Basic knowledge about bug bounty

What is bug bounty?

Also called a vulnerability rewards program (VRP) or vulnerability disclosure program (VDP) is a reward given for reporting a security vulnerability and it is a great way to test their skills on different types of targets and get paid when they find some security vulnerabilities.

Best Bug Bounty books for Beginners

If you can't learn from digital screens, don't worry you can learn anything from books. here are some bug bounty training books for beginners,

1. Ghost In The Wires: My Adventures as the World’s Most Wanted Hacker

gingKevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world's biggest companies and no matter how fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. As the FBI's net finally began to tighten, Mitnick went on the run, engaging in an increasingly sophisticated game of hide-and-seek that escalated through false identities, a host of cities, and plenty of close shaves, to an ultimate showdown with the Feds, who would stop at nothing to bring him down.

Ghost in the Wires is a thrilling true story of intrigue, suspense, and unbelievable escapes -- and a portrait of a visionary who forced the authorities to rethink the way they pursued him and forced companies to rethink the way they protect their most sensitive information.

2. Web Hacking 101: How to Make Money Hacking Ethically

Web hacking 101 is an eBook that was developed by software security expert Peter Yaworski. His goal was to help the HackerOne community profit from their bug bounty hunting skills within a bug bounty program. Basically, this bug bounty tool will help you learn how to monetize your cybersecurity knowledge.

If you want to learn how to hack as a beginner for free, HackerOne makes this eBook available for free. Once you sign up or log into your free HackerOne account, you’ll receive the publication via email.

3. Bug Bounty Hunting Essentials: Quick-paced guide to help white-hat hackers get through bug bounty programs 

Bug bounty programs are initiatives adopted by companies as part of their vulnerability management strategy. This approach involves rewarding white-hat hackers for finding bugs in applications and other software vulnerabilities. The number of prominent organizations opting for this program has exponentially increased over time, creating more opportunities for ethical hackers. This book starts by introducing you to the concept of bug bounty hunting and its fundamentals. You'll then delve into vulnerabilities and analysis concepts, such as HTML injection and CRLF injection, which will help you understand these attacks and be able to secure an organization from them. Toward later chapters, you'll gain practical knowledge of working with different tools for bug hunting. Finally, you'll explore a variety of blogs and communities you need to follow to further build on your skills. By the end of this book, you will have developed the pentesting skills you need to become a successful bug bounty hunter. 

Are we need any programming knowledge for bug bounty?

The answer is Yes and No, don't get confused guys, I will tell you why the answer is Yes and No. First, we will see why we need coding knowledge in bug hunting. if you need to develop a career in bug hunting, you should know to develop some important web-based programming languages like HTML, JavaScript, PHP, and ASP.NET also you need to know some scripting languages like Python, Ruby, Perl, and Bash. otherwise, you will face some problems and you will doesn't know how to manipulate code. Next, we will see why No. if you are a beginner in this field you need not worry about programming knowledge but you need to know about the basic computer operating knowledge. if you don't have that much knowledge about the programming language, you need to find bugs, for you guys developers have a special tool called "PVS-Studio Analyzer".

This tool is used by programmers for rectifying the errors that they have unchecked during the programming time. By using this tool also the bug hunters get benefits out from this. This tool will help you out with automated testing rather than manual testing. But this tool is paid because it is an automation tool so you have to buy this otherwise you can use the free trial.

 

 

Abbreviations and terminologies used in Bug hunting

Abbreviations and terminologies used in Bug Bounty

1. Bug bounty -  Also called a vulnerability rewards program (VRP) or vulnerability disclosure program (VDP) is a reward given for reporting a security vulnerability.

2. Bug bounty program - Individuals or companies that reward security researchers for reporting security vulnerabilities in their products or any other digital services.

3. Enumeration - Enumeration is nothing but the information that you have gathered from a particular target.

4. POC - (proof of concept), A brief explanation of a vulnerability via test, screenshot, and video.

5. Target - Setting up a particular domain or task for finding the vulnerability.

6. Duplicate - Already reported vulnerability by someone else before for the same target.

7. Scope - Organizations will assign/decide, where a researcher is allowed to test and what type of testing is permitted.

8. Full disclosure - When the entire report is publicly disclosed. Bug bounty hunters will usually request public disclosure of their report once the vulnerability issue has been resolved on the particular company or organization.

9. Partial disclosure - When a report is publicly disclosed, but certain details are manipulated.

10. BAC - (Broken access control), when an application does not restrict user permissions for some access to administrative functionality. This may include viewing of unauthorized content and they lead to application takeover.

11. CVE - (Common vulnerability exposure), is a system of publicly known as cybersecurity vulnerabilities mostly found on openly released software.

12. CVSS - (Common vulnerability scoring system), is a free and open industry standard for valuing the hardness of security vulnerabilities.

13. CSRF - (Cross-site request forgery), Also known as one-click attack, CSRF bug is a type of malicious exploit of a website where unofficial commands are transmitted from a user that the web application support.

14. CWE - (Common weakness enumeration), There are currently over 600 categories covering from buffer overflows, cross-site scripting, to insecure random numbers.

15. CVSS - (Common vulnerability scoring system), CVSS is a free and open industry standard for evaluating the severity of security vulnerabilities. CVSS attempts to assign scores to vulnerabilities, enabling responders to prioritize responses and resources according to the severity.  

16. XSS - (Cross-site scripting), Commonly found in web applications, XSS enables attackers to inject client-side scripts into web pages viewed by other users.

17. CSS - (Crowdsourced security), CSS is an established security approach wherein plenty of ethical hackers are incentivized to search for and report vulnerabilities in the assets of a given organization, with the full understanding and awareness of the organization in question.

