Bug hunting refers to the process of identifying and reporting security vulnerabilities or bugs in software applications, operating systems, or other computer systems. Bug hunters, also known as ethical hackers, use various tools, techniques, and methods to scan, test, and analyze software systems for potential weaknesses and flaws that could be exploited by malicious actors. The goal of bug hunting is to improve the security and stability of software systems by identifying and fixing bugs before they can be discovered and exploited by attackers. This helps protect users and sensitive data from security breaches and potential harm.
Maximum people here in Nepal are rushing towards bug hunting in name of dollars, and income through the bug hunting. But I have identified some mistakes that the bug hunters are doing often and writing this blog for them.
- Using a same tool and methodology will give same result. So, think out of the box.
Everyone doing the same circle story with any changing,
Find Subdomains.
Get alive subs.
Nuclei all alive subs.
Get Duplicates!!
2. Jumping for exploitation without understanding the application
Many of us while hunting, run for exploitation without proper recon. Also understanding the functionality of the system and its features will be always an advantage on catching deep scope bugs.
so its better to use the application as a user, and then keep thinking it from attacker perspective, don’t jump right in.
3. See the scope properly
Not understanding the scope of the target before starting bug hunting is a bad approch. It’s important to understand the scope and boundaries of the target, including what is in-scope and what is out-of-scope. Not adhering to these boundaries can result in legal or ethical issues.
4. Not documenting your findings
we need to make a habit of keeping notes, and also document the finding, else you might be victim of thing that i have. Good documentation is essential for effective bug hunting. This includes taking detailed notes on your testing process, the bugs you find, and how you found them. This documentation can help you replicate your results and make it easier to report your findings to the appropriate parties.
5. Lack of patience
Most of the hunters I see today who are beginning, have a very low patience level. It takes time to understand the functionality and catch a bug. People these days, mostly run automation, and if found none, go for next target. This is very bad approach in bug hunting and leads to no findings at all. Finding and reporting bugs can be a time-consuming process, but persistence is key to success. Don’t give up if you don’t find a bug right away, keep testing and trying new techniques until you find what you’re looking for.
6. Ignoring or underestimating the risk of false positive reports
Reporting false positive bugs can harm your credibility as a bug hunter and waste the time of the development team. Be careful to thoroughly validate any bugs you report. so don't report everything that your scanner has shown. Make a habit of scanning it manually.
7. Bad report writing
when triaging, I have found reports like this. where a reporter says it is vulnerable to clickjacking. few others where like, i hacked the server as i will fill the username with rockyou and passwords with rockyou. the reporter also gave me the command as
hydra -L rockyou.txt -P rockyou.txt ssh://target
so always try documenting a proper fact, and a good approach with using markdown properly.
Hope this helps you out. No hate for any one. but writing this to see more progress.
Hoping for some love and share, good day until next time