3
Awesome Bug Bounty Roadmap
source link: https://attacker-codeninja.github.io/2022-06-06-awesome-bug-bounty-roadmap/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Awesome Bug Bounty Roadmap
Hi Friends, This is CodeNinja a.k.a Aakash Choudhary.
This blog contains complete Roadmap for Beginners or even Intermediate to become a successful Bug Hunters or even more
Without wasting time, following are the Roadmaps =>
First steps Persistance + Patience + Proper Time Management + Proper Planning + Eagerness2nd Step is to make your basics strong whatever it is Like =>
- DNS,Networking, HTTP/HTTPS,Zone Transfer,HTTP Headers, HTTP Methods, HTTP Status Codes, Request/Response, URL Schemes
- WAF, DNS Rebinding,CDN Services, VHOST
- Microservices, APIs,REST APIs,Graphql Attack & Defense,OWASP Top 10[must]
- Knowledge about basic programming concepts[OOPs,Routing,Structures,Loops etc]
- Linux Basics + Regex
- HTML,JS,DOM,AJAX [for HTML Injection + basic building blocks of Website or many things related to mention things ]
- Today’s Architecture of web and old one too - Like how web evolved from past - Like how web worked in past and their security + defensive things
- How browser works and their TABS works ? How they interact with each other
- Basic uses of hacking tools - Like how they work and how efficiently we can work with tools smartly
- Cloud Concepts
- Automation Knowledge [Python,Bash,Golang,Rust] [whatever we choose]
- OSINT
- How cache works
- Cookies/Sessions/Authentication/Authorization/Cache/CORS/SOP/2FA/MFA
- Cryptography,encoding/decoding,encipher,decipher,encryption,decryption i.e Encoding Mechansim
- SAST/DAST/IAST
- Learn to use => 1. Burpsuite 2. ZAP 3. Nuceli 4. Jaeles
- That is work on your creativity to use above tools
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK