Hi, I’m also a N00B like you but I would suggest sticking with one or a few applications and learning interesting things apart from low hanging fruits like xss etc. Challenge yourself to go for the hard high hanging fruits that pay a buck. Also you can top your game by reading specifications and standards of the web. Lastly work with a mentor, be positive minded more and document your findings.
Thanks for the awesome feedback, reaching further than just low hanging fruit is really important for growth and education, and also finding a mentor & group of friends is huge because this field is hard and it can get frustrating, so I absolutely agree with everything you said!
I am security researcher at bugcrowd but same like all got duplicate can you help me related to CTF I find much but got much resources but can't understand where to start like in bug bounty I learner from p4 to P1 but here is no idea what to do ?
I think the most important thing in bug hunting is sticking with a target, choosing one vulnerability and sticking with that one throughout the application seems to be what most bug hunters suggest. Also, use the application as a regular user and keep in mind all endpoints you see, this will give you a good layout of the application and the functions that run in the back-end. I'm still looking for my first valid bug as well but let's keep trying and learning! If you have any tips I'd love to hear them as well!
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.