Archives
- Newer posts
- April 2024
- November 2023
- October 2023
- August 2023
- May 2023
- February 2023
- October 2022
- August 2022
- July 2022
- May 2022
- April 2022
- March 2022
- February 2022
- June 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- August 2016
- June 2016
- April 2016
- March 2016
- February 2016
- January 2016
- July 2015
- June 2015
- Older posts
Earn Money through Bug Bounty
It is said that hacking is an art, and the hacker is an artist. If you are that hacker looking for fame and some cash, then bug bounty is the correct choice for you. In this blog, I will give you some more information on bug bounty.
To start with, let us understand the term ‘bug bounty’. A Bug bounty program is nothing but a deal offered by companies to find vulnerabilities in their software, websites, or other web applications. It is also called as Vulnerability Rewards Program (VRP). The individuals who report bugs get recognition and compensation, especially if the bugs reported are more likely to exploit the vulnerabilities of their software. The individuals who report such bugs are known as bug bounty hunters and the process of finding such bugs is called bug bounty hunting.
The advantages for companies that run a Bug Bounty Program are very clear: their main aim is to get all the flaws/vulnerabilities (like CSRF, XSS, Subdomain etc) get discovered and resolved before the application is released to the public. This improves their services and helps to carry out security updates to their application/platform, hence ensuring that their data is safe.
For the bug hunters, it’s the money and hall of fame for their work. This is a very good opportunity for developers or white-hat hackers to make some money, as they are the ones who have the required computer knowledge and they can make or break the site.
If you plan to become a bug bounty hunter, you’ll need to know some basic coding and computer skills. Fortunately, there are many resources to help you get started, and coding is pretty easy to teach yourself. Also, you can use some tools available online to break things or write up a vulnerability report to the company which has issued the bounty, then get paid. Some hackers make lots of money in a year just hunting bugs. It is just a matter of skill and luck.
To keep yourself updated about this, join the bug bounty community (https://hackerone.com/leaderboard/all-time).
You can also join the Bug Bounty World on slack and keep reading their blogs, tools, testing ideas etc. (https://bugbountyworld.com/)
Learn scripting languages, which will help in automation, like JS, PYTHON, RUBY etc. This will for sure improve your skills.
Companies will often have a link or a page somewhere on their website offering bug bounties. Typically, the payment amount depends on how much the bug will impact the users and the difficulty in the hacking. They have their rewards set for the types of bugs. The most critical bug gets the highest amount and then after that, it’s just the priority of the bugs. The final decision is made by the company and their security researchers. The bug report document must have sufficient information for the organization offering the bounty to be able to understand and reproduce the vulnerability.
A large number of organizations, including giants like Mozilla, Facebook, Yahoo!, Google etc. have implemented bug bounty programs.
Here are some links where you can always try to get some fame and money 🙂
https://bughunter.withgoogle.com/
https://www.facebook.com/whitehat
https://www.guru99.com/bug-bounty-programs.html
Happy Hunting!!