5 Most Effective Ways of Learning in Bug Bounty
2021-07-01 23:01:57 Author: infosecwriteups.com(查看原文) 阅读量:113 收藏

Karan Arora

Follow these ways and no one can stop you from achieving your dream !!

Let’s get straight into it.

1. READ WRITEUPS

I can’t stress it enough when I say read writeups, it is the most valuable learning resource because when you read a writeup about a particular vulnerability or something else, you are reading it from someone else experience. You can learn from their experience and implement it in your hunting process.

Start reading writeups from here ⬇

2. CVE

People generally don’t follow much on the latest CVEs but believe me when I tell you, you should keep yourself updated with the new CVEs and other daily updates they provide. Sometimes organization don’t update their services according to the latest CVEs and that’s where you strike.

Search about CVEs here ⬇

https://cve.mitre.org/cve/search_cve_list.html

3. TWITTER

It’s a popular saying, “surround yourself with things and people that help you grow in the direction you want yourself to grow”. And that’s why use Twitter and follow all the best content creators, hackers in the bug bounty field. It will help you stay connected with the bug bounty community and help you make new connections and sometimes have fun with like-minded people.

Check my Following list on Twitter, you will get the list of all the hackers to follow.

Twitter: https://twitter.com/Itskaranxa

4. PUBLIC REPORTS

It’s a good practice to read the latest public reports that have been disclosed, When you read these reports you get to know about the real causes of vulnerabilities and also you learn how to write a perfect report while reporting on a platform. You also learn how to communicate with the security team in a professional way.

List of 1 Million Publicly Disclosed Reports: https://github.com/phlmox/public-reports/blob/main/hackerone-one-million-reports

5. Communicate with the Community

At the last, I would really like to solve your doubts ( drop a message on my Twitter: @itskaranxa ) and you can also ask other hackers in the community. Always try to have a helping nature in the community and help each other. Remember #Togetherwehitharder. Be kind to everyone, create a positive community around you.

BONUS :

There are many online labs to perform the practicals, you can definitely use them to expand your practical aspect of things. My suggestion, if you are starting out, don’t go for paid labs.

First, try to perform your practicals on these things:

Note : Please be respectful when sending your doubts and don’t spam. Ask relevant questions

IF YOU FELT THIS WAS WORTH YOUR TIME THEN

SUBSCRIBE FOR MORE. STAY CURIOUS!

Previous Writeups ⬇


文章来源: https://infosecwriteups.com/5-most-effective-ways-of-learning-in-bug-bounty-afaf097f4df1?source=rss----7b722bfd1b8d--bug_bounty
如有侵权请联系:admin#unsafe.sh