Introduction
What is a bug?
Security bug or vulnerability is βa weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, OR availability. What is Bug Bounty?
A bug bounty or bug bounty program is IT jargon for a reward or bounty program given for finding and reporting a bug in a particular software product. Many IT companies offer bug bounties to drive product improvement and get more interaction from end users or clients. Companies that operate bug bounty programs may get hundreds of bug reports, including security bugs and security vulnerabilities, and many who report those bugs stand to receive awards.
What is the Reward?
There are all types of rewards based on the severity of the issue and the cost to fix. They may range from real money (most prevalent) to premium subscriptions (Prime/Netflix), discount coupons (for e commerce of shopping sites), gift vouchers, swags (apparels, badges, customized stationery, etc.). Money may range from 50$ to 50,000$ and even more. What to learn?
Technical
Computer Fundamentals
https://www.comptia.org/training/by-certification/a
https://www.tutorialspoint.com/computer_fundamentals/index.htm
https://onlinecourses.swayam2.ac.in/cec19_cs06/preview
https://www.udemy.com/course/complete-computer-basics-course/
https://www.coursera.org/courses?query=computer%20fundamentals
Computer Networking
https://www.udacity.com/course/computer-networking--ud436
https://www.coursera.org/professional-certificates/google-it-support
https://www.udemy.com/course/introduction-to-computer-networks/
Operating Systems
https://www.coursera.org/learn/os-power-user
https://www.udacity.com/course/introduction-to-operating-systems--ud923
https://www.udemy.com/course/linux-command-line-volume1/
Programming C
https://www.programiz.com/c-programming
Where to learn from?
Blogs and Articles
Hacking Articles: https://www.hackingarticles.in/
Vickie Li Blogs: https://vickieli.dev/
Bugcrowd Blogs: https://www.bugcrowd.com/blog/
Intigriti Blogs: https://blog.intigriti.com/
Portswigger Blogs: https://portswigger.net/blog
Forums
Reddit: https://www.reddit.com/r/websecurity/
Reddit: https://www.reddit.com/r/netsec/
Official Websites
OWASP: https://owasp.org/
PortSwigger: https://portswigger.net/
Cloudflare: https://www.cloudflare.com/
YouTube Channels https://www.youtube.com/@penetestersquad
PRACTICE! PRACTICE! and PRACTICE! CTF
Hacker 101: https://www.hackerone.com/hackers/hacker101
PicoCTF: https://picoctf.org/
TryHackMe: https://tryhackme.com/ (premium/free)
HackTheBox: https://www.hackthebox.com/ (premium)
VulnHub: https://www.vulnhub.com/
HackThisSite: https://hackthissite.org/
CTFChallenge: https://ctfchallenge.co.uk/
PentesterLab: https://pentesterlab.com/ (premium)
Online Labs
PortSwigger Web Security Academy: https://portswigger.net/web-security
OWASP Juice Shop: https://owasp.org/www-project-juice-shop/
XSSGame: https://xss-game.appspot.com/
BugBountyHunter: https://www.bugbountyhunter.com/ (premium)
W3Challs : https://w3challs.com/
Offline Labs
DVWA: https://dvwa.co.uk/
bWAPP: http://www.itsecgames.com/
Metasploitable2: https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
BugBountyHunter: https://www.bugbountyhunter.com/ (premium)
W3Challs : https://w3challs.com/
More Tools and Services To use Servers
Shodan - Search Engine for the Internet of Everything
Censys Search - Search Engine for every server on the Internet to reduce exposure and improve security
Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
ZoomEye - Global cyberspace mapping
GreyNoise - The source for understanding internet noise
Natlas - Scaling Network Scanning
Netlas.io - Discover, Research and Monitor any Assets Available Online
FOFA - Cyberspace mapping
Quake - Cyberspace surveying and mapping system
Hunter - Internet Search Engines For Security Researchers
Vulnerabilities
NIST NVD - US National Vulnerability Database
MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
GitHub Advisory Database - Security vulnerability database inclusive of CVEs and GitHub originated security advisories
cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
osv.dev - Open Source Vulnerabilities
Vulners.com - Your Search Engine for Security Intelligence
opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
security.snyk.io - Open Source Vulnerability Database
Mend Vulnerability Database - The largest open source vulnerability DB
Rapid7 - DB - Vulnerability & Exploit Database
CVEDetails - The ultimate security vulnerability datasource
VulnIQ - Vulnerability intelligence and management solution
SynapsInt - The unified OSINT research tool
Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure
Vulmon - Vulnerability and exploit search engine
VulDB - Number one vulnerability database
ScanFactory - Realtime Security Monitoring
Trend Micro Zero Day Initiative - Publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers
Google Project Zero - Vulnerabilities including Zero Days
Trickest CVE Repository - Gather and update all available and newest CVEs with their PoC
cnvd.org.cn - Chinese National Vulnerability Database
InTheWild.io - Check CVEs in our free, open source feed of exploited vulnerabilities
Vulnerability Lab - Vulnerability research, bug bounties and vulnerability assessments
Red Hat Security Advisories - Information about security flaws that affect Red Hat products and services in the form of security advisories
Cisco Security Advisories - Security advisories and vulnerability information for Cisco products, including network equipment and software
Microsoft Security Response Center - Reports of security vulnerabilities affecting Microsoft products and services
