Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to get started in bug bounty
Search
Tushar Verma
June 18, 2021
Education
1
500
How to get started in bug bounty
Learning path for Bug Bounty
Bug Bounty Platforms
Report Writing/Bug Submission
Tushar Verma
June 18, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
700
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
600
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
Other Decks in Education
See All in Education
SJRC 2526
cbtlibrary
0
180
2025年の本当に大事なAI動向まとめ
frievea
0
160
渡辺研Slackの使い方 / Slack Local Rule
kaityo256
PRO
10
10k
The browser strikes back
jonoalderson
0
300
20251023@天童市いこう会
koshiba_noriaki
0
120
NUTMEG紹介スライド
mugiiicha
0
760
【ZEPホスト用メタバース校舎操作ガイド】
ainischool
0
160
1014
cbtlibrary
0
510
✅ レポート採点基準 / How Your Reports Are Assessed
yasslab
PRO
0
270
ThingLink
matleenalaakso
28
4.3k
JAPAN AI CUP Prediction Tutorial
upura
1
180
Web Application Frameworks - Lecture 3 - Web Technologies (1019888BNR)
signer
PRO
0
3.2k
Featured
See All Featured
jQuery: Nuts, Bolts and Bling
dougneiner
65
8.4k
Navigating Weather and Climate Data
rabernat
0
68
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
231
22k
How to Think Like a Performance Engineer
csswizardry
28
2.4k
Abbi's Birthday
coloredviolet
0
4.3k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.7k
Learning to Love Humans: Emotional Interface Design
aarron
274
41k
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
690
YesSQL, Process and Tooling at Scale
rocio
174
15k
Paper Plane
katiecoart
PRO
0
45k
Game over? The fight for quality and originality in the time of robots
wayneb77
1
78
Marketing Yourself as an Engineer | Alaka | Gurzu
gurzu
0
110
Transcript
HOW TO GET STARTED IN BUG BOUNTY BY: TUSHAR VERMA
WHOAMI Bug Bounty Hunter Synack Red Team Member Infosec Trainer
AGENDA • Learning path for Bug Bounty • Bug Bounty
Platforms • Report Writing/Bug Submission
WHAT IS BUG BOUNTY? Bug Bounty is a deal offered
by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.
BASIC TECHNICAL THINGS TO GET STARTED INTERNET, HTTP, TCP/IP LINUX
AND BASH SCRIPTING LEARNING BASICS OF HTML, PHP, JAVASCRIPT
CHOOSING YOUR INITIAL PATH Web application Security Testing Mobile Application
Security Testing
FOR WEB APPLICATION PENETRATION TESTING Web Application Hacker’s Handbook Web
Hacking 101 PortSwigger Academy Pentesterlab BugBountyHunter
FOR MOBILE APPLICATION PENETRATION TESTING OWASP Mobile Testing Guide Mobile
application hacker’s handbook Mobile Security Wiki by Aditya Agrawal DIVA (Damn insecure and vulnerable App) Android & iOS
BUG BOUNTY PLATFORM: • Bugcrowd • Hackerone • Hackenproof •
Intigriti • YesWeHack • Inspectiv • Synack • Cobalt
WHICH CHECKLIST TO FOLLOW??? OWASP Web Application Security Testing Checklist
Bugcrowd Vulnerability Rating Taxonomy
REPORT WRITING
• Vulnerability Name: • Technical Severity: • Vulnerable URLs: •
Vulnerability Description: • Steps to Reproduce: • Impact: • Suggested Countermeasures:
GET IN TOUCH AT • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
THANK YOU
e11i0t_4lders0n
cbtlibrary
frievea
kaityo256
jonoalderson
koshiba_noriaki
mugiiicha
ainischool
yasslab
matleenalaakso
upura
signer
dougneiner
rabernat
danielanewman
csswizardry
coloredviolet
honnibal
aarron
aleyda
rocio
katiecoart
wayneb77
gurzu
