Day by Day Pregnancy

How do I get started with bug bounty hunting? How do I improve my skills?

These are some simple steps that every bug bounty hunter can use to get started and improve their skills:

Learn to make it; then break it!
A major chunk of the hacker's mindset consists of wanting to learn more. In order to really exploit issues and discover further potential vulnerabilities, hackers are encouraged to learn to build what they are targeting. By doing this, there is a greater likelihood that hacker will understand the component being targeted and where most issues appear. For example, when people ask me how to take over a sub-domain, I make sure they understand the Domain Name System (DNS) first and let them set up their own website to play around attempting to "claim" that domain.

Read books. Lots of books.
One way to get better is by reading fellow hunters' and hackers' write-ups. Follow /r/netsec and Twitter for fantastic write-ups ranging from a variety of security-related topics that will not only motivate you but help you improve. For a list of good books to read, please refer to "What books should I read?".

Join discussions and ask questions.
As you may be aware, the information security community is full of interesting discussions ranging from breaches to surveillance, and further. The bug bounty community consists of hunters, security analysts, and platform staff helping one and another get better at what they do. There are two very popular bug bounty forums: Bug Bounty Forum and Bug Bounty World.

Participate in open source projects; learn to code.
Go to https://github.com/explore or https://gitlab.com/explore/projects and pick a project to contribute to. By doing so you will improve your general coding and communication skills. On top of that, read https://learnpythonthehardway.org/ and https://linuxjourney.com/.

Help others. If you can teach it, you have mastered it.
Once you discover something new and believe others would benefit from learning about your discovery, publish a write-up about it. Not only will you help others, you will learn to really master the topic because you can actually explain it properly.

Smile when you get feedback and use it to your advantage.
The bug bounty community is full of people wanting to help others so do not be surprised if someone gives you some constructive feedback about your work. Learn from your mistakes and in doing so use it to your advantage. I have a little physical notebook where I keep track of the little things that I learnt during the day and the feedback that people gave me.

Learn to approach a target.
The first step when approaching a target is always going to be reconnaissance — preliminary gathering of information about the target. If the target is a web application, start by browsing around like a normal user and get to know the website's purpose. Then you can start enumerating endpoints such as sub-domains, ports and web paths.

A woodsman was once asked, "What would you do if you had just five minutes to chop down a tree?" He answered, "I would spend the first two and a half minutes sharpening my axe."
As you progress, you will start to notice patterns and find yourself refining your hunting methodology. You will probably also start automating a lot of the repetitive tasks.

Related posts

Welcome back to Linux Command Line Hackery, yes this is Part 2 and today we are going to learn some new skills. Let's rock

Let us first recap what we did in Part 1, if you are not sure what the following commands do then you should read Part 1.

mkdir myfiles # make a directory (folder) with myfiles as name
cd myfiles # navigate to myfiles folder
touch file1 file2 file3 # create three empty files file1, file2, file3
ls -l # view contents of current directory
echo This is file1 > file1 # write a line of text to file1
cat file1 # display contents of file1
echo This is another line in file1 >> file1 # append another line of text to file1
cat file1 # display the modified content of file1

Command: cp
Syntax: cp source1 [source2 ...] destination
Function: cp stands for copy. cp is used to copy a file from source to destination. Some important flags are mentioned below
Flags: -r copy directories recursively
-f if an existing destination file cannot be opened, remove it and try again

Let us make a copy of file1 using the new cp command:

cp file1 file1.bak

what this command is going to do is simply copy file1 to another file named file1.bak. You can name the destination file anything you want.
Say, you have to copy file1 to a different folder maybe to home directory how can we do that? well we can do that like this:

cp file /home/user/

I've used the absolute path here you can use whatever you like.

[Trick: ~ has a special meaning, it stands for logged in user's directory. You could have written previous command simply as
cp file1 ~/
and it would have done the same thing.]

