The summary is written based on the following resources:
(a) Hack with intention to learn
- Realize that you will gain knowledge and the know-how when you are trying to hack something.
- Investigate a product / app to see how it works. The knowledge can be used for future hacking.
- Journal down what you are learning everyday.
- Do not worry about duplicates. It means that you found a genuine issue.
- There are always bugs out there since companies are frequently pushing their code.
(b) Invest time in reading hands-on guide
- Take note of how you can apply what you read to improve your methodology.
- Read a lot of documentation about APIs, Products, Business Logic, Security Technologies, New Languages, CTFs, etc.
(c) Find / Build your niches:
- Focus on areas where very few people are looking.
- Think about where you can find bugs in an unexpected places.
- Try testing the applications which are not in conventional platform.
- You cannot be looking for low-hanging fruits all the time.
Bug Bounty Checklist
- Test for Injections vulnerabilities in Web and Mobile apps (SQLi, Command Injection, ORM injection, etc.). Understand if there are any validation or filter done.
- Test to see if sensitive data are encrypted while it is transit, at rest.
- Testing XML External Entity (XXE). Check if you can upload files (DOCs, PPT, etc.) / xml types. Know the impact:
- Retrieve file from server
- Server Side Request Forgery (SSRF)
- Denial of Service (DoS)
- Testing for Broken access Control. Check if a user can have privileges of other roles to exploit. Access control is only effective if it is enforced on server-side code or serverless APIs.
- Look at the where the access roles are indicated. JWT? Cookie? URL?
- Can you access admin pages without authentication?
- Learn how to test for XSS – in depth. Know the potential XSS loopholes in modern framework such as ReactJS, etc.
- Reflected: Unvalidated Input becomes part of HTML output.
- Stored: Unsanitized input are stored to be viewed later.
- DOM: JS / Single Page App (SPA) / API that dynamically uses user data to create DOM.
Be First to Comment