Bug Bounty

Created: 2022-08-01
Tags: #fleeting

For the companies who do say they allow responsible bug reporting,
here a couple tips for your submissions from a guy who reads a lot of vuln submissions:

• Don’t make any mention of reward until you’ve established rapport with them. Better yet, wait for them to bring it up.
• Give them enough clear detail to be able to recreate the problem themselves.
• Recognize they determine the severity, not you.
• Recognize that many companies—especially big companies—are painfully slow. Whatever you think is a reasonable response time is probably way faster than they can do. Response times tend to be in days or weeks. Don’t be a pest.

Read this post here
https://www.bugbountyhunter.com/getting-started/

https://portswigger.net/solutions/bug-bounty-hunting

https://hackerone.com/hacktivity

Reconnaissance
https://www.tutorialspoint.com/ethical_hacking/ethical_hacking_reconnaissance.htm
Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning & Enumeration) used to covertly discover and collect information about a target system.

CTF101
https://ctf101.org/

https://www.reddit.com/r/hacking/comments/a3oicn/how_to_start_hacking_the_ultimate_two_path_guide/