Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to get started in bug bounty
Search
Tushar Verma
June 18, 2021
Education
1
500
How to get started in bug bounty
Learning path for Bug Bounty
Bug Bounty Platforms
Report Writing/Bug Submission
Tushar Verma
June 18, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
700
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
600
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
Other Decks in Education
See All in Education
GOVERNOR ADDRESS:2025年9月29日合同公式訪問例会:2720 Japan O.K. ロータリーEクラブ、2025年10月6日卓話:藤田 千克由 氏(国際ロータリー第2720地区 2025-2026年度 ガバナー・大分中央ロータリークラブ・大分トキハタクシー(株)顧問)
2720japanoke
0
730
MySmartSTEAM 2526
cbtlibrary
0
170
ThingLink
matleenalaakso
28
4.2k
【dip】「なりたい自分」に近づくための、「自分と向き合う」小さな振り返り
dip_tech
PRO
0
200
【ZEPメタバース校舎操作ガイド】
ainischool
0
700
アジャイルの知見から新卒研修作り、そして組織作り
pokotyamu
0
130
卒論の書き方 / Happy Writing
kaityo256
PRO
51
27k
20251119 如果是勇者欣美爾的話, 他會怎麼做? 東海資工
pichuang
0
140
【ZEPホスト用メタバース校舎操作ガイド】
ainischool
0
150
Microsoft Office 365
matleenalaakso
0
2k
The Next Big Step Toward Nuclear Disarmament
hide2kano
0
170
Cifrado asimétrico
irocho
0
360
Featured
See All Featured
エンジニアに許された特別な時間の終わり
watany
105
220k
How to Talk to Developers About Accessibility
jct
1
85
Exploring anti-patterns in Rails
aemeredith
2
200
Imperfection Machines: The Place of Print at Facebook
scottboms
269
13k
The World Runs on Bad Software
bkeepers
PRO
72
12k
Practical Orchestrator
shlominoach
190
11k
AI Search: Where Are We & What Can We Do About It?
aleyda
0
6.7k
SEO for Brand Visibility & Recognition
aleyda
0
4.1k
Making the Leap to Tech Lead
cromwellryan
135
9.7k
The browser strikes back
jonoalderson
0
120
Game over? The fight for quality and originality in the time of robots
wayneb77
1
66
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
uxyall
0
120
Transcript
HOW TO GET STARTED IN BUG BOUNTY BY: TUSHAR VERMA
WHOAMI Bug Bounty Hunter Synack Red Team Member Infosec Trainer
AGENDA • Learning path for Bug Bounty • Bug Bounty
Platforms • Report Writing/Bug Submission
WHAT IS BUG BOUNTY? Bug Bounty is a deal offered
by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.
BASIC TECHNICAL THINGS TO GET STARTED INTERNET, HTTP, TCP/IP LINUX
AND BASH SCRIPTING LEARNING BASICS OF HTML, PHP, JAVASCRIPT
CHOOSING YOUR INITIAL PATH Web application Security Testing Mobile Application
Security Testing
FOR WEB APPLICATION PENETRATION TESTING Web Application Hacker’s Handbook Web
Hacking 101 PortSwigger Academy Pentesterlab BugBountyHunter
FOR MOBILE APPLICATION PENETRATION TESTING OWASP Mobile Testing Guide Mobile
application hacker’s handbook Mobile Security Wiki by Aditya Agrawal DIVA (Damn insecure and vulnerable App) Android & iOS
BUG BOUNTY PLATFORM: • Bugcrowd • Hackerone • Hackenproof •
Intigriti • YesWeHack • Inspectiv • Synack • Cobalt
WHICH CHECKLIST TO FOLLOW??? OWASP Web Application Security Testing Checklist
Bugcrowd Vulnerability Rating Taxonomy
REPORT WRITING
• Vulnerability Name: • Technical Severity: • Vulnerable URLs: •
Vulnerability Description: • Steps to Reproduce: • Impact: • Suggested Countermeasures:
GET IN TOUCH AT • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
THANK YOU
e11i0t_4lders0n
2720japanoke
cbtlibrary
matleenalaakso
dip_tech
ainischool
pokotyamu
kaityo256
pichuang
hide2kano
irocho
watany
jct
aemeredith
scottboms
bkeepers
shlominoach
aleyda
cromwellryan
jonoalderson
wayneb77
uxyall
