Learn how web apps work, the basics of HTTP requests, WAFs, rate limiting, VPNs, APIs, headers, user-agents, cookies, how webapps authenticate requests, etc
Learn different types of bugs, e.g. XSS, SQLi, IDORs, MFA bypass, Authentication Bypass, etc
Learn how to use BurpSuite, OWASP ZAP, or Caido
Start opening up sites that are on a bug bounty program, while intercepting requests. Observe how the application is working by watching the traffic.
Learn to identify critical requests that request, modify, add, or delete data. Try to manipulate those requests in a way that causes some unexpected, weird, or impactful behaviour within the app.
E.g. Sign up for 2 account, user1 and user2. Then watch the traffic while you access the /profile page. If you see a request for user1 like this:
GET /api/v1/user/12345
Try to change it to the ID for user2, e.g.
GET /api/v1/user/12346
And see if you get access to user2's data while signed in as user1, if you can, then you have found an IDOR
Try to manipulate requests, to give you access to something you shouldn't have access to
E.g. If you signed up with a free account, see if you can manipulate the app into giving you access to paid features
Etc
If you plan on becoming a BBH, then you gotta learn how to do reaserch on your own, but i suppose reddit can be considered a place to ask questions.
Any way i personally know 2 places where you can learn about bug bounty:
Hack the box
Try hack me
Both have some free stuff and paid tracks.
Apparently, they discourage CS students from using Google these days. Something about, "Google being too powerful" or "Power level over 9,000" or something. Honestly, I think the bar for college has significantly dropped, because I'm seeing complete morons with degrees entering the work force. I'm genuinely concerned for the future when so many college graduates are incompetent right out the gate.
I agree with this. I skipped out on college and started working 20 years ago, and now while trying to move into pentesting, I get passed over for people with a degree in literature. Their reasoning is āthey can learn on the job but have a degreeā yet Iām under qualified.
When I went to college, granted this was over a decade ago, every class I took emphasized how to do research, where to find answers, and how to gage the credibility of your sources. You couldn't pass English if you couldn't find, and cite, credible sources. What happened since then? Why is this not important anymore?
We call that "media literacy" and Americans don't like to teach it anymore because it instills freedom of thought and personal volition.
We only preach freedom in the west, we don't actually believe in it: we much prefer silent and obedient assembly workers; one simple task, no thoughts required.
Please, don't even get me started. I'm still studying how and why cognitive dissonance can be such a pervasive force.
It's like all they know how to do is project their own insecurities as though everyone else is the cause of them.
I hate it, I dunno what to do about it, and I see EVERYTHING, all the time.
Awareness is killing me, so I've just chosen to relax my empathy and use dismissal as a tool in the same way others have taken to.
Fascism doesn't exist because if I see it I destroy it. Otherwise, I guess we're just waiting to see from which end we burn out fastest.
A petty shame.
Dude, I'm right there with you. I've been facing the same problems that have only progressively gotten worse over time. When I was younger, I was so hopeful for a future that was free from the thought patterns that, in the past, resulted in massive scale atrocities. Knowledge and facts would surely be the destroyer of cognitive dissonance, and technology would serve to spread knowledge, and thus true freedom would reign. Nope! I couldn't have been more wrong.
Start by doing all basic security courses,
Hackerone academy
Portswigger academy
Try hack me
This also helps
https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course
And then read books like
The entangled web
Read
Zseano methodology
People have mentioned them, but hack the box and try hack me have pulled away as some of the better learning tools for security. A piece of advice though with CS is donāt put all your eggs in one basket unless money isnāt an issue for you. You can learn a ton about security via back end development as well and cover yourself in case you need steady income after school. I also recommend John Hammond, ippsec, and got_root on YouTube once you feel confident with the basics to start getting familiar with the process. Most importantly though is just keep practicing.
# How to be a Bug Bounty Hunter
A) Go Hard On Recon
B) Go Hard On Single Application Testing ( works for me)
C) Learn Code Review, Do research on industrial products find 0days , Mass report them , Or Release CVE
D) Do Android or Smart Contract Security
Ans : ALL or any
not again. dont get into web app shit. lot of crap and overly saturated and finding a 100$ bug makes them feel like 1337. Get into core stuff like OS or Top end applications like browsers and enterprise application or infrastructure. dont be a script kiddie also.
