I know you all want to earn money from something you can do. Now I am assuming that you are interested in Cybersecurity and Bug Bounty Hunting. Now you want to know how you can earn money as Bug Bounty Hunter. So in this article, We will talk about how to become Bug Bounty Hunter.

Let’s start with an introduction to bug bounty hunting. Before you start, if you knew the basics then jump towards the next section of the blog.

What Is Bug Bounty Hunting?

Bug Bounty Hunting is a kind of Penetration Testing where you as an individual try to find bugs or vulnerabilities in a website/application. These bugs or vulnerabilities can be used by bad guys to act against the website. Sometimes these bugs are the main cause of Data Breaches and stuff going around nowadays. 

To simplify it, you try to find bugs in the website, and then you report those bugs to the website owner and they pay you money so-called bounty.

How to Become Bug Bounty Hunter?

Before we discuss the steps to take to become Bug Bounty Hunter if you are still not clear about the basic concept of penetration testing then take time to learn about those from the following playlist of our channel ( the videos are in Hindi)

Now if you are done watching the video, let me tell you the first step you need to take to start your journey as Bug Bounty Hunter.

To find vulnerabilities/bugs, first of all, you need to know about the different types of vulnerabilities that exist. If you don’t know about them then you need to learn it to start hunting bugs. There is a misconception amongst beginners that they need to know about every vulnerability but it isn’t true. You can just start learning it one by one. Now if you are wondering that what are these vulnerabilities, then you need to visit OWASP Top Ten Web Application Security Risks | OWASP to learn more about them. Indeed, these are just the top 10 of them but it’s not the end. There are much more than these but you do not need to learn all of them at once.  

How to learn about Vulnerabilities?

I have 50+ videos already made on my channel where you can learn about all these vulnerabilities in Hindi. These videos are created keeping beginners in mind. 

What after learning vulnerabilities?

Now I hope that you are clear with what vulnerabilities are and how you can find them. Don’t worry if you do not know about each of them because, to be honest, it’s not necessary to learn everything. Even some professionals don’t know about it all.

So the next step to start hunting for bugs is to find a target or website. As if you are new to this let me tell you that you can’t hunt for bugs on any random website you like. Bug hunting is a kind of penetration testing and it’s illegal if you perform this on any website without permission.

Have you heard about the word Hackerone and Bugcrowd in the videos attached above? They are platforms used by Bug Bounty Hunter to find websites and applications to hunt on. Don’t worry if you can’t understand how to find the best target to find bugs because I have written a dedicated article for it, you can check it here ___________________.