What would I do if I start bug hunting from 0 again?
I hope you are doing great. Finding bugs and making a lot of money. So many new bug hunters ask me this question: If I start doing bug hunting again what I would do?
Note: Whatever I am telling you is not the best way or maybe not the right way but this is what I would do.
What I already know now:
- Asking every bug hunter in DM will not help me.
- Asking in their bounty post for tips and tricks will not help
- Asking other bug hunters for their methodology will not help. Why? because their methodology is advanced and I can’t do anything even if I know it. step by step.
- Being depressed about duplicates and N/A will not help me.
- Asking a bug hunter for the best automation tool, extension, or one-liner will not help me.
This is what I will do (everything is free):
- I will start with youtube videos (take notes)
- InsiderPhD: she explains everything very well. beginner friendly. start watching from her first video.
- FarahHawa: watch every video of her.
- Nahamsec: nahamsec is legend. Watch every video of ben. and take notes
2. Practice (take notes)
3. Read (take notes)
- Read hackerone disclose reports: https://hackerone.com/hacktivity
- Read all blog posts https://pentester.land/list-of-bug-bounty-writeups.html
4. Tools (take notes)
There are thousands of tools available for free now. So What I will do is spend a lot of time reading tools readme.md (how the tool works, what are flags)
- I will check every single bug-byte blog post to find tools. I will use a lot of tools.
Let's say someone told you to use assetfinder, findomain, amass, etc and you are just using them. You are doing wrong. If you just spend a few days finding tools on GitHub. You maybe find better tools. And this will change the game completely.
5. Pick the target
- If you are interested in testing XSS. Go for the wide-scope target. As you already read, practice, and have good knowledge of tools now. You will find bugs.
- If you link to test permission model, business logic, etc. Go for an API-based target.
- If you link to do recon, FUZZING, etc. Go wide. You can choose multiple targets as well. To do recon and fuzzing.
6. Now come on to Twitter
- Make friends. Hunt together. share knowledge and learn from each other.
- Hunt on multiple platforms and build a relationship with the platform, team, and customer. This will help you a long way.
It's your journey. one day you will write a blog post, help new bug hunters on twitter, etc. Everything required time investment if you are ready to spend the time you will be great one day. You will fail so many times, It will not going to be easy but trust me if you keep doing it, You can do anything in your life.
Build a habit to do hunting every day. if you learn something new look for it in a few programs. At least hunt 2hr/day without thinking about bugs, bounty, etc. You will not realize but after 6 months, You know so many attacks, you have big notes/checklist, It will become like a habit for you to hack every day.
10. Be grateful :)
Be grateful for what you have. Everything will come just keep doing it.
Have a great day ahead!