Skip to main content

How I got my first private invitation to a bug bounty program?

Bug bounty platforms are rapidly gaining popularity among ethical hackers and penetration testers, they provide crowdsource solutions to different companies, hackers look for security loopholes in the websites and in turn they get paid for a valid submission.

But as such platforms are gaining popularity and more and more people are finding security bugs in public programs resulting in lesser vulnerabilities to be found left, private invitations are a better choice in this scenario, as the word "Private" explains the story, not everyone is allowed to hack on the private program like public ones. Only selected hackers based on their skill set and achievements are invited to private programs.

Hence, I got invited to one of the private programs, it is pretty confusing for newbies to know that how they can be invited to a private program but don't worry I'll make it clear & concise for you. 

HackerOne is a famous and probably number one bug bounty platform, with some hackers making over 1 million $ in bounties through this platform. This platform introduces an interesting way for you to learn hacking and making your path to your first private invitation. Hacker101 is a project of HackerOne in which they post videos and lectures related to hacking, they also have some CTFs for hackers to get hands-on experience. The interesting thing with CTFs is that CTFs carry points and once you complete some CTFs and get a total of 26 points you get invited to a private program, this cycle goes on, to get your next private program you have to get 26 more points in CTFs again.

You may have noticed that I have been posting walkthroughs of CTFs from Hacker101, that's exactly what I was doing, trying to hone my skills and smoothen my path towards the private invitation. I completed 26 points successfully and got a private invitation instantly.


Quite obviously, these are PRIVATE programs meaning that you are not allowed even to discuss their name in the public, forget about security bugs, if you do so, you are breaking the law and is committing a crime.


The CTFs I solved included many different vulnerabilities like XSS (Stored & Reflected), SQLi, IDOR, Privilege Escalation, etc so its a good practice as well to go through these CTFs.

I hope it is pretty clear to you about how you can also get a private invitation. If not, ask me in the comments.

Labels:

Comments

Post a Comment

Popular posts from this blog

Hacker 101 CTF Walkthrough: Petshop Pro

I am back with another walkthrough to one of the  HackerOne 's CTF Petshop Pro . Let's look at the interface of this web page.
Post a Comment
Read more

Hacker101 CTF Walkthrough: Micro-CMS v1

Here is the walkthrough for another CTF available on  Hacker 101  is Micro-CMS v1 This CTF has four flags and I will walk you off through each one of them. Let's start! This is the main page of the CTF where you have some options like you can create some pages, and read the already created ones. Flag 0: To find the flag0 you need to first create a page with some random content After creating the page, you will be redirected to the page you just created showing the contents. Observe the URL at this moment. It will be something like: http://34.74.105.127/242d57e34e/page/13 Noticing that our page number has been assigned number 13 and by manually changing the page number you can access other pages. Now click on Edit this Page  button in the top right corner. Now observe the URL which will be like http://34.74.105.127/242d57e34e/page/edit/13 So we know now that we can access a page in two ways, by simply hitting the page URL and by hitting the edit page URL.
Post a Comment
Read more