1 00:00:00,150 --> 00:00:07,620 So with bug bounty hunting, this is essentially where you are able to find vulnerabilities in software 2 00:00:07,770 --> 00:00:14,210 websites and web applications and be able to get paid by companies for your services. 3 00:00:14,220 --> 00:00:20,160 So you're pretty much the one that's, you know, coming in and saying, hey, I found these books here. 4 00:00:20,160 --> 00:00:21,500 I found these bugs over there. 5 00:00:21,660 --> 00:00:23,640 I found these loopholes here. 6 00:00:24,000 --> 00:00:25,320 You guys need to patch these up. 7 00:00:25,320 --> 00:00:30,810 And once you're able to find those bugs, companies will actually pay you to uncover those. 8 00:00:30,840 --> 00:00:33,660 And so you're pretty much just breaking into software, right? 9 00:00:33,990 --> 00:00:35,370 It's really that simple. 10 00:00:35,550 --> 00:00:41,940 And then you're writing a report as to what you found, how you found it, and then given recommendations 11 00:00:41,940 --> 00:00:44,310 as far as what they can do to patch that up. 12 00:00:44,340 --> 00:00:50,460 And like I mentioned, some hackers are able to make several thousands, if not a six figure income 13 00:00:50,460 --> 00:00:54,180 or more just by doing bug bounty hunting. 14 00:00:54,180 --> 00:00:54,480 Right. 15 00:00:54,720 --> 00:00:59,820 A lot of these folks who actually do this full time, maybe because they don't want to be client facing, 16 00:00:59,820 --> 00:01:04,070 they don't want to work for clients either on the freelancing or consulting side. 17 00:01:04,350 --> 00:01:11,370 And so they'll just stay behind the scenes, behind the computer and essentially get paid to find bugs 18 00:01:11,470 --> 00:01:13,050 within various organizations. 19 00:01:13,050 --> 00:01:18,780 And a resource here where you can practice finding bugs is O.W. Aspey dog. 20 00:01:18,930 --> 00:01:22,740 And you can also take a look at the Google book, Hunter University as well. 21 00:01:23,220 --> 00:01:26,340 And three resources here for you to get started. 22 00:01:26,340 --> 00:01:34,440 Actually, getting paid with bug bounty hunting is hacker one and then bug crowd dotcom and integrity 23 00:01:34,440 --> 00:01:35,110 dotcom. 24 00:01:35,130 --> 00:01:39,840 So these are going to be the top three recommended websites for bug bounty hunting. 25 00:01:39,990 --> 00:01:41,610 There's actually a ton more. 26 00:01:41,790 --> 00:01:45,990 But as far as for the most recommended, these are going to be the top three. 27 00:01:46,200 --> 00:01:51,750 And then we're going to go to my computer and I'm going to show you a quick walkthrough overview of 28 00:01:51,780 --> 00:01:52,230 the story. 29 00:01:52,230 --> 00:01:53,920 Let's head on over to my computer now. 30 00:01:53,940 --> 00:01:58,020 OK, so let's take a look at the top three recommended bounty websites. 31 00:01:58,230 --> 00:02:00,060 The number one here is hacker one. 32 00:02:00,090 --> 00:02:01,260 This is the number one here. 33 00:02:01,500 --> 00:02:07,170 And you can look up here and look at the different products that they have, how you can get paid from 34 00:02:07,170 --> 00:02:08,220 various services. 35 00:02:08,550 --> 00:02:15,750 And your role really here is to, like I mentioned, to get paid for finding vulnerabilities within 36 00:02:15,870 --> 00:02:18,120 a company's networks, essentially right. 37 00:02:18,360 --> 00:02:21,200 In their applications, whatever that may be here. 38 00:02:21,210 --> 00:02:29,520 So you have like a pin test here and then you can do bug bounty hunting here and then also provide various 39 00:02:29,520 --> 00:02:30,060 services. 40 00:02:30,110 --> 00:02:35,490 So definitely recommend you check this out here and then let's go to the next one. 41 00:02:36,060 --> 00:02:37,830 Then we have the bug crowd. 42 00:02:37,980 --> 00:02:42,960 And this is essentially the same thing where you're finding vulnerabilities in systems. 43 00:02:43,770 --> 00:02:45,780 You can actually request a demo here. 44 00:02:46,230 --> 00:02:47,640 You can look at how it works. 45 00:02:48,270 --> 00:02:49,560 They have a good chat here. 46 00:02:49,950 --> 00:02:57,180 And so, again, this is something for if you're wanting to get paid for just finding these different 47 00:02:57,180 --> 00:03:03,510 bugs within organizations and then getting paid for it, if you don't want to do any of the actual client 48 00:03:03,510 --> 00:03:04,320 facing work. 49 00:03:04,890 --> 00:03:10,160 And then we have the integrity dot com here and this one is in Europe, OK? 50 00:03:10,410 --> 00:03:13,110 And so as you can see, there's pretty much the same thing here. 51 00:03:13,110 --> 00:03:14,400 You can request a demo. 52 00:03:14,570 --> 00:03:17,820 You can look at some of the other individuals that have used this as well. 53 00:03:17,820 --> 00:03:25,140 So even if you, you know, maybe don't decide to do this, I would definitely sign up and to all three 54 00:03:25,140 --> 00:03:30,810 of these and maybe do some exploring and find out what it all entails and if it's something that you 55 00:03:30,810 --> 00:03:34,950 actually want to do, even just for practice. 56 00:03:34,950 --> 00:03:35,250 Right. 57 00:03:35,520 --> 00:03:41,280 So as you can see here, you're a researcher or you're a company regardless of, you know, what your 58 00:03:41,430 --> 00:03:42,780 ultimate intention is. 59 00:03:43,080 --> 00:03:50,370 You want to get an idea as far as how the bug bounty hunting works when you get into the cybersecurity 60 00:03:50,370 --> 00:03:54,720 space, unless you're just focusing in on a particular area. 61 00:03:54,720 --> 00:04:01,020 So maybe you're focused on just compliance, you most likely wouldn't be doing very much bug bounty 62 00:04:01,020 --> 00:04:01,320 hunting. 63 00:04:01,320 --> 00:04:07,380 So I'd like to look at it from the perspective of getting a, you know, broad kind of experience. 64 00:04:07,380 --> 00:04:07,710 Right. 65 00:04:07,950 --> 00:04:14,400 And kind of dipping your toes into different areas within the cybersecurity field and then going into 66 00:04:14,400 --> 00:04:18,820 which ones as far as the fields that resonate and connect more with you. 67 00:04:18,840 --> 00:04:21,240 OK, so that's going to be here for this one. 68 00:04:21,240 --> 00:04:22,410 And we'll see you on the next one.