Bug bounty

Julian Brooks
Julian Brooks

Are bug bounty programs a meme? Can you actually make money of this shit? Any experiences?

hackerone.com/reports/429679

What do you think how hard it is to get to that level? I've built some foundation, studying on Cybrary Network+, Comptia A+, Security+, Linux+ and currently reading TCP/IP illustrated. I need to study Web app stuff right?

Attached: afafafe.png (501.18 KB, 919x391)

Other urls found in this thread:

infosecurity-magazine.com/news/19-year-old-awarded-more-than-1m-1-1/

Connor Gray
Connor Gray

if you're a good hacker you're making actual hacks for money. These "hackers" earn next to nothing with the cheap bounties companies offer.

Eli Sanchez
Eli Sanchez

if your a good hacker you would fix the double post bug here as your first bounty

Justin Gray
Justin Gray

Bug bounties are a complete meme. Most of the bounties go to the same handful of people who already do this professionally in some other way; you are basically competing with a bunch of teenagers for peanuts.

Bentley Wood
Bentley Wood

We call them bug chasers now

Attached: hands-diversity.jpg (1.08 MB, 2082x1171)

Jose Morgan
Jose Morgan

This. Even if you had zero-days the spooks pay MUCH better.

Gavin Ross
Gavin Ross

Any "hacker" earning their money doing bug bounties is a skid that knows few tricks here and there and never amounts to anything.
They think it is a valuable experience that might land them a job but they're deluding themselves into literal shit digging work.

Isaiah Parker
Isaiah Parker

But what if you were doing them not for the money, but to piss the spooks off by fixing zerodays in software they like to hack?

Dominic Thompson
Dominic Thompson

I just want to know how I've only ever seen this problem on Zig Forums. CSS problem or what?

Juan Wilson
Juan Wilson

I need to study Web app stuff right?
Not really. Learn how to actually work on malware, reverse engineer it, and detect it (a/v and traffic signatures). You'll make way more money doing it and you won't just be a skid.

Parker Ortiz
Parker Ortiz

It comes from faggots who don't see their post show up, so they post it again. Then the original post shows up, and then the second post.
I've only ever seen this problem on Zig Forums
I've seen it on reddit too. Think there was a bug one time, because I saw a thread where everyone's post had doubled. It's more egregious on Zig Forums because no one can delete threads except the BO.

John Myers
John Myers

find a lethal bug
use bug and earn as much as you can
anomalous attacks
find another lethal bug
sell old bug
repeat.

Robert Allen
Robert Allen

They're memes. If you contribute to an open source project anyway, you can earn beer money doing random companie's specific feature requests, but it's not a way to support yourself.

Jace Scott
Jace Scott

Yes they are a meme. It's 100% marketing. "Look bruh discord has a bug bounty, it must be better than conject0r, even though it crashes every 5 seconds". Bug bounties don't and never have made software any more secure. The software industry is a joke and as an obvious collary, so is the security of all software.
Any experiences?
Oh you're one of those people.
do attack A that nobody else has done
sell it to company a year later after they figured it out
genius. is there a way to collect bug bounties anonymously?

Ian Clark
Ian Clark

its a meme
meanwhile a 19 year old self taught guy from some 3rd world shithole gets paid 1million

infosecurity-magazine.com/news/19-year-old-awarded-more-than-1m-1-1/

Zig Forums forever BTFO

Attached: 14298529849.png (184.48 KB, 838x683)

Gavin Barnes
Gavin Barnes

from a software engineering standpoint it's a meme, but that's something you wont understand. also whatever news article you link to may or may not just be marketing/hype

Levi Ramirez
Levi Ramirez

seething

Austin Nelson
Austin Nelson

sounds very meme to me. why is it always some kid that does these instead of people that call themselves "professionals" and do that shit as their job

Logan Anderson
Logan Anderson

i dunno about the "whitehat community" but everyone i know who's actually good at hacking became millionares 10 years ago and wouldn't waste their time with this shit. point is, software industry is shit

Michael Fisher
Michael Fisher

to get young retards into the field to flood the market suppress wage costs

Kevin Gonzalez
Kevin Gonzalez

Hackerone and bugcrowd are decent. I know some people pull bounties from those programs on the regular.

Things you will need to know for real hacking. Look this shit up on YouTube.
Assembly programming
Shellcode
Egghunting
Exploit development

That or learn relational database applications development then Learn SQL injection and things like that for Web applications penetration testing.

True blackhats can make more money in given circumstance. That and something like 95% of moralfags are leftists. Fuck the security industry. But if a guy wants to make some cash on bug bounties whatever. I'm over it.

This is absolutely true. Doing tech work on prospect is not recommended. Most people will make up some reason they are not going to pay you.

This is categorically false. Finding and fixing bugs makes software more secure. Hackers finding security holes and responsibly reporting them to developer helps developers tremendously.

True, there are some success stories.

Also true. Nearly everything in the security industry is a scam. Best bet just write hack tools and put them on Github to build a portfolio in hopes of getting offered a real job. That or just hack because you love it.

Jeremiah Cox
Jeremiah Cox

You would be better off and make more by catching actual bugs OP. Media has a successor bias reporting the only 2 or 3 over successful cases when the average success is very low and an average bug catcher actually makes the double of an average bug bounty hunter. Don't treat it as anything more than a part time job.

Brayden White
Brayden White

1043306
This is categorically false. Finding and fixing bugs makes software more secure.
No it fucking doesn't, and since you list "Egghunting" as if it's some fundamental wisdom you come off as yet another skidd0. Fixing one vuln someone finds makes the software slighty better at best, does fuck all to change the attitude of the "software engineers", and gets you and the vendor some PR.
Hackers finding security holes and responsibly reporting them to developer helps developers tremendously.
No it doesn't. It's literally just a market.

Jayden Rogers
Jayden Rogers

THIS. IT'S ALWAYS ABOUT THIS!

Wyatt Perez
Wyatt Perez

this

Nicholas Garcia
Nicholas Garcia

HAPAS ARE SUPERIOR TO WHITES

Ayden Morales
Ayden Morales

HAPAS ARE SUPERIOR TO WHITES

Wyatt Perez
Wyatt Perez

HAPAS ARE SUPERIOR TO WHITES

Jackson Morris
Jackson Morris

HAPAS ARE SUPERIOR TO WHITES

Dylan Hughes
Dylan Hughes

HAPAS ARE SUPERIOR TO WHITES

Jordan Baker
Jordan Baker

HAPAS ARE SUPERIOR TO WHITES

Gabriel Cooper
Gabriel Cooper

I smell rats.

Dylan Brown
Dylan Brown

These are our enemies. Why are we supporting them?

Gabriel Hernandez
Gabriel Hernandez

Whatcha sliding Chaim?

Aaron Roberts
Aaron Roberts

Whatcha saying schlomo?

Joshua Gonzalez
Joshua Gonzalez

Whatcha sliding MOSHE?

Xavier Turner
Xavier Turner

Yeah, right, and the moon is made of cheese.

Connor Perry
Connor Perry

The Semitic influence is strong with this one.