We all had to start somewhere in bug bounty hunting and we all made mistakes along the way. Most of these often helped us learn more and become even better bug bounty hunters!
If you're in your first years of doing bug bounty hunting or just starting and exploring bug bounties, we want to help you save time with these 7 valuable tips.
In this article, we will cover 7 tips that will help you find your first few vulnerabilities in bug bounty programs faster while also helping you build the first fundamental blocks of your bug bounty methodology.
Let's start with the most important tip we can give to new coming bug bounty hunters.
Bug bounty requires consistent effort for consistent results. Depending on how much time you can allocate to bug bounty hunting, you should dedicate a consistent amount of time to hunting on programs.
Putting in consistent efforts allows you to get to know your target better and build your skill set more quickly, which is a crucial factor for beginners looking for their first vulnerabilities (we'll come back to this later).
Try to plan a specific time slot each day or week in your schedule for hunting on your favorite bug bounty program. Even if it's just an hour a day or a few hours each weekend. Persistence will yield you more and better results in your bug bounty journey overall.
This is a common mistake made by beginners for the sole reason that it's easy to run automated tools. And, although automated tools are a great start, they should, however, never be seen as the only approach. Some tools are outdated whereas others lack coverage for certain vulnerabilities. For these reasons alone, it can lead you to miss out on critical vulnerabilities or even report false positives.
Another thing to consider is that these security tools have probably already been deployed by several other bug bounty hunters. And, this can increase your chance of submitting a duplicate submission.
Before running any automated tool, we encourage you to read our detailed article about aggressive scanning (and how to avoid it).
We always recommend you learn what your target is about and what it offers to gain a stronger foothold. This manual approach will help you find more (unique) vulnerabilities that automated tools often miss!
All experienced bug bounty hunters agree to the following: the more time you spend on the same target, the more security vulnerabilities you find.
Investing time in a single target allows you to gain deeper knowledge and more experience, giving you an edge over other hunters who may not be as dedicated.
Next time, try to focus on a single target for at least a few weeks, ideally up to a month, before considering switching targets. This approach can significantly improve your results and help you find more bugs!
We often like to push ourselves beyond our limits to become the best version of ourselves. But setting unrealistically high goals will harm you more than benefit you and can be more counterproductive than you think.
Instead of focusing on goals that have outcomes that you can't control, try to do the opposite. For example, rather than aiming to find a specific number of bugs in a fixed period, aim to set a goal such as "spending at least 12 hours this week hunting on program X" or "learning at least 2 new vulnerability types this month."
By setting realistic, achievable goals, you'll stay motivated, avoid burnout, and keep improving your bug bounty skills.
We all had that doubt when we just started in bug bounty, especially when we found our first bug. And so you become hesitant to submit it because you're uncertain.
If you recognize yourself here too often, a general rule to remember is: that every vulnerability you do not submit is probably a bounty you miss out on.
If you found a valid security vulnerability that falls within the program's scope policy, submit it as soon as you can. Try to always include as much information as possible about the vulnerability in your report to help triage and the company reproduce your findings, this will also help reduce the time to get it accepted!
Remember that delayed submissions can lead to duplicate reports, which brings us to our next tip.
Some bug bounty hunters like to continue hunting on the program to find more bugs (an approach particularly taken from pentests). However, this can again lead to another bug bounty hunter discovering the same vulnerability at the same time and this can result in a duplicate submission.
This can sometimes be the case with high-severity bugs, and even more so with lower-hanging fruits. Try to submit your bugs as soon as you find them to lower the probability of stumbling across a duplicate.
Programs also always advise you to submit valid bugs as soon as you find them.
It's recommended to select a bug bounty program that matches your skill set. If you're more proficient in testing web applications & APIs, it makes much more sense to only hunt on programs that provide these assets in their in-scope policy.
If you are good at performing reconnaissance and mapping out assets belonging to a specific target, try to select programs with wildcard targets instead of a program with a single asset.
If you like testing mobile applications or desktop applications, you should find a program that provides these apps for you to test.
At Intigriti, we've got all sorts of programs with all types of assets that you can hunt on and earn bounties with! You can start hacking right now:
Hack on programs listed on Intigriti
These 7 tips will help you find your first few vulnerabilities faster. Moreover, following and correctly applying these 7 tips will make it almost impossible to not come across valid bugs in your bug bounty journey.
We hope you've learned something new, and we encourage you to share this article with your bug bounty friends!