Hey Guys! Agent47_2458 here! Hope you all are doing great!
So Today I’ll Explain What is Bug hunting and what are the Pre-Requisites or What you need to know before starting Bug Hunting. This is for beginners.
First of all, you may ask, WHAT ACTUALLY IS BUG HUNTING?
~ Bug-Hunting is made up of two words, Bug and Hunting. A bug in Cybersecurity refers to any Flaw or vulnerability or weakness of any application website etc, which can harm the organization and somehow affect it’s Integrity, Confidentiality or Availability(CIA), and Hunting means when you hunt for those flaws/vulns.
What to Learn!?
Clear your fundamentals before going to learn anything.
• Internet, HTTP, TCP/IP.
• Networking.
• Command-line.
• Linux.
• Web technologies, java-script, PHP, java etc.
• Owasp top 10.
If you have Programming knowledge, it’ll be a plus point, but if not no worries!
Choose Your Path:
Now, If you get fimiliar with all these topics, it’s now time to choose any path in which you want to work and find Vulnerabilities.
• Web Pentesting.
• Android Application Pentesting.
• IOS Application Pentesting.
Take any one of them as a main stream, you can always have a side stream too!
Let’s discuss some resources that will help you to get started in Bug Bounty.
BOOKS
Books For Web:
• Web app hackers’ handbook.
• Web hacking 101.
• Mastering modern web pen testing.
• Bug Bounty Playbook.
• Real-World Bug Hunting.
• OWASP Testing Guide.
Books For Mobile:
• Mobile application hacker’s handbook.
Youtube Channels:
• Nahamsec.
• Hackersploit.
• Stok.
• The Cyber Mentor.
• Hakluke.
• Hacksplained.
• ippsec.
• John Hammond etc.
Writeups, Blogs, Examples:
These resources will help you to understand how things work with real-life examples.
• Intigriti Bug Bytes.
• Medium (infosec writeups).
• HackerOne Hack activity.
• Pentesterland.
• HowToHunt.
• Security Workbook on Application Security.
Socials:
• zseano.
• nahamsec.
• TomNomNom.
• Jasson Haddix.
• stokfredrik.
• hakluke.
• CYBER SECURITY.
• Jensec.
• cybermentor.
• Harsh Bothra.
• aditya Shende.
• Rahul Maini.
• Harsh Jaiswal.
Spend more time on Twitter. They are sharing great content and their methodologies, tools, and techniques.
MOST IMPORTANT TIP: BE YOUR OWN HELPER! NOBODY’S GONNA HELP YOU WITH THESE THINGS, BELIEVE ME NOONE! ALL WILL JUST GIVE YOU SIMPLE ADVICES, SO BUILD-UP YOUR ENUMEARION AND HAVE PATIENCE!
Also Don’t be Jealous with someone’s achievement, Cheer them, they will cheer you too!
I Hope you gained some Knowledge. Good Luck with Your Bug-Hunting Career.
This one is my first Blog, I’ll surely be Writing a few more! Bye! 😄
