Bug Hunting Program
prerequisite of bug hunting:
- Create 2 accounts,
- Licence tools - used in industry
- Open source tools
Software:
- Esplag
- Queredar
- post swigger(Burp suite)
- Santoku OS
- Andro Goat(for mobile app)
- Bwapp(OS/Web app)
Free resources for reading:
- Write-ups -> Medium, InfoSec
- Hacking articles, hacking blogs, Bugcrowd's blogs
- Follow hacktivity of hackerOne, join discord servers
- Forums -> Reddit, NetSec, Web Security Subreddit
YouTube channels in English:
- InsiderPhD -> for API hacking
- STOK -> explain bug reports
- Vickie Li
- Hacking Simplified
- Pwn Function
- LiveOverflow
- Z wink
YouTube channels in Hindi:
- Spin The Hack
- Pratik Dabhi
Online Practice:
- hackerOne
- Try Hack Me
- OWASP lab 10
- Hack The Box
- PortSwigger Web Academy
- OWASP juice shop
- bugcrowd
- Intigriti
- YesWeHack
- Open Bug Bounty
- SmartIndiaHackathon
Offline Practice:
- VulnHub
- DVWA
- BWAPP
- Metasploitable
- WebGoat
CTF means Buggy Platforms like HackerOne, Idor.
0 Comments