Day 0: From Newb to Bounty Hunter
In about a month, I begin a job with a large internet company in Seattle running analytics for a business unit. So starting today, for the next month, I’m going to devote my free time to earning a paid bug bounty. This could be the lowest bug bounty offered on any site, but as long as the payout is money, it’ll count.
My hope is that you’ll join me on this journey to laugh with me at my mistakes and offer up suggestions! Also, hopefully I’m successful in my goal and this blog can some day serve as a kind of guide for those that may be interested in security research and ethical hacking but don’t really know where to start.
I’ve always had a passing interest in infosec but never really made the plunge. My field is primarily data science and analytics focused around answering business questions. That said, I attended DefCon a few weeks ago and was super impressed by the curiosity and passion of the community.
In that sense, I’m not exactly starting from zero as I do have programming and computer skills. To level-set, here are some of my skills/gaps
Can do work in: Python, SQL, HTML/CSS, Unix/Linux, AWS
Basically clueless: Lower level languages (C, C++, Java), Networking, Crytography, lots and lots of other things
Being a bug bounty newb, I do what newbs do and Google how to get started in bug bounty programs. After opening about 20 tabs, the general consensus is that reading is the best way to get started. After that, a good next step is trying to exploit sandbox environments. Additionally, reading successful bug bounties seems to make sense to me. Below are a list of resources I’ve compiled.
Note 1: I will probably update this list throughout the course of my process as more things come to my attention.
Note 2: The focus will be web applications since most bug bounty programs are focused in that domain.
- The Web Application Hacker’s Handbook [amazon]
- Open Web Application Security Project (OWASP Top 10 Vulnerabilities List [site]
- Open Web Application Security Project (OWASP) [wiki|pdf]
- The Hacker Playbook 2 [amazon]
- Penetration testing [nostarch]
These are typically intentionally insecure web applications that are out on the web or downloadable for local pentesting. They provide relatively safe targets to begin building some basic skills.
- Damn Vulnerable Web Application (DVWA) [github]
- Gruyere Web Applications and Defense [site]
- OWASP Webgoat [site]
- Pentester Lab [site]
- Vulnhub [site]
There seem to be endless tutorials on hacking, here are a couple that I saw mentioned more than once.
Successful Vulnerability Reports
Reading some great examples of successful write-ups will give me an idea of the kind of thinking needed to be successful
Bug Bounty Programs
When I’m ready, this is where I’ll test my knowledge and persistence to get paid for a bug!
If you have any suggestions or comments, please leave them below!