VARIoT - VARIoT IoT Vulnerabilities Database
Exploits
Exploit-DB - Exploit Database
Sploitus - Convenient central place for identifying the newest exploits
Rapid7 - DB - Vulnerability & Exploit Database
Vulmon - Vulnerability and exploit search engine
packetstormsecurity.com - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
0day.today - Ultimate database of exploits and vulnerabilities
LOLBAS - Living Off The Land Binaries, Scripts and Libraries
GTFOBins - Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Payloads All The Things - A list of useful payloads and bypasses for Web Application Security
XSS Payloads - The wonderland of JavaScript unexpected usages, and more
exploitalert.com - Database of Exploits
Reverse Shell generator - Online Reverse Shell generator with Local Storage functionality, URI & Base64 Encoding, MSFVenom Generator, and Raw Mode
HackerOne hacktivity - See the latest hacker activity on HackerOne
Bugcrowd Crowdstream - Showcase of accepted and disclosed submissions on Bugcrowd programs
GTFOArgs - Curated list of Unix binaries that can be manipulated for argument injection
shell-storm.org/shellcode - Shellcodes database for study cases
Hacking the Cloud - Encyclopedia of the attacks/tactics/techniques that offensive security professionals can use on their next cloud exploitation adventure
LOLDrivers - Open-source project that brings together vulnerable, malicious, and known malicious Windows drivers
PwnWiki - Collection of TTPs (tools, tactics, and procedures) for what to do after access has been gained
CVExploits Search - Your comprehensive database for CVE exploits from across the internet
VARIoT - VARIoT IoT exploits database
LOOBins - Detailed information on various built-in macOS binaries and how they can be used by threat actors for malicious purposes
Coalition Exploit Scoring System - Model that dynamically scores new and existing vulnerabilities to reflect their exploit likelihood
WADComs - Interactive cheat sheet containing a curated list of offensive security tools and their respective commands to be used against Windows/AD environments
LOLAPPS - Compendium of applications that can be used to carry out day-to-day exploitation
Living off the Hardware - Resource collection that provides guidance on identifying and utilizing malicious hardware and malicious devices
Living Off the Pipeline - How development tools commonly used in CI/CD pipelines can be used to achieve arbitrary code execution
Bug Bounty Platforms Crowdsourcing
Bugcrowd: https://www.bugcrowd.com/
Hackerone: https://www.hackerone.com/
Intigriti: https://www.intigriti.com/
YesWeHack: https://www.yeswehack.com/
OpenBugBounty: https://www.openbugbounty.org/
Individual Programs
Meta: https://www.facebook.com/whitehat
Google: https://about.google/appsecurity/
Bug Bounty Report Format Title
The first impression is the last impression, the security engineer looks at the title first and he should be able to identify the issue. Write about what kind of functionality you can able to abuse or what kind of protection you can bypass. Write in just one line. Include the Impact of the issue in the title if possible. Description
This component provides details of the vulnerability, you can explain the vulnerability here, write about the paths, endpoints, error messages you got while testing. You can also attach HTTP requests, vulnerable source code. Steps to Reproduce
Write the stepwise process to recreate the bug. It is important for an app owner to be able to verify what you've found and understand the scenario. You must write each step clearly in-order to demonstrate the issue. that helps security engineers to triage fast. Proof of Concept
This component is the visual of the whole work. You can record a demonstration video or attach screenshots. Impact
Write about the real-life impact, How an attacker can take advantage if he/she successfully exploits the vulnerability. What type of possible damages could be done? (avoid writing about the theoretical impact) Should align with the business objective of the organization
- Exploit Notes
- Bug Bounty Hunting
- Mind Maps
- CQR Company - IDOR
- MindAPI References
- MindAPI Play
- Web Security Vulnerabilities
- How To Hunt
- Acunetix Web Vulnerabilities
- Vulnerability Checklist
- Web App Hacking
- Handbook for Web Applications
- Awesome Bug Bounty Writeups
- HowToHunt
- Automated Scanners
- Ired Team
- HolyTips
- Awesome Web Security
- Vulnerable Machines
- Web Vulnerabilities Methodology
- LFI Cheat Sheet
- PayloadsAllTheThings
- Web Vulnerabilities Methodology
- Network Security
- Practical Bug Bounty
- OffSec Tools
- Detectify Blog
- Web App Pentest
- Projects Cheat Sheet
- SalmonSec Cheat Sheet
- Burp Suite Extensions
- Awesome Burp Extensions
- BugBounty
Medium: https://medium.com/analytics-vidhya/a-beginners-guide-to-cyber-security-3d0f7891c93a
Infosec Writeups: https://infosecwriteups.com/?gi=3149891cc73d
Hackerone Hacktivity: https://hackerone.com/hacktivity
Google VRP Writeups: https://github.com/xdavidhu/awesome-google-vrp-writeups
- RingZer0 CTF
- Root Me
- Offensive Security Labs
- PortSwigger
- VulnHub
- OverTheWire
- HackXpert Labs
- Let's Defend
- EchoCTF
- AuthLab
- Prompt Riddle
- 247CTF
- CTFLearn
- W3Challs
- CrackMes
- CryptoHack
- Hacker101
- Hack This Site
- PicoCTF
- Pwnable.xyz
- Hacking Hub
- Bug Bounty Hunter
- Java Vulnerable Lab
- Java Security Course
- Web Hacking KR
- WebSec FR
- Suninatas
- Promptriddle
- PwnTN
- HBH Authentication
- Thematic Enigmas
You can explore these resources to learn and practice various aspects of cybersecurity, including vulnerability assessment, bug hunting, and penetration testing.