Introduction To Bug Hunting

good afternoon everyone and thank you for being here with me and this talk is titled introduction back Monday hunting and before I begin my presentation I want to give some information about my background to what I'm what I do now and yeah I am a security consultant at synopsis and I do pen tests for synopsis projects and as a security consultant just I do web application mobile application or network pen test um yeah uh also I worked in uh baccarat triage team as a part-time application security engineer more than two years just I did a submission validation in the team and therefore yeah I saw thousands of submission on their platform uh yeah let's get into

so today just I want to give some information about bhagmati hunting and yeah what's about hunting and what platforms you can work for Mac Monty hunting and what programs do you need to access or you need to send some submissions or some vulnerabilities uh yeah some organizations gives ethical hackers to permission to test their systems and their web applications their networks their mobile applications and yeah researchers and earn rewards by detecting vulnerabilities on the system and during the background hunting if they found some vulnerabilities and they can report this issues to directly companies program page okay we can be a researcher what rules you can get as a researcher in bug bounty hunting Community anyone anyone can sign up to be a

researcher and to become a researcher uh just you need to create an account on the platform sites who provides mcvante services and work one services for companies and if you report an unreported fresh bug and you can earn monetary rewards on the platforms from the clients and if you submit a previous report we previously supported vulnerability it will be duplicate just you can only earn platform points or reputations for getting more invoice in bhagwanti programs so uh background programs platforms connect companies with the background Community to provide them with a Smart Security Solutions there are many bug Bounty platforms for hundreds of companies work with them and you can reach full list for you can you

can reach the full list you can QR code here and just I put here some popular platforms like as hacker one background or signac uh yeah if you want to reach all this you can scan the color code here and other side you can search and Report vulnerabilities in many companies without the platforms you can directly access companies backbund page and you can report uh your vulnerabilities to direct to them and also you can find other bug Bounty platform page for companies you can access using the Google Docs by quantity or one able to disclosure page are used by companies to coordinate the reporting and charging in some cases wording of security vulnerabilities you can find

the bound to pays of many companies by using the Google Docs and when you use the docs these dogs you can access directly many companies about one page and you can send your reports without and he background platform yeah also you can access the unlisted bug Bounty one Legacy disclosure programs with Google Docs and yeah this background platforms provider uh provides provider provides a form to sending uh to sending reports to the their clients therefore they Implement their forms in the client's website you can you can find easily using the Google Docs in the Google you can just use some words and you can find a lot of bug reports page actually so a public bug Bounty program is one that

is open to anyone who wants to be who wants to be participate and you can list program when you log in the application then when you log into bug Bounty platform application you can search public programs directly in their application you can filter the asset types or program Types on their application and you can directly start to send some vulnerabilities on the platform a public program is accessible by all the Searchers on platform and all background programs outside of the platforms are considered as a background program

yeah I I would like to talk about a little bit project discovery.io and when you started bhagwanti for public programs you can use a course project for accessing uh accessing some sub domain data from their application they they already scan these public programs domains and they already add they adding all results day by day in their application you can you can reach all subdomain results on their platform before the starting back 24 public programs you can download the subdomain list for background programs and you can start the bug Bounty for many publics programs [Music] so um a private bug Bounty program is one of the a private background program is one of the invite on the program for selected

researchers when you when you start to work Bounty for public programs you can collect some points or reputations and then after the platform send you some private invoice private programs only selected those those researchers who are skilled in testing and kind of applications never go public at all and these programs just only provide access to private to selected private researcher therefore this is just a private invite for a researcher so we we have some differences between bhagavati platforms some platforms you can some platforms that you can directly register and start for bug Bounty and some platforms needs needs the complete some assessment technical assessment actually and one one of them sign again yogosha before the starting pan back

bounty on their platform you need to complete assessment technical assessment process after applying applying if you need to prove that you meet some technical requirements for their platforms and nowadays many background platforms use hects for testing your skills and you can prove your technical skills on Hector box platform during the technical assessment after after after provide your skills you can you can join the their platform and you can access their background programs yeah so and here is some information about the bhagbanti versus traditional pen test and yeah traditional pen test teams small teams and Bug Bounty Community is a has a big community and also translation of the Panthers just work in time Bond and bug Bounty is continuous

also the companies pay for testing time for traditional pen tests but but for bhagwanti they pay just four results

