Creating that perfect base hacking environment... is it really needed?

Hi All

Before i can even think about actively tackling bugs, the first thing that comes to my mind is… The environment on which you are performing the hack. I have couple of questions regarding this point.

Hack Performed on the BASE Operating System or VM?

-Operating System Fully Patched
-Various Operating System Versions (7,8.1,10)
-Various Browsers Tested with Bug (IE/Edge/Chrome/FF)

I can assume that there is a clean way to perform the hack, vs the dirty way (Performing and using the hacking tools on your base operating system) For the seasoned bug bounty hunters do you work strictly within VMs?

I’m sure that this question would really depend on the type of bug you are trying to find, Say for an Application Hack you wouldn’t want to install all these applications on your Base machine, but for Web App hacking you wouldn’t mind performing these hacks on your Base machine?

Or does it really not even matter?

Look forward to your response


Hey @DoGByTe-ZN!

Tons of researchers these days are using Kali Linux. You can easily install Kali Linux inside a VM, plus it comes w/a ton of hacking tools already installed and built in. It’s super useful!

Thank you kindly for pointing me in the right direction, I have had my fair bit of fun with Kali Linux :slight_smile: