Skip to content

Latest commit

 

History

History
73 lines (41 loc) · 2.48 KB

Hacking QA.md

File metadata and controls

73 lines (41 loc) · 2.48 KB

Q:How to Get started in Bug Bounties

To be honest, Its important to learn som basic stuff before actually start hacking things.

  • Learn Some Basic Web Developing Programming like (HTML,Javascripts and PHP)
  • Learn Some Basic networking concepts like (TCP/IP,DNS,CDN's etc)
  • Learn How Browsers work (SOP,CSP, etc)
  • Then Start reading "Web Hacking Handbook" and "OWASP Testing Guide"
  • Then Join One of the Hacking Playforms (Hackerone or BugCorwd)

I have created an roadmap to be fallowed if you are new to bug bounties, Have a look at it here https://github.com/imran-parray/Bug-Bounty-Resources/blob/master/README.md

TIP: Always remember you need to learn basic things first then move to actualy hacking stuff.

Hope this helps , Your Mentor

Q:Resources

Finish all of this and you will rock the stage https://github.com/imran-parray/Bug-Bounty-Resources/blob/master/README.md

Regarding Books, I think you should start reading

  • Owasp Testin guide
  • Web hacking Handbook
  • Web Hacking 101

Then Read some reports on Hackerone and try to find the same bugs on other bounty programs as well Hope this helps , Your Mentor

Q:I Know hacking But i Couldn't Find Bugs

If you know how to Find bugs but you havn't found alot of bugs yet. Let me tell you somethig "The master of all is the master of none" . As far my personal openion it important to master atleast one bug and have basic knowledge about all other bugs.

So master atleast one bug and have moderate knowledge about other bugs.

Hope this helps , Your Mentor

Q:Do i use kali linux or is kali best for hacking

to be honest kali is a nice OS but its not necessary to user Kali for Hacking. Even i found most of the tools useless which are preinstalled on kali linux. The most important tools for hacking web apps are "Browsers" and "Burpsuite". So i would suggest you to start with any OS (kali or Non-Kali).

Hope this helps , Your Mentor

Q:I am a developer and Want to find bugs

That great, As you already good knowledge about Web development its going to alot beneficial for you while hacking web apps. All you have to do is start reading some of the Bugs and try to replicate the same process on Bug Bounty targets.

I would recomeded you by start reading the fallowing books (You can fallow any order)

  • Owasp Testing guide
  • Web hacking Handbook
  • Web Hacking 101

TIP: Dont stuck too much with reading process, Keep reading new stuff and keep applying it at the same time.

Hope this helps , Your Mentor