Skip to main content

How I got my first private invitation to a bug bounty program?

Bug bounty platforms are rapidly gaining popularity among ethical hackers and penetration testers, they provide crowdsource solutions to different companies, hackers look for security loopholes in the websites and in turn they get paid for a valid submission.

But as such platforms are gaining popularity and more and more people are finding security bugs in public programs resulting in lesser vulnerabilities to be found left, private invitations are a better choice in this scenario, as the word "Private" explains the story, not everyone is allowed to hack on the private program like public ones. Only selected hackers based on their skill set and achievements are invited to private programs.

Hence, I got invited to one of the private programs, it is pretty confusing for newbies to know that how they can be invited to a private program but don't worry I'll make it clear & concise for you. 

HackerOne is a famous and probably number one bug bounty platform, with some hackers making over 1 million $ in bounties through this platform. This platform introduces an interesting way for you to learn hacking and making your path to your first private invitation. Hacker101 is a project of HackerOne in which they post videos and lectures related to hacking, they also have some CTFs for hackers to get hands-on experience. The interesting thing with CTFs is that CTFs carry points and once you complete some CTFs and get a total of 26 points you get invited to a private program, this cycle goes on, to get your next private program you have to get 26 more points in CTFs again.

You may have noticed that I have been posting walkthroughs of CTFs from Hacker101, that's exactly what I was doing, trying to hone my skills and smoothen my path towards the private invitation. I completed 26 points successfully and got a private invitation instantly.


Quite obviously, these are PRIVATE programs meaning that you are not allowed even to discuss their name in the public, forget about security bugs, if you do so, you are breaking the law and is committing a crime.


The CTFs I solved included many different vulnerabilities like XSS (Stored & Reflected), SQLi, IDOR, Privilege Escalation, etc so its a good practice as well to go through these CTFs.

I hope it is pretty clear to you about how you can also get a private invitation. If not, ask me in the comments.

Labels:

Comments

Post a Comment

Popular posts from this blog

Hacker 101 CTF Walkthrough: Petshop Pro

I am back with another walkthrough to one of the  HackerOne 's CTF Petshop Pro . Let's look at the interface of this web page.
Post a Comment
Read more

Kali Linux 2020.1 tty1 ERROR

I found a horrible error when I installed the latest version of Kali Linux on one of my machines, after installing the OS when I started it, it booted into a black screen which asked for my login credentials without any GUI. It is heartbreaking to see problems right away in a freshly installed operating system but after some Googling, I dug out the solution which I will share with you here.  Steps to solve No GUI tty1 Error in Kali Linux 1. First log in with your user credentials 2. Write command:  cd / 3. Write command: cd etc/ 4. Write command: cd apt/ 5. Write command: cat sources.list After step 5, you will see something like this: As you can see, no repositories are mentioned here so obviously we'll have to add kali official repositories to this file.  6. Write command: sudo nano sources.list 7. Write your password 8. Now add the following repositories at the end of the editable file which is opened on the terminal: deb h...
Post a Comment
Read more