Are bug bounty programs a meme? Can you actually make money of this shit? Any experiences?
hackerone.com/reports/429679
What do you think how hard it is to get to that level? I've built some foundation, studying on Cybrary Network+, Comptia A+, Security+, Linux+ and currently reading TCP/IP illustrated. I need to study Web app stuff right?
Attached: afafafe.png (501.18 KB, 919x391)
9 months ago
if you're a good hacker you're making actual hacks for money. These "hackers" earn next to nothing with the cheap bounties companies offer.
9 months ago
if your a good hacker you would fix the double post bug here as your first bounty
9 months ago
Bug bounties are a complete meme. Most of the bounties go to the same handful of people who already do this professionally in some other way; you are basically competing with a bunch of teenagers for peanuts.
9 months ago
We call them bug chasers now
Attached: hands-diversity.jpg (1.08 MB, 2082x1171)
9 months ago
This. Even if you had zero-days the spooks pay MUCH better.
9 months ago
Any "hacker" earning their money doing bug bounties is a skid that knows few tricks here and there and never amounts to anything.
They think it is a valuable experience that might land them a job but they're deluding themselves into literal shit digging work.
9 months ago
But what if you were doing them not for the money, but to piss the spooks off by fixing zerodays in software they like to hack?
9 months ago
I just want to know how I've only ever seen this problem on Zig Forums. CSS problem or what?
9 months ago
I need to study Web app stuff right?
Not really. Learn how to actually work on malware, reverse engineer it, and detect it (a/v and traffic signatures). You'll make way more money doing it and you won't just be a skid.
9 months ago
It comes from faggots who don't see their post show up, so they post it again. Then the original post shows up, and then the second post.
I've only ever seen this problem on Zig Forums
I've seen it on reddit too. Think there was a bug one time, because I saw a thread where everyone's post had doubled. It's more egregious on Zig Forums because no one can delete threads except the BO.
9 months ago
find a lethal bug
use bug and earn as much as you can
anomalous attacks
find another lethal bug
sell old bug
repeat.
9 months ago
They're memes. If you contribute to an open source project anyway, you can earn beer money doing random companie's specific feature requests, but it's not a way to support yourself.
9 months ago
Yes they are a meme. It's 100% marketing. "Look bruh discord has a bug bounty, it must be better than conject0r, even though it crashes every 5 seconds". Bug bounties don't and never have made software any more secure. The software industry is a joke and as an obvious collary, so is the security of all software.
Any experiences?
Oh you're one of those people.
do attack A that nobody else has done
sell it to company a year later after they figured it out
genius. is there a way to collect bug bounties anonymously?
9 months ago
its a meme
meanwhile a 19 year old self taught guy from some 3rd world shithole gets paid 1million
infosecurity-magazine.com/news/19-year-old-awarded-more-than-1m-1-1/
Zig Forums forever BTFO
Attached: 14298529849.png (184.48 KB, 838x683)
9 months ago
from a software engineering standpoint it's a meme, but that's something you wont understand. also whatever news article you link to may or may not just be marketing/hype
9 months ago
sounds very meme to me. why is it always some kid that does these instead of people that call themselves "professionals" and do that shit as their job
9 months ago
i dunno about the "whitehat community" but everyone i know who's actually good at hacking became millionares 10 years ago and wouldn't waste their time with this shit. point is, software industry is shit
9 months ago
to get young retards into the field to flood the market suppress wage costs
9 months ago
Hackerone and bugcrowd are decent. I know some people pull bounties from those programs on the regular.
Things you will need to know for real hacking. Look this shit up on YouTube.
Assembly programming
Shellcode
Egghunting
Exploit development
That or learn relational database applications development then Learn SQL injection and things like that for Web applications penetration testing.
True blackhats can make more money in given circumstance. That and something like 95% of moralfags are leftists. Fuck the security industry. But if a guy wants to make some cash on bug bounties whatever. I'm over it.
This is absolutely true. Doing tech work on prospect is not recommended. Most people will make up some reason they are not going to pay you.
This is categorically false. Finding and fixing bugs makes software more secure. Hackers finding security holes and responsibly reporting them to developer helps developers tremendously.
True, there are some success stories.
Also true. Nearly everything in the security industry is a scam. Best bet just write hack tools and put them on Github to build a portfolio in hopes of getting offered a real job. That or just hack because you love it.
9 months ago
You would be better off and make more by catching actual bugs OP. Media has a successor bias reporting the only 2 or 3 over successful cases when the average success is very low and an average bug catcher actually makes the double of an average bug bounty hunter. Don't treat it as anything more than a part time job.
9 months ago
1043306
This is categorically false. Finding and fixing bugs makes software more secure.
No it fucking doesn't, and since you list "Egghunting" as if it's some fundamental wisdom you come off as yet another skidd0. Fixing one vuln someone finds makes the software slighty better at best, does fuck all to change the attitude of the "software engineers", and gets you and the vendor some PR.
Hackers finding security holes and responsibly reporting them to developer helps developers tremendously.
No it doesn't. It's literally just a market.
9 months ago
THIS. IT'S ALWAYS ABOUT THIS!
9 months ago
HAPAS ARE SUPERIOR TO WHITES
8 months ago
HAPAS ARE SUPERIOR TO WHITES
8 months ago
HAPAS ARE SUPERIOR TO WHITES
8 months ago
HAPAS ARE SUPERIOR TO WHITES
8 months ago
HAPAS ARE SUPERIOR TO WHITES
8 months ago
HAPAS ARE SUPERIOR TO WHITES
8 months ago
These are our enemies. Why are we supporting them?
8 months ago
Yeah, right, and the moon is made of cheese.
8 months ago
The Semitic influence is strong with this one.
8 months ago