Researcher Resources - How to become a Bug Bounty Hunter

Congratulations! It’s very exciting that you’ve decided to become a security researcher and pick up some new skills. We’ve collected several resources below that will help you get started. Read on for our walkthrough.

Step 1) Start reading!

There are some go-to books that you can buy to help you learn the basics and essentials of penetration testing and bug hunting. Since bug bounties often include website targets, we’ll focus on getting you started with Web Hacking and later we’ll branch out.

Note

It’s very important to focus on an area of hacking that is interesting & exciting to you. Focus on that one area and pick up new things as you go, but don’t try to be the “ultimate hacker” and learn everything. The greatest hackers on Bugcrowd have specialities and areas of interest, but they don’t know how to hack everything.
Hacking is a lifelong journey of learning.

Your two go-to books are the following:

The Web Application Hacker’s Handbook
This is an absolute must-read and considered the web-app hacker’s ‘bible’. This book starts from square one, walking you through getting Kali Linux installed all the way through using tools and finding exploits.

OWASP Testing Guide v4
Highly suggested by Bugcrowd’s Jason Haddix

For further reading:

Penetration Testing

The Hacker Playbook 2: Practical Guide to Penetration Testing

The Tangled Web: A Guide to Securing Web Applications

And for our Mobile hacking friends:

The Mobile Application Hacker’s Handbook

iOS Application Security


Step 2) Practice what you’re learning!

While you’re learning it’s important to make sure that you’re also understanding and retaining what you learn. Practicing on vulnerable applications and systems is a great way to test your skills in simulated environments. These will give you an idea of what you’ll run up against in the real world.

Hacksplaining
This is a great site to learn a bit more about various web hacking techniques and how they’re done. It’s actually more of a practical walk-through. Super useful!

Penetration Testing Practice Labs
This site has a massive list of practice apps and systems for several hacking scenarios. Use this list to find new testing labs and sites to practice your skills.


Step 3) Read tech write-ups and POCs (Proof of Concepts) from other hackers and watch tutorials on YouTube!

Now that you’ve got a baseline understanding of how to find and exploit security vulnerabilities, it’s time to start checking out what other hackers are finding in the wild. Luckily the security community is quite generous with sharing knowledge and we’ve collected a list of write-ups & tutorials:

Bug Bounty write-ups and POCs
Collection of bug reports from successful bug bounty hunters.

Bug Hunting Tutorials
Our collection of great tutorials from the Bugcrowd community and beyond.

/r/Netsec on Reddit
Netsec on Reddit is almost exclusively tech writeups and POCs from other researchers. A fantastic resource.

JackkTutorials on YouTube
Jackk has created many tutorials that walk you through CSRF, XSS, SQL Injection, Target Discovery and much more.

DEFCON Conference videos on YouTube
Watch all of the talks from DEFCON over the years. Very useful resource.

Hak5 on YouTube
Hak5 typically focuses on hardware hacking, but in addition to that they also have the ‘Metasploit Minute’ show, HakTip: NMap and much more.

Awesome-Infosec
This is a curated list of helpful security resources that covers many different topics and areas.


Step 3-A) Gather your arsenal of tools
Tools don’t make the hacker, but they’re certainly helpful! Bugcrowd has curated an extensive list of tools that you can add to your bag of tricks:

Bugcrowd Researcher Resources - Tools


Step 4) Join the community!

You’re joining a global community of over 29,000 hackers. Luckily many of these hackers are happy to share their knowledge with a fellow polite & curious researcher.

Follow White-Hat Hackers on Twitter
A list of bug bounty hunters that you should be following.

Join the Bugcrowd Discord to chat with other researchers, share resources, and collaborate

Join the #Bugcrowd IRC channel to talk to over 100 security researchers

Follow @Bugcrowd on Twitter to keep up with the latest infosec news

Join the Bugcrowd Forum for more resources & to chat with other researchers


Step 5) Start learning about bug bounties

Okay, now you’re at the point where it’s almost time to start hunting for bounties. But first, let’s learn how bug bounties work and how to get started, just to make sure we maximize our chances of success.