Now you want to create a new directory in myfiles directory with the name backup and store all files of myfiles directory in the backup directory. Let's try it:

mkdir backup
cp file1 file2 file3 backup/

this command will copy file1 file2 file3 to backup directory.
We can copy multiple files using cp by specifying the directory to which files must be copied at the end.
We can also copy whole directory and all files and sub-directories in a directory using cp. In order to make a backup copy of myfiles directory and all of it's contents we will type:

cd .. # navigate to previous directory
cp -r myfiles myfiles.bak # recursively copy all contents of myfiles directory to myfiles.bak directory

This command will copy myfiles directory to myfiles.bak directory including all files and sub-directories

Command: mv
Syntax:   mv source1 [source2 ...] destination
Function: mv stands for move. It is used for moving files from one place to another (cut/paste in GUI) and also for renaming the files.

If we want to rename our file1 to  file1.old in our myfiles folder we'll do the follow:

cd myfiles # navigate first to myfiles folder
mv file1 file1.old

this command will rename the file1 to file1.old (it really has got so old now). Now say we want to create a new file1 file in our myfiles folder and move the file1.old file to our backup folder:

mv file1.old backup/ # move (cut/paste) the file1.old file to backup directory
touch file1 # create a new file called file1
echo New file1 here > file1 # echo some content into file1

Command: rmdir
Syntax: rmdir directory_name
Function: rmdir stands for remove directory. It is used for removing empty directories.

Let's create an empty directory in our myfiles directory called 'garbage' and then remove it using rmdir:

mkdir garbage
rmdir  garbage

Good practice keep it doing. (*_*)
But wait a second, I said empty directory! does it mean I cannot delete a directory which has contents in it (files and sub-directories) with rmdir? Yes!, you cannot do that with rmdir.
So how am I gonna do that, well keep reading...

Command: rm
Syntax: rm FILE...
Function:   rm stands for remove. It is used to remove files and directories. Some of it's important flags are enlisted below.
Flags: -r remove directories and their contents recursively
-f ignore nonexistent files and arguments, never prompt

Now let's say we want to delete the file file1.old in backup folder. Here is how we will do that:

rm backup/file1.old # using relative path here

Boom! the file is gone. Keep in mind one thing when using rm "IT IS DESTRUCTIVE!". No I'm not yelling at you, I'm just warning you that when you use rm to delete a file it doesn't go to Trash (or Recycle Bin). Rather it is deleted and you cannot get it back (unless you use some special tools quickly). So don't try this at home. I'm just kidding but yes try it cautiously otherwise you are going to loose something important.

Did You said that we can delete directory as well with rm? Yes!, I did. You can delete a directory and all of it's contents with rm by just typing:

rm -r directory_name

Maybe we want to delete backup directory from our myfiles directory, just do this:

rm -r backup

And it is gone now.
Remember what I said about rm, use it with cautious and use rm -r more cautiously (believe me it costs a lot). -r flag will remove not just the files in directory it will also remove any sub-directories in that directory and there respective contents as well.

That is it for this article. I've said that I'll make each article short so that It can be learned quickly and remembered for longer time. I don't wanna bore you.

Related word

Download Here

Are you tired of managing your tens of thousands of files like jpgs, pngs, or others and you want a way to manage them as quick as possible then RenApp is solution for all problem.

RenApp lets you change names of many files of a particular type to a common name with added numbering. So no more time wasting in file management just four clicks and your files will be ordered.

Beside that RenApp can clean your folders and subfolders from backup files of .bak or .*~ extension. Removing backup files in order to make space available manually is a tedious work and can take lots of time but why do it that we've got RenApp just locate the folder and click remove it'll remove them all from that folder and its subfolders.

Some of the features of RenApp are as:

Rename files to a common name.
Rename files of different extensions to a common name in one shot
Remove backup files from folder and subfolders.

R RenApp is free and Opensource, written in Python with QT interface. Check out the source code at sourceforge.

Day by Day Pregnancy

Wednesday, May 31, 2023

How Do I Get Started With Bug Bounty ?

Linux Command Line Hackery Series: Part 2

Related word

RenApp: The Ultimate File Renaming App

Related word

Why Should you take care of Day by Day Pregnancy?

Day by Day Pregnancy Free Course

Blog Archive

About Me