Get start with BugBounty, Pentest and Security Researcher

I have always been in confusion about how to get started with security or pentest or somehow with a bug bounty. There are tons of resources available on the internet.

The Fact

The fact is there is no hard and fast rule or there is no standard course by following which you will get the tag of a security expert.

There is no defined way to become a security researcher.

Here at the end, I am also going to give you some resources about the get started but to be honest it will not help until you start with a practice or use it in your day-to-day life for learning purposes.

So what missing?

Resources will get the directions for learning. Let’s say you got one blog where the blogger explains everything steps by step and You decided to complete it in 7 days. Your approach SHOULD NOT be that once you finish with the whole tutorial you should start with researching it won’t help or probably you must have forgotten the things which you learned on day 1.

The Approach

Start performing practical from the first day. Whatever your learning start implementing those. Try to find the smallest loopholes. And trust me you won’t get it on Day 1. But with the practice, you will become to know how to find or where to find.

Where to do practice?

You can use any Bugbounty side where lots of products, apps, websites get listed to find bugs, vulnerabilities, etc. You can also use CTF (Capture the flag). I will not go in deep with these terminologies because you can find better explanations on google. You will also get a better guide on how to start with these platforms.

Don’t Forget your practice will give you a real security expert badge. Keep practicing.

Some resources to get start

Ep 1 - Legacy:

Ep 2 - Lame:

Ep 3 - Blue:

Ep 4 - Devel:

Ep. 5 - Jerry:

Ep. 6 - Nibbles:

Ep. 7 - Optimum:

Ep. 8 - Bashed:

Ep. 9 - Grandpa:

Ep. 10 - Netmon:

Please feel free to post your doubt or suggestions below 🙂