18. Email Spoofing - Email spoofing is the forgery of an email header so that the message seems to have originated from someone or somewhere other than the original source. Email spoofing is a tactic used in phishing and spam attacks because people are more likely to open an email when they think it has been sent by a genuine source. The goal of email spoofing is to get receivers to open, and possibly even respond to, a solicitation.

19. Payout - The money paid to a researcher or in our term bug hunter, once their vulnerability submission has been validated/approved.

20. Private Programs - Organizations or companies send a request to find bugs to an individual or group of bug hunters or researchers based on their participation and points.

21. Points - Points are nothing but awarded for submissions to the researcher or bug hunters for build status and used to measure the leaderboard. the pots will also be used to get more private programs.

How to get started with bug bounty?

How to get started with Bug Bounty?

How to get started in Bug Bounty, Where to start bug bounty, What is the best time for starting bug bounty, What is the LAB setup I need to do bug bounty is a common question nowadays. I will help you out with these questions. The First thing you have to focus less on money and more on learning. 

Disclaimer:

I have to tell you one thing, that doesn't focus on completing the blog or content that I have wrote. My advice is to understand each line and methodology that I have wrote. so make sure that you have understood every tool, theory, methodology, and some other things that I have used in this blog. Also, use desktop / Computer for use this blog

Prerequisites:

I will tell you some important prerequisites for getting started with a bug bounty.

1. Good Laptop or Desktop
2. Balanced Internet
3. Basic computer knowledge like software installing, Notepad, and Web searching
4. E-mail ID
5. Mainly Interest

Make sure that these all prerequisites are with you or else just know about things and get started when you have these all prerequisites.

Lessons you will learn from this blog:

1. Abbreviations and terminologies used in Bug hunting
2. Basics of web language like HTML, CSS, and Javascript
3. Proxy
4. Protocols
5. Port numbers
6. HTTP status code
7. Headers
8. Basics of network security
9. Different encoding mechanisms
10. Basics of cryptography
11. Same-Origin Policy (SOP)
12. Cross-Origin Resource Sharing
13. Session management
14. Different ways of identifying a user
15. Cookies
16. Authentication headers
17. Basic knowledge about how session IDs issued
18. Google dorks & How to find bugs with Google dorks?
19. Burp suite & other web testing tools 
20. Various types of bugs, the priority of the bugs, and average bounty based on the priority of bugs
21. Report writing and POC Video editing 
22. Analyze the best report writing and find the bounty methodology
23. Github and How hackers are using GitHub
24. And more

Bugs we will cover:

1. Email spoofing
2. Clickjacking 
3. Cross-site scripting(XSS)
4. Open redirection 
5. Insecure Direct Object References (IDOR)
6. Cross-Site Request Forgery (CSRF) 
7. Server-Side Request Forgery (SSRF) 
8. SQL Injection 
9. Deserialization issues
10. Remote Code Execution (RCE) 
11. Race Conditions
12. Broken Access Control
13. And more

Others:

1. Find Bugs using dorks and report it
2. HackerOne and bug crowd bug finding methodology
3. Automotive bug identification methodology
4. And more

So let's jump into our learning process. Stay with me guys I will take you out to the bug hunting world.

My journey of bug bounty

Who am I?

    I am F-leven. I am a bug hunter, web developer, and ethical hacker. I started my bug hunting journey 4 years before. I have learned a lot of tricks and tips during this time period. so I would like to share my experiences with you guys. during my starting period of bug hunting. I actually don't know what is a bug bounty in my starting point. but I have a craze for doing things like hacking, testing, and finding vulnerabilities because that I am a computer student when I was 16. I usually download many files like cracked games, software, and many other pirated software. by downloading these types of files, I got affected by the virus. that time I will be sacred because my laptop was new..., if anything happened I need to repair it, it will cost huge money, I lost my important files, photos and I need to reboot it. so! I decide to didn't play games, didn't download pirated software, and didn't visit the unsecured website. 

After some days I have a need to download the pirated software due to work and college purposes. then I decide to download the pirated but by virtual machines. by using virtual machines we don't need to be scared about any virus or any unsecured things. then I know about Linux and how secure it is. so I virtualized ubuntu and frequently used ubuntu as my regular operating system because of its good-looking and neat user interface. then I learned some of the basic Linux commands and how to use Linux better. After some days, when I use Linux in my college my friends will ask like "are you a hacker" this question makes me dive into the cybersecurity field. so now I would like to thank you for the pirated software, virtual machines, ubuntu, and some other viruses. I will call these my mentors or motivators.😂 I have learned a lot of services from these things like how to delete viruses, how to scan any files which contain viruses or any other backdoors. when I play high-end games like GTA 5 or Watchdogs my computer goes to death or popup blue screen in the middle of the game. by this, I have learned to repair the blue screen error and how to boot the operating system, and some other repairing stuff.

After some days I got curies to learn bug bounty When I heard about the bug bounty program. I researched about it and I got passionate about it because it is like a game when we find any bugs in a particular company we got "mission passed +$5000" just like video games. so I decide to learn bug hunting for that I buy an online course "Learn bug bounty in 10 days" each day has 1 hr live session. But I can't get as much knowledge from that. So I decided to search “out of the box” like I studied or learned various blogs, articles, youtube videos, courses, by mentors, tools, bug bounty platforms, and some other websites for bug hunting methodology (the burp suite developed company) for practical training. So these all resources and all other things that I have learned will share with you in this blog. So you will get benefit out of this blog and also you can ask me any queries related to my blog contents. I will sure that you will get the maximum amount of information related to bug hunting. And you can also use the forum for asking doubts regarding bug hunting. Also, don’t forget to subscribe to this blog so that you will miss the updates in this blog.

Let us stay motivated guys I will share my entire knowledge with you that I have learned during my bug hunting journey. and I don't want to waste your time lets start with new lessons.