so where to start before the hack something and you should know how it works therefore before the starting bug Bounty or pen testing anything in cyber security you need to learn some fundamentals about web applications mobile applications or Network the um it is necessary to know the basics of web applications or mobile applications or Network fundamentals after skill development and doing some practice also you can read some information about the bug bounty on the internet some disclosure reports or uh anything about the bhagwanti you can be reached success doing to some on the platforms [Music] so the most common Targets in bhagbanti are web and mobile applications and networks you need to improve your skills in these

fields most of time you look for vulnerabilities by doing Port service Discovery and external network scan if you if you join the signage you can work by accessing the internal networks of many customers via VPN connection and you can work and you can work for internal Network pen test or internal Network back branches so for improving your skills you can you can find some books in the cyber security industry and also you can follow the YouTube content creators and also you can play for for volume you can play on the vulnerable machines like as hack the box or fantastic Labs or you can work on the CTS for improving your skills

so reporting one of the important things about reporting is because after you send a submission your reports directly access to directly sending to bug Bounty platforms analyst and before descending clients they need to validate your vulnerabilities therefore you need to read brief could breathe carefully and you need to add one vulnerabilities details in the report and you need to add more description about your vulnerability also you need to add some proof for your vulnerability some screenshots or some video POC files in the report also you can collaborate with your friends and also you can share your resource or knowledge or Bounty programs with your friends I added here one of the most popular platforms for

meeting other Hunters actually some platform teams and before starting bounty on the pla on the program you need to understand the scope well and also check the out of scope area also you can you can check the VRT for severity of your of your vulnerabilities before Discerning them also you can check the now issue tabs before starting the bug bounty on this programs last thing is about the comments area when you when you send a comment your comments will send directly to internal internal analyst also this area can can accessible by client therefore be kind and formal in this comment area

yeah that's all thank you

[Music] any questions hi so thank you for that by the way um I guess one of the things you added one of the screens you had up was kind of Rewards or or kind of incentives for people to want to go and pursue bug Bounty um hunting but but what's the uh there are some some websites like 4chan for instance that clearly didn't have any incentives listed at least on the page so for for them for for people in that kind of field what is the incentive for them to actually uh partake in in 4chan's public uh bug Bounty uh platform for instance or program yes this this is a long crazy for me sorry sorry so the question is where

there are some some websites that aren't offering any visible incentives or at least we're on the on the list you had like 4chan what what actual incentives are there for people to partake in our program um yeah I I don't know right now yeah is it is it just for the for the for the sake of it like oh yeah actually they're quite they just like doing it so therefore it's it's been there sort of they're interested and potentially because there's less people going into it it's a less crowded area so it could be more vulnerable it's defined like that maybe that would be possibly something there for for finding some issues yeah where there's no other physical

incentives like all right we're going to get a reward or you're going to get you're going to get reward or some cash incentive maybe there's I can imagine there's probably room for people to kind of test their skills out maybe that's what I'm just saying I'm just going to get your opinion on it see what you think just you're actually asking about motivation some yeah yeah so so what I'm saying is if you're not going to pay someone for it and you're not going to give them a gift why should people partake in your in your bug Bounty program what what is what incentive is there why should they do it yeah I think um here's the main reason about some

technical skill improves and also some uh getting some rewards main reason actually also many researchers already Works in pantas or cyber security industry as a security engineer therefore main reason here for improving skills and accessing different kind of systems or applications developed by different teams around of the world or different companies or different industry and also I think main reason here getting earning some money and improving skills actually we have time for one more question hiya um so bug Bounty can be fantastic and fun but also rather so destroying when you get dupes and stuff like that um what's your advice for new starters who are getting into it to kind of keep going do you have any advice for them

for asking for advice yeah any advice to keep the new people who are getting into bug Bounty and going when the times are hard because it's not always straightforward yeah nowadays we we have a lot of content uh in in the YouTube channels and you can follow the YouTube channels for getting more information also you can find a lot of researchers in Twitter and you can follow them and what they're reporting and what they doing for bug Bounty also we have a lot of we have we have many full-time back bounty hunters and you can follow them also the background platforms has [Music] disclosure reports page you can follow the disclosure reports uh what what they

reporting or reporting for programs what they did or what they earned for as a for monetary words yeah just the community is very big you you can you can follow many researchers on the internet they already likes to share their information and what they did before what they know about technically for web application or mobile applications and you can find more information and Twitter about background contacting thank you