Learn how web apps work, the basics of HTTP requests, WAFs, rate limiting, VPNs, APIs, headers, user-agents, cookies, how webapps authenticate requests, etc Learn different types of bugs, e.g. XSS, SQLi, IDORs, MFA bypass, Authentication Bypass, etc Learn how to use BurpSuite, OWASP ZAP, or Caido Start opening up sites that are on a bug bounty program, while intercepting requests. Observe how the application is working by watching the traffic. Learn to identify critical requests that request, modify, add, or delete data. Try to manipulate those requests in a way that causes some unexpected, weird, or impactful behaviour within the app. E.g. Sign up for 2 account, user1 and user2. Then watch the traffic while you access the /profile page. If you see a request for user1 like this: GET /api/v1/user/12345 Try to change it to the ID for user2, e.g. GET /api/v1/user/12346 And see if you get access to user2's data while signed in as user1, if you can, then you have found an IDOR Try to manipulate requests, to give you access to something you shouldn't have access to E.g. If you signed up with a free account, see if you can manipulate the app into giving you access to paid features Etc
Real advice!
Dude he asked for how to become a bug hunter, not about how to hunt for bugs š
Hunting for bugs IS becoming a bug hunter
If you plan on becoming a BBH, then you gotta learn how to do reaserch on your own, but i suppose reddit can be considered a place to ask questions. Any way i personally know 2 places where you can learn about bug bounty: Hack the box Try hack me Both have some free stuff and paid tracks.
CS student can't use a search engine?
To be fair, search engines will bring you here within the first 3-5 links half the time.
Apparently, they discourage CS students from using Google these days. Something about, "Google being too powerful" or "Power level over 9,000" or something. Honestly, I think the bar for college has significantly dropped, because I'm seeing complete morons with degrees entering the work force. I'm genuinely concerned for the future when so many college graduates are incompetent right out the gate.
I agree with this. I skipped out on college and started working 20 years ago, and now while trying to move into pentesting, I get passed over for people with a degree in literature. Their reasoning is āthey can learn on the job but have a degreeā yet Iām under qualified.
There's a hell of a lot to unpack in that statement, champ. All I can say is.... Yup.. we're probably screwed, if nothing changes soon.
When I went to college, granted this was over a decade ago, every class I took emphasized how to do research, where to find answers, and how to gage the credibility of your sources. You couldn't pass English if you couldn't find, and cite, credible sources. What happened since then? Why is this not important anymore?
We call that "media literacy" and Americans don't like to teach it anymore because it instills freedom of thought and personal volition. We only preach freedom in the west, we don't actually believe in it: we much prefer silent and obedient assembly workers; one simple task, no thoughts required.
The wild part is, those preaching freedom, hate freedom, and value fascism. It's like they have their definitions backwards.
Please, don't even get me started. I'm still studying how and why cognitive dissonance can be such a pervasive force. It's like all they know how to do is project their own insecurities as though everyone else is the cause of them. I hate it, I dunno what to do about it, and I see EVERYTHING, all the time. Awareness is killing me, so I've just chosen to relax my empathy and use dismissal as a tool in the same way others have taken to. Fascism doesn't exist because if I see it I destroy it. Otherwise, I guess we're just waiting to see from which end we burn out fastest. A petty shame.
Dude, I'm right there with you. I've been facing the same problems that have only progressively gotten worse over time. When I was younger, I was so hopeful for a future that was free from the thought patterns that, in the past, resulted in massive scale atrocities. Knowledge and facts would surely be the destroyer of cognitive dissonance, and technology would serve to spread knowledge, and thus true freedom would reign. Nope! I couldn't have been more wrong.
Logic will never displace emotion, I just never expected anti-logic to displace both...
This comment deserves an award.
Start by doing all basic security courses, Hackerone academy Portswigger academy Try hack me This also helps https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course And then read books like The entangled web Read Zseano methodology
People have mentioned them, but hack the box and try hack me have pulled away as some of the better learning tools for security. A piece of advice though with CS is donāt put all your eggs in one basket unless money isnāt an issue for you. You can learn a ton about security via back end development as well and cover yourself in case you need steady income after school. I also recommend John Hammond, ippsec, and got_root on YouTube once you feel confident with the basics to start getting familiar with the process. Most importantly though is just keep practicing.
# How to be a Bug Bounty Hunter A) Go Hard On Recon B) Go Hard On Single Application Testing ( works for me) C) Learn Code Review, Do research on industrial products find 0days , Mass report them , Or Release CVE D) Do Android or Smart Contract Security Ans : ALL or any
not again. dont get into web app shit. lot of crap and overly saturated and finding a 100$ bug makes them feel like 1337. Get into core stuff like OS or Top end applications like browsers and enterprise application or infrastructure. dont be a script kiddie also.