How to Earn Money as a Bug Bounty Hunter. Are you a coder or white hat hacker looking to make some money on the side Bug bounty hunting might be the perfect gig for you. What Is Bug Bounty Hunting Bug bounty hunting is being paid to find vulnerabilities in software, websites, and web applications. The security teams at major companies dont have enough time or manpower to squash all the bugs they have, so they reach out to private contractors for help. Basically, you use your tools to break things or break into things, write up a vulnerability report to the company whos issued the bounty, then get paid. Some hackers make tens of thousands of dollars a year on the side just hunting bugs. To do it, however, youll need to at least know some basic coding and computer skills. Fortunately, weve got tons of great resources to help get you started, and coding is pretty easy to teach yourself. That said, if you have no idea what any of this stuff means as you read on, bug bounty hunting probably isnt for you. Weve talked about the best programming languages to get started with, why you should andRead more Read. Do Some Research and Get Your Tools. Once youve got a grip on basic coding, you need to take a deep dive into web applications and how they work. Lucky for you, theres tons of great resources out there that can point you in the right direction. To run require libcurldev or libcurldevelon rpm linux based git clone httpsgithub. comCoolerVoid0d1n need libcurl to run sudo aptget install libcurldev. Start by reading Then get the right tools. Youll need Then check out the OWASP Web. Search the DistroWatch database for distributions using a particular package. If you are looking for a distribution with the latest kernel, select linux from the. Goat lab, where you can practice finding bugs and vulnerabilities in web applications, and take a look at the Google Bughunter University as well. They have lots of great information bug hunting and how to write solid vulnerability reports that will get you paid. Sites like Bugcrowd and Hacker. One can help with that aspect as well. Kali Linux is a security focused operating system you can run off a CD or USB drive, anywhere. With Read more Read. Find Bug Bounty Listings and Go Hunting. Once youre armed with knowledge and the right tools, youre ready to look for some bugs to squash. Companies will often have a link somewhere on their website offering bug bounties, but they can be hard to find. Youre better off checking a bounty board where hackers are reading publicly disclosed vulnerability reports and updating an active list on the daily. Like these Hacker. One also offers Disclosure Assistance, which is a place where a hacker can report any vulnerability to any organization. Even if the organization doesnt have a vulnerability program, they can contact them and deliver the report. It also helps to join a bug bounty hunter community forumlike those sites listed aboveso you can stay up to date on new bounties and tools of the trade. To hunt bugs you also have to be willing to continually learn as you go. Web applications and bug hunting tools are constantly updating, so you need to be on the ball if you want to do things right. Update A representative of Hacker. One reached out to note their disclosure assistance program. The text above has been updated with this information.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |