BOUNTY PLATFORM: • Bugcrowd • Hackerone • Hackenproof •
Intigriti • YesWeHack • Inspectiv • Synack • Cobalt
WHICH CHECKLIST TO FOLLOW??? OWASP Web Application Security Testing Checklist
Bugcrowd Vulnerability Rating Taxonomy
REPORT WRITING
• Vulnerability Name: • Technical Severity: • Vulnerable URLs: •
Vulnerability Description: • Steps to Reproduce: • Impact: • Suggested Countermeasures:
GET IN TOUCH AT • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
THANK YOU