You need to hear this if you are new/want to start bug hunting

Hello everyone,

It's me Mohsin khan. You maybe know me as tabaahi_.

I hope you are doing well. Today I want to talk about what will make you a better bug hunter & how to ask the right questions. Mental health maybe.

What mistakes do beginners make:

  1. They think bug hunting is easy money

What bug hunting Exactly is :

  1. Bug hunting is not easy money. Programs don’t care how many hours you work until you find the valid bug.

Ask the right questions :

The first impression is the last impression. In my 2+ years of full-time bug hunting, I talk to lots of bug hunters. If you ask the right questions they will reply for sure. Imagine talking to hackerone all-time top 20 (Yahoo Elite) bug hunter for 2 hours. I did it. Can’t name bug my friends know whom I am talking about. Let me tell you how you will do it

  1. Let's say you want to talk to naffy? (Naffy I am sorry brother). He will not be going to reply to your secret methodology dm right? Pick few programs where he hacks yahoo, PayPal, Google, apple maybe. Try to find Open redirection and DM him.
I saw one of your tweet. You said you need Open redirection on XYZ programs to exploit SSRF. I have one. Would you like to collab?

You can apply it to anyone. Find low-hanging bug. DM to top 10 bug hunters of that program. and ask them if you need it to chain something. They will reply for sure. Also, you will learn something new from them. I did it multiple times.

The dark side of bug hunting, You should know:

  1. You will love/hate to do it.

So what to expect and what to do

  1. Health is wealth. Focus on your health first. You can follow Pomodoro technique. 45-minute work 25-minute break (walk). Exercise daily.

let me know on twitter . If You like this. Also let me know if I made any mistakes while writing. And sorry for my bad English again. Take care!

Have a great day!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store