What would be your approach in bug hunting programs


#1

Could you all share your experience and approach, how would you start hunting for a bug when you’re into bounty programs?

How hard is it for a novice to start hunting for bugs at hackerone or bugcrowd? Would you recommend any?


Sites which pays for your research or zero day vulnerabilities
#2

I have never really made it as a successful bug bounty hunter, so I’m not sure if my advice carries much weight, but here goes.

First thing, if you take a look at the bounties available a vast majority of them are web related. I would get really experienced in web development in the core languages such as PHP, RoR, and Javascript first of all. I think this will be a must.

Next, I wouldn’t expect anything to start happening overnight. Don’t get yourself worked up thinking you are going to be making a ton of money. This is one of those fields that you are passionate about first and then the money comes next.

Get yourself a couple of books on what you are interested in. Again, my focus would be web application hacking, but there are plenty of resources out there.

Getting involved with the community is probably a good idea, or maybe working with a couple of friends and splitting any reward might be helpful, but not sure.

Overall I think that the important part is that you are just passionate about it. If that’s the case you will do well.


#3

What layer bug hunting?

Layer 7 and below, I cant help. Layer 8, follow Nerdout! I dont do malware hunting as I dont have a threat management team. Well at least not tactical pvp. I would be bad at that.

Depending on what layer you are looking at. I really think this should be clarified in the industry. Share Association are a trusted place to start.

They run an exploit hunting site :slight_smile:
http://zerodium.com

This bug hunting and exploits transcend tech, so just be careful, but yeah, finding trusted sources is going to be a thing, especially in a world where authorities are infected.

Bui the best groups Ive seen doing layer 8 malware hunting, have come from groups like NerdOut! that offer “loot crates” and high rewards. Fortnite and PugB are popular spaces for this. But with most of these groups, there’s a long process of trust you need to build up to get involved .

I saw a site offering stuff the other day, kinda wish I had recorded it, it looked ideal for this, but I dont know what their bounties are like.


#4

Now that’s some fucking bug hunting I can get behind right there.


#5

Its real, and those teen moms could use some help. The authorities aint ganna help them. It seems like wealthy individuals (nice people who have money) fund the rewards in the loot boxes, so check into it. I wish I had recorded that dang site. It was more direct.

Most common thing you do is recon, once bad malware is confirmed, you get paid to recon then a sniper is brought in to remove the malware.

In a world with failed justice, this is what happens.


#6

Is it possible to share all the platforms like zerodium which pays me well? I think it would be great to maintain that list

@hackractual could you please create a topic?


#7

That’s the only one I know, and I learned about it at the same time you did.


#8

Im a bit worried about this, I will try keep track of the mainstream ones, but because this is high stakes. criminals and governments vs mostly kids, most groups dont like to advertise.

Darnit, I wish I had saved a new major one that opened up. Ill keep my eye open for them. Since I dont do threat management, and suck at pvp, I havent gone there. I just spoken to people there.

I highly recommend getting into fortnite, and playing with the people there and getting to know the gamers. Thats ganna be the best and safest bet. You get to sus each other out, form a bond in game, and work on synergy. Those are the best paying ones afaik. Also, you get to learn from experience.


#9

as I come across this kinda stuff Ill spam it here


#10

That is to say, you guys don’t know about the big names in bug hunting like HackerOne and BugCrowd or just not ones that pay well?

Microsoft just upped the ante with their bug bounty program recently. So did PayPal. (site down for update.)

I think even Steve Gibson had something to say about recent bug bounty programs on one of the more recent episodes of Security Now!


#11

Yeah, I knew about those but the example the other guy made was paying upwards of $1M for specific vulnerabilities, granted they are incredibly difficult vulnerabilities.


#12

Oh! Okay. I didn’t pick up on the theme.


#13

https://threatpost.com/a-look-inside-bug-bounties-and-pen-testing/131681/


#14

Gonna listen tonight when things calm down. Thanks for the share!