Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to Fail at Bug Bounty Hunting

How to Fail at Bug Bounty Hunting

Tushar Verma

August 15, 2021
Tweet

More Decks by Tushar Verma

Other Decks in Technology

Transcript

  1. You participate in the wrong programs Failed to read Bug

    Bounty Guidelines Lots of Duplicate Failed to show impact You don’t stick to a program You don’t recon Bad Report Writing
  2. Take your time in choosing the right program Read and

    Understand Bug Bounty Brief Understand the Vulnerability/Bug and try to explain impact to Program owners Keep yourself updated with new update on old program so that you can be the first one to test and report Do manual and automated Recon. Try to spend more time on recon Better Report Writing
  3. Tips for Beginners Go with VDP’s…Don’t be greedy Go for

    wide scopes targets No low hanging fruits Learn the “Art of Dorking” Google Try to learn use of burp extensions Learn chaining different vulnerabilities
  4. Avoid Screenshots……… Unfollow them, Ignore them Don’t compare, everyone started

    from zero Spend more time in learning and believe me you will get success
  5. Get in Touch • Twitter: @e11i0t_4lders0n • LinkedIn: @tushars25 •

    Instagram: @e11i0t_4lders0n__ • Medium: @tushars2517 • Slides: speakerdeck.com/e11i0t_4lders0n • Email: [email protected]