Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to get started in bug bounty
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Tushar Verma
June 18, 2021
Education
510
1
Share
How to get started in bug bounty
Learning path for Bug Bounty
Bug Bounty Platforms
Report Writing/Bug Submission
Tushar Verma
June 18, 2021
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
220
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
800
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
610
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
Other Decks in Education
See All in Education
自己紹介 / who-am-i
yasulab
6
6.7k
Data Presentation - Lecture 5 - Information Visualisation (4019538FNR)
signer
PRO
1
3.1k
演習:Gitの応用操作 / 05-git-advanced
kaityo256
PRO
1
290
教育現場から見た Ruby on Rails
yasslab
PRO
0
140
2026年度春学期 統計学 第3回 クロス集計と感度・特異度,データの可視化 (2026. 4. 23)
akiraasano
PRO
0
110
0318
cbtlibrary
0
120
演習:GitHubの基本操作 / 06-github-basic
kaityo256
PRO
1
320
応募課題(’25広島)
forget1900
0
1.3k
Populism, Post-Liberalism & Climate Change
vyadav
0
150
[2026前期火5] 論理学(京都大学文学部 前期 第1回)「ハルシネーションを外部世界との対応を考えずに見分ける方法」
yatabe
0
920
Virtual and Augmented Reality - Lecture 8 - Next Generation User Interfaces (4018166FNR)
signer
PRO
0
2.2k
Gitの仕組みと用語 / 01-b-term
kaityo256
PRO
1
360
Featured
See All Featured
HTML-Aware ERB: The Path to Reactive Rendering @ RubyCon 2026, Rimini, Italy
marcoroth
1
34
For a Future-Friendly Web
brad_frost
183
10k
We Have a Design System, Now What?
morganepeng
55
8.1k
Building Applications with DynamoDB
mza
96
7k
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
4.2k
What’s in a name? Adding method to the madness
productmarketing
PRO
24
4k
Color Theory Basics | Prateek | Gurzu
gurzu
0
310
Balancing Empowerment & Direction
lara
6
1.1k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
110k
Git: the NoSQL Database
bkeepers
PRO
432
67k
Docker and Python
trallard
47
3.8k
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
61
44k
Transcript
HOW TO GET STARTED IN BUG BOUNTY BY: TUSHAR VERMA
WHOAMI Bug Bounty Hunter Synack Red Team Member Infosec Trainer
AGENDA • Learning path for Bug Bounty • Bug Bounty
Platforms • Report Writing/Bug Submission
WHAT IS BUG BOUNTY? Bug Bounty is a deal offered
by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.
BASIC TECHNICAL THINGS TO GET STARTED INTERNET, HTTP, TCP/IP LINUX
AND BASH SCRIPTING LEARNING BASICS OF HTML, PHP, JAVASCRIPT
CHOOSING YOUR INITIAL PATH Web application Security Testing Mobile Application
Security Testing
FOR WEB APPLICATION PENETRATION TESTING Web Application Hacker’s Handbook Web
Hacking 101 PortSwigger Academy Pentesterlab BugBountyHunter
FOR MOBILE APPLICATION PENETRATION TESTING OWASP Mobile Testing Guide Mobile
application hacker’s handbook Mobile Security Wiki by Aditya Agrawal DIVA (Damn insecure and vulnerable App) Android & iOS
BUG BOUNTY PLATFORM: • Bugcrowd • Hackerone • Hackenproof •
Intigriti • YesWeHack • Inspectiv • Synack • Cobalt
WHICH CHECKLIST TO FOLLOW??? OWASP Web Application Security Testing Checklist
Bugcrowd Vulnerability Rating Taxonomy
REPORT WRITING
• Vulnerability Name: • Technical Severity: • Vulnerable URLs: •
Vulnerability Description: • Steps to Reproduce: • Impact: • Suggested Countermeasures:
GET IN TOUCH AT • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
THANK YOU
e11i0t_4lders0n
yasulab
signer
kaityo256
yasslab
akiraasano
cbtlibrary
forget1900
vyadav
yatabe
marcoroth
brad_frost
morganepeng
mza
ipullrank
productmarketing
gurzu
lara
twada
bkeepers
trallard
rkaga
