Secret Tips for bug bounty hunter | (Part2)#bugbounty #bugtips # BUGBOUNTY

Hey guys it’s hacktube here, today in this video we are going to see some awesome tips about bug bounties, that will help you get better for the long run. These tips will surely help you, I have also made part 1 (read part1) on this topic. So without further delay let’s get started…..

(Tip1) Develop your flow of approach & methodology:

If you what to go for a long run in bug bounties then you need to follow a method (it means the way you develop while finding the bugs, you see a pattern or an approach by which you get often bugs and success ) that your methodology. Not only in bug bounties, but you must also follow a procedure in life to get real success. Everyone has a different approach to finding the bugs, you can also follow other great people’s methodology like zseanos, Jason Haddix , nahamsec

Recon (The wrong way) #bugbounties

Many beginners directly without thinking just perform a DDoS(distributed denial of service) attack with active scans and blindly run a lot of automated tools which will result in getting your IP blocked by the WAF (web application firewall). Don’t rely on only some tools try to collect all information both actively (interacts directly with the application) and passively(collects info from a search engine) as more as possible. Most of you just get stuck at recon and just give up there itself, they don’t know what to do after recon and just performs recon on all the web application and just leaves off…

Don’t pressure yourself (mental health) #bugbounties

It’s a major step, as everything depends on this, don’t just force yourself to work overtime, I know that you feel stressed out when you don’t find anything. It’s OK to go out and get some fresh air and chill!! with your friends. Try to go slow in terms of knowledge (I know you have the curiosity to learn more and more in a short time), if you do so you will end up with burnout and pain

Don’t expect rewards #bughunting

If you came to this field where you can just earn money easily, then I recommend you to leave this field. This field is not for money, it is a service provided by us to protect the community from huge attacks, if so you find a bug, and the company is impressed by your work, and then they award you. You must keep an intention of learning, not earning. If you become so skillful then money will automatically follow you. Clear your mindset about bug bounties “The more you learn the more you earn” (learning > money)

Bonus TIP (beginners and intermediate)

When you find a bug, just report it (the main reason is, that you are not the only one who’s hunting on that program) there are many experienced bug bounty hunters that have a lot of knowledge as compared to you(obviously). If you just wait to report it later then someone will report it and you will end up with either Dupe (duplicates) or N/A

Thank you for reading this blog. feel free to comment

Leave a Reply