Wednesday, 16 September 2020

How to Get Started into Bug Bounty By HackingTruth

What is Bug Bounty?

Bug Bounty is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities. How to Get Started into Bug Bounty By HackingTruth

Basic Technical things to get started-:

There are many things you have to learn but I cannot list of all of them here. I’m listing a few important topics and you should learn more by yourself.


Linux — Command line

Web Application technologies

Networking basics

Learning Basics of HTML, PHP, Javascript

Choosing your initial Path-:

Choosing a path in the bug bounty field is very important, it totally depends upon the person’s interest but many of the guys choose the web application path first because according to me it’s the easiest one. How to Get Started into Bug Bounty By HackingTruth

Web application Security Testing
Mobile Application Security Testing


1–Modern Web Penetration Testing

2–The Hacker Playbook Practical Guide

3–The web application hackers handbook

4–Web Hacking 101

5-The Hacker Playbook 2 Practical Guide To Penetration Testing

6–The Hacker Playbook 3 Practical Guide To Penetration Testing

7–Hands On Bug Hunting for Penetration

8-OWASP Testing Guide

9-Mobile Application hacker’s handbook

10-Breaking into Information Security: Learning the Ropes 101

YouTube Channels-:

Security Conference talks you should watch-:

1-Akhil George- https://www.youtube.com/channel/UCsVp13y6_bsj56V3hSph6eg/playlists

2-DEF CON 23 — Jason Haddix — How to Shot Web: Web and mobile hacking in 2015-https://youtu.be/-FAjxUOKbdI

Follow these guys on Twitter-:

1-Frans Rosén

2-Mathias Karlsson


  •     Burpsuite
  •     nmap
  •     Netcat
  •     OwaspZap
  •     Kali Linux
  •     Sqlmap

Bug Bounty Platforms-:

Invite based Platforms:


Blogs you should follow-:

Sample format of report:

    Vulnerability Name
    Vulnerability Description
    Vulnerable URL
    Steps to Reproduce

Vulnerabilities Priorities:

    P1 -Critical: Vulnerabilities that cause a privilege escalation from unprivileged to admin or allow for remote code execution, financial theft, etc.
    P2 -High: Vulnerabilities that affect the security of the software and impact the processes it supports.
    P3 -Medium: Vulnerabilities that affect multiple users and require little or no user interaction to trigger.
    P4 -Low: Vulnerabilities that affect singular users and require interaction or significant prerequisites to trigger (MitM) to trigger.
    P5 -Informational: Non-exploitable vulnerabilities in functionality. Vulnerabilities that are by design or are deemed an acceptable business risk to the customer.

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

- Hacking Truth by Kumar Atul Jaiswal

My Self Kumar Atul Jaiswal Urf HackerboY and Kumar Atul Jaiswal is a name among millions who struggled failed and surged ahead in search of how to become a Hacker ( passionate about Hacking just like profession an entrepreneur ), just like any middle class guy, he too had a bunch of unclear dreams and a blurred version of his goals in life 😊.


Post a Comment


Send Us A Email

Search This Blog


Contact Info

The page name itself is a call-to-action; Treat it with some respect.!


15, Ranchi, India, 834002