Hello Ajak Amico, I Hope Everybody is fine, Many fail at bug bounty at the initial stage and drop out soon, so today I will share how to become a successful bug bounty hunter with my personal experience. this will be useful for every security researcher, especially beginners, People Watching this blog will have a different mindset whether you wanted to get a Hall of fame, or either a Bounty or at least a Valid bug. Now follow my way, you will get all three in one shot! so without wasting any time, let's get started.
1) Stick With Basics
My first personal Experience is to stick with basics, I know many wanted to learn advanced bug bounty concepts, but Mastering basics such as OWASP top 10 will give you extreme confidence, and trust me I just applied for internships just by mastering my basics. and my personal experience I would say instead of practising in vulnerable applications, practise in Indian government sites and report it via NCIIPC because you would get a real-life hands-on practical and an appreciation mail too.
2) Read Blogs and POCs’ Everyday
Now go out and ask any professional security researchers and the first thing they would say to get bounty is by reading blogs and watching POCs, this personally helped me to get many bounties and hall of fame, the thing you just need to take from this is the bug bounty tips and queries which is posted in blogs, that’s the reason I explain N number of bug bounty blogs via my Youtube channel. and just by watching my blogs and POCS, my many subscribers got bounties and Hall of Fames.
Bonus Tip: 😍
If you want blogs and POC with almost all vulnerabilities, watch this playlist fully, I have posted almost 70 Blogs and 25 POCs.
Publicly Disclosed Blogs: https://youtube.com/playlist?list=PLjMPTVLsJk7l2WE9cpelqUWcLCpqrz-TG