Welcome, In this section we will see bug bounty hunting from scratch. This recipe We will talk about Bug Bounty Introduction.

What is bug bounty?

A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities. 


Before going to, Getting started with bug bounty you will need to register an account on a public bug bounty platform(HackerOne , Zerocopter, etc ) and find a program. When you know what target you want to hit, you will use your knowledge of programming and security to find vulnerabilities. These are vulnerabilities that could be used by hackers to harm the program. You will report these vulnerabilities and may get paid for finding them.

It's possible for people with no knowledge of hacking to get involved, but there is a ramp up time that requires quite a bit of effort before you will start finding vulnerabilities. Most people in bug bounty learn about web hacking, but there are programs that consist of only binary exploitation or mobile hacking.

Once you decide what you want to do, you will need to start learning about the types of vulnerabilities that exist and how to find them. Having some knowledge of how these vulnerabilities work from a programmer's perspective will help you tremendously.


Platforms

Here are some of the popular bug bounty platforms. There are more out there and many new ones spinning up every year.

Platform             Sign up       Type of programs

  1. HackerOne Public Public and private

  2. Zerocopter Invite only Private

  3. Bugcrowd Public Public and private

  4. Synack Invite only Private

  5. Cobalt Public Public and private

  6. Bountyfactory Public Public and private

  7. BugBountyHQ Public Public and private

  8. Intigriti Public Public and private