Whoami
Application
Security Engineer
Synack Red Team
Member
Bug Bounty
Hunter
Infosec Trainer &
Speaker
Slide 3
Slide 3 text
Failing at Bug
Bounty
Slide 4
Slide 4 text
You participate
in the wrong
programs
Failed to read
Bug Bounty
Guidelines
Lots of
Duplicate
Failed to show
impact
You don’t stick
to a program
You don’t
recon
Bad Report
Writing
Slide 5
Slide 5 text
Approach towards a better
Bug Bounty Hunting
Slide 6
Slide 6 text
Take your time in choosing
the right program
Read and Understand Bug
Bounty Brief
Understand the
Vulnerability/Bug and try to
explain impact to Program
owners
Keep yourself updated with
new update on old program
so that you can be the first
one to test and report
Do manual and automated
Recon. Try to spend more
time on recon
Better Report Writing
Slide 7
Slide 7 text
Tips for
Beginners
Go with VDP’s…Don’t be greedy
Go for wide scopes targets
No low hanging fruits
Learn the “Art of Dorking” Google
Try to learn use of burp extensions
Learn chaining different vulnerabilities
Slide 8
Slide 8 text
Avoid
Screenshots………
Unfollow them, Ignore them
Don’t compare, everyone started from
zero
Spend more time in learning and believe
me you will get success