From beginner to submitting 5 reports to HackerOne

pirateducky on April 18, 2019

Success is going from failure to failure without losing enthusiasm. - Winston Churchill. I am writing this to make myself accountabl... [Read Full]
markdown guide
 

Hi, Iā€™m also a N00B like you but I would suggest sticking with one or a few applications and learning interesting things apart from low hanging fruits like xss etc. Challenge yourself to go for the hard high hanging fruits that pay a buck. Also you can top your game by reading specifications and standards of the web. Lastly work with a mentor, be positive minded more and document your findings.

 

Thanks for the awesome feedback, reaching further than just low hanging fruit is really important for growth and education, and also finding a mentor & group of friends is huge because this field is hard and it can get frustrating, so I absolutely agree with everything you said!

 

I am security researcher at bugcrowd but same like all got duplicate can you help me related to CTF I find much but got much resources but can't understand where to start like in bug bounty I learner from p4 to P1 but here is no idea what to do ?

 

I think the most important thing in bug hunting is sticking with a target, choosing one vulnerability and sticking with that one throughout the application seems to be what most bug hunters suggest. Also, use the application as a regular user and keep in mind all endpoints you see, this will give you a good layout of the application and the functions that run in the back-end. I'm still looking for my first valid bug as well but let's keep trying and learning! If you have any tips I'd love to hear them as well!

code of conduct - report abuse