Introduction

  • Bug Bounty is one of the Vulnerability Reward Program initiated by known companies and websites to reward the person who finds, exploits and report vulnerabilities. These kinds of the program give the organizations to find issues in their system(s) before the public becomes aware of the vulnerability. As the critical vulnerability found can bring losses to the organization and defame them.
  • Bug bounty concept was originated by Jarrett Ridlinghafer, a technical support engineer at Netscape Communications Corporation who recognized that Netscape had many passionate security researchers and evangelists to work for its products, some of them known to him seemed to be dedicated, particularly for the product Mosaic/Netscape/Mozilla browser. He started investigating the phenomenon in more detail and discovered that many of Netscape’s enthusiasts were basically software engineers who were fixing the product’s bugs on their own and publishing the fixes or workarounds.
  • Since the inception of this idea, it has been adopted by brands such as Facebook, Yahoo!, Google, Reddit and more others. Nowadays, most of the tech industries have their own bug bounty program for discovering vulnerabilities of their products.

Why should one take part in Bug Bounty Programs?

  • Security is one of the most important aspects of a software application or computer related products. Since last few years most of the organization are getting involve in Bug Bounty program to make their products more secure.
  • These Bug bounty programs allow anyone with satisfactory skill sets to penetrate systems and products owned by the organization but limited to clauses mention in the policy and rules.
  • Most of the organization offer rewards to those who show the bug but this bug should be provided with a good amount of sensible information for the organization to confirm the bug from there end. Some organization give a reward like Hall of Fame, hamper, swag or bounties which depends on the organization size and policy.
Ideographic of Various Reasons
  • These Bug bounty programs have already found a lot of common vulnerabilities which very high risk to the systems/applications. Below are some of them.
  • XSS (Cross Site Scripting)
  • SQLi
  • RCE (Remote Code Execution)
  • IDOR (Insecure Direct object reference)
  • CSRF (Cross Site Request Forgery)

These are the web application vulnerabilities, but all kinds of security vulnerabilities can bring the threat to the organization. Most common vulnerabilities are listed in OWASP-TOP 10

How to get started with Bug Bounty Programs?

  • Expand your knowledge to learn about an application, it will give you more chances to get your bug valid. Most of the security researchers start with cross-site scripting vulnerability and at the end, the reported bug is counted as duplicate, so don’t stick with cross-site scripting look for vulnerabilities like CSRF, subdomains takeover, Server vulnerabilities etc. Bug Bounty is more about attacks, the more attacks you know the more chances you get to go inside.
  • Learn from researchers, most of the researchers write about their findings, sometimes they find something unique. So, follow some researchers on Facebook, Twitter, subscribe to their blogs.
  • Finding a bug need lots of patience’s, similarly, bug bounty needs a lot of patience and it will test you at end of your level.
  • Read the bug bounty policy carefully, if you have read the Google VRP policy, you will find that the acquisitions are also in scope. Go ahead to find acquisitions list and hunt on their domains.
  • Find domain and subdomains, there are organizations subdomains or owned domains they might be vulnerable, so use your skills to find them all.
  • Grasp knowledge about web application tool burp suite, also if possible get professional version because it has features which will allow you to do automated and manual tests.
  • Big organization updates their system on daily basis. So, keep updated with the organization blogs who release products, services or make some new changes are declared on their official blog. Sometimes these companies have a new release under the scope of testing.
Pros and Cons of Bug Bounty

References

To learn bug-hunting techniques:

If one wants to be an expert in Bug Hunting or Penetration Testing, he/she needs to learn the basics of VAPT and needs to be familiar with Penetration Testing Ethics, Penetration testing execution standards, OWASP, and more standards.

There are few courses available on the market:

  • OSCP
  • CSA
  • CCNA Security

These courses are a great way to test your skills and which allow you to learn new tools and techniques for finding vulnerabilities. Those who have keen interest to learn and find vulnerabilities should keep themselves updated with the security news channels or keep reading security blogs.

Bug bounty Links and Resources
Bug Bounty Image