Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to get started in bug bounty

How to get started in bug bounty

Learning path for Bug Bounty
Bug Bounty Platforms
Report Writing/Bug Submission

Tushar Verma

June 18, 2021
Tweet

More Decks by Tushar Verma

Other Decks in Education

Transcript

  1. AGENDA • Learning path for Bug Bounty • Bug Bounty

    Platforms • Report Writing/Bug Submission
  2. WHAT IS BUG BOUNTY? Bug Bounty is a deal offered

    by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.
  3. BASIC TECHNICAL THINGS TO GET STARTED INTERNET, HTTP, TCP/IP LINUX

    AND BASH SCRIPTING LEARNING BASICS OF HTML, PHP, JAVASCRIPT
  4. FOR WEB APPLICATION PENETRATION TESTING Web Application Hacker’s Handbook Web

    Hacking 101 PortSwigger Academy Pentesterlab BugBountyHunter
  5. FOR MOBILE APPLICATION PENETRATION TESTING OWASP Mobile Testing Guide Mobile

    application hacker’s handbook Mobile Security Wiki by Aditya Agrawal DIVA (Damn insecure and vulnerable App) Android & iOS
  6. BUG BOUNTY PLATFORM: • Bugcrowd • Hackerone • Hackenproof •

    Intigriti • YesWeHack • Inspectiv • Synack • Cobalt
  7. • Vulnerability Name: • Technical Severity: • Vulnerable URLs: •

    Vulnerability Description: • Steps to Reproduce: • Impact: • Suggested Countermeasures: