May 9, 2021

Bug bounty hunting step by step (practical) resources?


Home Forums Bug bounty hunting step by step (practical) resources?

This topic contains 1 reply, has 2 voices, and was last updated by  jrosend963 3 weeks, 4 days ago.

  • Author
  • #383030


    I’ve been reading books and doing courses on penetration testing and bug hunting for a while, but I find most of them point to CTFs as the place to practice a hands-on approach. I’ve been doing that but can’t help but notice a big difference between doing CTFs and real-world bug hunting. Only a handful of them are web apps (which I will be focusing on) and the vulnerabilities don’t seem “real” enough. Feels like I have all the pieces of the puzzle and the picture on the box, but I don’t know the methodology that people follow to complete them.

    I know that I should just jump head first into HackerOne but I would like to see someone actually working on a real bounty and try to get a feel for the process. As an example I’m looking for something like a longer version of this [video by InsiderPhd](

    Any tip on a book/video/course/etc would be greatly appreciated, thanks in advance!

  • #383032


    I don’t know anything about hacking but I made an account on hackerone.

    Is that okay?

You must be logged in to reply to this topic.