Welcome back again dude !!! 🙂 Today I discuss bug hunting !!!! 🙂Before I start our topic I wanna say this topic is only for the beginner, So if you think that you are a pro then you can avoid it and search for another topic :)So, some people search in the google How To Become A Bug Hunter? Even I also searched on google, Because I’m also a beginner like you:). So, what’s the purpose of this article? huh!! ? why did I write that type of article? huh!!!?.
Okay, I don’t wanna waste any time let me explain the exact point of that topic. 🙂
So, here I explained every common problem of every beginner guy who wants to learn bug hunting. 🙂
How can I learn bug hunting ?:-
It’s the first problem for us “HOW CAN I LEARN BUG HUNTING” am I right? So, let me discuss that. So, You know that what’s the meaning of bug hunting. I don’t wanna discuss in here. Because if I discuss here then this article will be long and when you read that article that time you fill very bore. :). So, Let me enter in exact point 🙂
what should you do? :-
- At first, keep calm and stay peaceful 🙂 So, You need to know about web application how to work? , what is the function behind the web application? , which server is running behind the web application? Port, protocol, HTTP, HTTPS, etc…… Now you asked me, How it’s possible? am I right? 🙂 Bro I know that it’s not easy to learn above all that thing in a short time. 🙁 But you can learn how to deface the website ? if you don’t know how to deface the website then at first know that how to deface the website? Because it doesn’t take a huge time to learn website defacement. And besides, you can learn above all things which are more important 🙂
- Don’t need to go near any bug hunter, and ask them how to learn bug hunting? Because they never say you there tricks ?. Bug Hunting as like a competition nowadays. If anyone will say then, he says only search in google and youtube, follow the “web hacking 101 pdf ” blah!! blah!!.?? I know that bro you and me also a beginner. It’s not easy for us to understand the topic which was discussed in the book :(.
- At this point, I said you one secret About every bug hunter. ? In my real experienced I could understand, maximum bug hunter started there career on the web site defacement. You believe me or not I don’t know 🙂 But it’s true. :)That’s why I personally prefer you to learn website defacement. Because in that field you can get help from other people ? to learn about bug and exploitation.:) So, it’s easy for you to learn how to find the bug.
- After gaining some knowledge about the bug, such as XSS, header redirection, SQL injection, clickjacking, and other bugs, etc…. Now it’s time to test our knowledge. You test in your own system as like, OWASP and another online website that gives you permission for testing in their platform.
- At first research on small BUG and POC. After targeting on a small website for your strong knowledge base of various kind of BUG and exploit. After when you think that you gain too much practical knowledge and you can do own exploitation. Then target on the big website such as Philips, SONY, Facebook, and also do in hackerone,Bugcrowd