Bug bounty programmes are a way of encouraging the security community to work together to identify and responsibly disclose security vulnerabilities located within a predefined scope. In return for the researcher’s hard work, organisations offer recognition and rewards, including monetary compensation that can sometimes run to thousands of dollars. Some people make their living as bug hunters, so I wrote this article to help anyone interested get started as a bug bounty hunter.
Firstly, you should understand that, unlike a regular security audit for an industry client, there is massive competition surrounding public bug bounty programmes. As a bug bounty hunter, you are not only competing against the security of the target system, but you are also competing against hundreds or even thousands of other bounty hunters – a number that is continually growing. To be successful, you need to accommodate lateral thinking to minimise the probability of your report being marked as a duplicate. Don’t think the likes of XSS and SQLi will suffice; you need to be testing for all manner of vulnerabilities, even the highly unlikely and uncommon ones.
Selecting a Platform
I have found that any bug bounty platform that has an intermediary communication medium is best, mainly because it’s easier to contact and communicate with the target vendor. HackerOne (https://www.hackerone.com) and BugCrowd (https://www.bugcrowd.com) are two well-known platforms that have this feature, both of which are great starting points for setting up as a bounty hunter. There are also a few private programmes, such as Synack (https://www.synack.com), however, this platform should only explored once you have gaining considerable experience…Click HERE to read full article.