How to approach a target
Advice from other bug hunters that will help you find more success when approaching a bug bounty.

How to write a Great Vulnerability Report
This will walk you through how to write a great vulnerability report. The better your report, the higher chance you will get a bounty!

How to write a Proof of Concept
Proof of Concepts show the customer how your bug is exploited and that it works. This is crucial to being rewarded successfully.

How to Report a Bug
Our walkthrough for reporting a bug via the Bugcrowd platform.

Bug Bounty Disclosure Policy
These are the rules of the road. It’s very important that you understand the bounty program’s bounty brief and disclosure policy.

Read the Bounty Hunter’s Methodology

This is a presentation that @jhaddix gave at DEFCON last year and it’s a super useful look at how successful bounty hunters find bugs. Check out the Github and watch the video.


Step 6) Get hacking!

There’s something for everyone at Bugcrowd. No matter your skill level, interests, or ambition when it comes to hacking, we’ve got something for you. Looking to hack and make serious money while doing so? Want a safe and nurturing community to practice your skills? Interested in making the internet a safer place? Or maybe you’re looking for ways to get into hacking (possibly even making it into a career), and need a way to get started?

Check out our detailed Guide to Hacking with Bugcrowd and Why You Should Get Started Today.


Step 7) Always Be Learning & Networking

Like we mentioned earlier, hacking is a lifelong journey of learning. This is what makes this field so exciting! There are always new articles and presentations to learn from, interesting people to meet at conferences or local meetups, and new opportunities to pursue.

Bug bounties are a fantastic way to enter the InfoSec community and build your career. Use bug bounties as a way to make extra money, improve your skills, meet new people, and even build out your resume.

Remember, always act professional and treat people well. This is a small community and we like to take care of each other - you never know who you might meet!

63 Likes

Thank you so much @samhouston. :slight_smile:
This is a great and useful thread I have ever read about bug bounty hunting !
Waiting for more thread like this…

3 Likes

Thanks @4c4! If you have any ideas for other threads you’d like to see, please PM me :slight_smile:

2 Likes

Great tutorial for newbies like me!!! Thanks Sam!!!

1 Like

does it need good programming skills ? i dont have any programming skills can i understand this ? i am a mechanical engineer

If you understand a bit of HTML you can definitely start to make an impact, but I think you need at least a little bit of familiarity with javascript to level-up.

In my opinion, programming knowledge will definitely be required to get to the highest skill levels - there’s some bugs that just don’t make sense unless you know how a web application is put together. (e.g. sometimes you might do something and see an error output message; being able to decipher and understand that message can lead you to new bugs)

There’s definitely researchers out there doing brilliant work who don’t have much programming skill though, and you can always pick up those skills as you go. (Check out http://learnpythonthehardway.org/book/)

3 Likes

Thanks brother for your informative article. (ninja)

1 Like

This is very helpful and thank you for this family-like community. I am excited to start my life as an ethical hacker.

Really a Very Nice Article :grinning:

Thanks for the advice. Will take to heart.

2 Likes

Some more good resources:

https://pentesterlab.com/bootcamp

That’s a great stuff for beginners like me. Thank u :slight_smile:

Great article for beginners like me.

Very useful!

I can’t wait to get started…thank you for providing so much helpful information.

Epic Swoleness

This is called an article. An awesome article for beginners like me. Thank you so much for giving this.

Hi is it worth it to still read web app hackers handbook…can go directly to owasp???

1 Like

@samhouston please add prakhar prashads Mastering Modern Web Penetration Testing in web section.New bugs are explained in a very good manner there.It will be very help full for the new hackers.Thanks.

Hi @fatinsourav do you have a link?

1 Like

it on amazon take a look at the look inside for a preview [ this is NOT an affiliate link } https://www.amazon.co.uk/Mastering-Modern-Web-Penetration-Testing/dp/1785284584

1 Like