Bug bounty programs have been around for over two decades now, but it's only a couple of years since organizations started adopting this on a large scale. The concept of crowd sourcing talent and test security to assess the flaws kicked off well.Initially, what started by tech giants is widespread, resulting in state of the art security applications and implications. The leap is proving to be far more valuable, contributing to a safer playing field as well as leaving more room for improvements.The unexpected turn of events most certainly gave birth to a new branch of employment with most of the players being freelancers. Those who started earlier are now established but what about those wannabe bounty hunters? How should they become one?The bug bounty program is kind of reverse engineering (not exactly), so to find what might be a flaw, one must learn. Once mastered, you'd be able to do much more than finding vulnerabilities: you would develop cool security apps or do lots of hunting on your own and write a research paper.
Start with reading
The best way to learn is to read. Every single person who succeeded as coder or hacker knows how big of a difference reading makes. Read other established bounty hunters, books you can take reference from or stories how someone got a breakthrough.Reading will not only make you think of new ways; it will also prepare you for similar encounters. Some of the books to read:"Breaking into Information Security: Learning the Ropes 101" - Author: Andy Gill“Crytpo 101” - Author: Lauren Van Houtven“Learn Python the Hard way” - Author: Zed A. Shaw“Ethical Hacking and Penetration Testing Guide” - Author: Rafay Baloch“OWASP Testing Guide V4,” Bounty hunter Jason Haddix strongly recommends this to people starting their journey in testing field.Basics to Get Started With
There's so much to know that even if you tried learning all, you couldn't do it. -- Start with OS, Linux is easy and complicated at the same time and since you can't google every command line when you're stuck. It's better you learn the basics like how to load software application on Linux. You're going to need a lot of software over time, and unlike Windows, you cannot just click and install.-- Next is the web app development part. One has to be familiar with both aspects - client-side coding and server-side coding - of the app development. Meaning, you'd have to try your hand at coding languages such as HTML, CSS, AJAX, JavaScript (Client-side) and Python, PHP, Ruby on Rails and other (Server-side). -- Networking basics to learn how to connect servers and clients, emails for example, how to find devices on a network (IP addresses) and the network's building blocks, for instance, switches, cables, hubs, etc.See, Listen and Observe
While you're learning all the basics, it's an excellent time to see what established bounty hunters do. Listen to their podcast, vlog, and stream where they talk about methodologies and tricks. Observe what all the bounty hunters have in common and what sets them apart from rest and each other.Successful professionals have a knack to do things out of the ordinary, approach errors differently or develop solutions no else has ever thought of before. Keeping a sharp eye and an active mind pays off well. They see loose ends that no else saw or pen testers missed, which could have been exploited if noticed by black hat hackers. Some best bug hunters to follow:Jasson HaddixRafay BalochRoy CastilloShubham ShahPractice like You’re on Defcon 1
All that learning and listening isn’t going to be fruitful if you don’t practice. There’s a reason why legends are legends: they practiced tirelessly, stayed up late, and slept little. They perfected their skills in making apps before heading into breaking it.Join forums, discussion sites, and ask questions. Participate in forum debates as you’ll always get to learn something new. Watch tutorial videos and practice that, if an idea comes to your mind, execute it. Explore and examine POC (Proof of Concepts) by other hackers. Immerse yourself into bug hunting tutorials and recreate it to see your progress.If possible, approach one of the famous white hackers and ask for a tip. Most of the hackers are polite and never hesitate to impart expert advice with genuine knowledge seeker.Use all the gained expertise and test it on vulnerable apps. These apps are deliberately developed with flaws for hackers to practice. Some of the vulnerable apps are:DVWA (Damn Vulnerable Web App)Metasploitable 2&3Hack MeVulnhubWeb Security DojoBattle Plan
At this point, you know all but not good enough to compete in a Bug Bounty Program. If you tried hunting for small companies, you might get lucky once or twice, and that’s about it. To prove your mettle on big companies like Microsoft, Facebook, CREDITS, Tesla, Google, U.S. Department of Defense, to name a few, it takes more than sheer luck.-- Instead, join platforms for further insights. Explore hot topics like -- How to approach a bug bounty when you’re new. -- What complete vulnerability report looks like and how to create one. Writing PoCs (Proof of Concepts) and -- Finally reporting a bug. Try Googling methodologies for bug bounty and read and listen, it will help clear doubts. Some platforms to join:HackerOneGithubIntigritiBugCrowdAntihackCarving Success One Bug at a Time
After you enter the competition, it is time to exhibit what you learned. Remember, you probably have a tough start, the flaws you discover may give you pennies, but that shouldn’t down your morale. People earning fortune started where you’re at the moment. Learn from your mistakes, develop your ethical ways, and keep on practicing because each bug you find improves your skill and take you to another level. Conclusion
Bug bounty hunters are one of the most sought after experts in the market today. With the rising dependency of businesses on apps and networks, the demand for white hat hackers and pen testers have risen ten folds, too. This leaves ample space for new entrants to earn more than daily bread. Becoming a bug bounty hunter sure is hard, the rewards, however, outweighs the struggle.