Bug bounty resources & advices
Hey guys, in this story I’m going to share some resources for every hacker and advices for beginners…
Advices for Beginners
Before starting bug bounty.
1- Learn basics of internet.
2- Learn http very well. (request, response, headers, cookies, http status, body, request types(GET, POST, PUT, DELETE, OPTIONS, HEAD) etc)
3- Learn basics of html,css and javascript.
4- Learn basics of golang, sql, ruby and python. Just install it and print hello world. (for now)
5- Learn basics of networking (DHCP, DNS, routers, server, client, IP, TCP, UPD, SMTP, Ports, Subnetting etc.)
6- Learn how to use google. Learn Google Dorks…
7- Be patient and read a lot. (Blogs, tweets, write-ups etc.)Nobody starts earning thousands of dollars as soon as they start.
8- Use social media to improve yourself. Become an information exploiter. I will share a lot of twitter accounts below.
9- Don’t start searching before learning to least 10 tools and learn the basics of all vulnerabilities. (xss,idor,ssrf,rce,crlf,sqli etc.)
10- Understand what is being done on the site where you will search for the vulnerability. Understand business logic.
11- Inputs are our biggest weapon.
12- Examine JS files well for valuable information..
13- Stay safe and healthy…
Tools I use
Web tools
http://dns.bufferover.run/dns?q=domain.com
All Resources (medium, twitter, youtube, blogs etc)
