Researcher Resources - How to become a Bug Bounty Hunter

good thanks for it

@samhouston I’m new to the site and Bug Hunting and this really helps me have a starting point to get started as a Bug Bounty Hunter. Do you have any update information to add for 2020 that could help while we are in lockdown/stay at home mode? I have the Hacker Play books there any current books that might be better or the ones listed still true today.

Hi there! I’d be happy to help you get started. First, watch this video:, then check the resources at the top of this thread- they’re still useful! You can also read up on methodology here: and also be sure to check out labs, which are a great way to learn. Be sure to check out, and Of course, there’s also LevelUp 0x06, an entirely virtual conference that is happening May 9th and you can check out the videos from our previous LevelUp series.

You can also join us on Discord to ask questions and learn from other people in the community. Good luck, and happy hunting!


Very helpful!! Thanxs for the content.

Hi @samhouston,
Just beginner in beginning here.
The article you have shared is very beautifully constructed.
Thanks for sharing knowledge and will go through the books you have mentioned.
Thanks again …

Hope for more from you in future…

Thanks @samhouston for all the info, these days of quarantine have been the perfect time to start learning and getting goals, this post is helping a lot.

Hi @samhouston.

Your codex is amazing and the "easter eggs in the above replies are worth the read.

Many thanks and much appreciated.

Thank you :smile: :smile: :smile:

I want to work with bug bounty. I am new in this field. But my background is IT. I have some certification on CISA , ISO ISMS. I am also doing some courses in Udemy on ethical hacking , website hacking etc. How can I start and from where should i start.
Thanks in advance for your valuable replies.

hey @Abir_Khandokar ,
I recommend you learning recon and start point only or responsible disclosure program. Tt’s best options for you…

Thanks brother for this great article.

The description for the WAHH book given by this article is as follows:

This is an absolute must-read and considered the web-app hacker’s ‘bible’. This book starts from square one, walking you through getting Kali Linux installed all the way through using tools and finding exploits.

This doesn’t sound right because this book doesn’t talk about Kali Linux. Is this an error in the article?

This is nice compilation of resources and approach to get started. Thank you!

muito bom seu post está me ajudando muito esta de parabens

Boa noite, gostei muito do seu tópico está me ajudando bastante ultimamente com as ferramentas e as técnicas que encontrei, de encontrar bugs… estou muito empolgado
Eu tenho uma pergunta a fazer?
Será que preciso fazer algum treinamento em alguma instuição, para ter mais base ou instituição somente para diploma kkkk ou ser auto-didático aprendendo sozinho e avançando conforme ao tempo.

I wanted to say I’m happy to be able to be a part of the community.

Also, I would like to thank @samhouston for the great depth of detail shared. I find it’s uses and instructions to be quite generous and the visual layout is user friendly making it easy to navigate.

Blessed Regards,

1 Like

what if you cant afford the books?

this link not work!
OWASP Testing Guide v4

Thank you so much, I’m excited to check out your resources!

Hi guys!

We’re organizing this cyber security hackathon (03 Jun - 17 Jun)!

Check it out if you are interested.