👋 Previously, I shared the bug which I focused on in the past when I first started my bug bounty journey (https://youtu.be/jc8Uo9fSwbg)
💬 Many folks have reached out to me to asked for guidance and steps on how to even get started, and also, whether they are technically skilled enough to become a bug bounty hunter 🎖️
📽️ In this video, I went through many of the burning questions that people have asked me, such as the technical skills required to get started, how to stay updated, what resources to follow, and more! 😉
🙌 So if you are a bug bounty beginner or an aspiring bug hunter with all these burning questions as well, do check out this video! I hope it is helpful to you!
Have you just started your #bugbounty journey? Are you new to bug bounty and is still trying to find and report your first bug to platforms like HackerOne / Bugcrowd / YesWeHack / Intigriti or others?
I’d suggest you try to stay focus on a single bug class instead of trying to become an expert in everything, everywhere all at once!
This is the bug which I focused on in the past when I started my bug bounty journey and I think they are a great type of bug class to find for bug bounty beginners who are starting out!
Last week, I attended the Researcher Appreciation Ceremony held alongside the prize ceremony of Jaga the STACK Finale 2022. The Researcher Appreciation Ceremony was held as part of GovTech’s Crowdsourced Vulnerability Discovery Programme (CVDP), where they will present various awards, such as the Top GBBP Researcher award.
I could vividly recall that the entire event was filled with not only students, but also working professionals looking for young and bright individuals for internships or job offers, as the student competition includes categories for a variety of education level (e.g. University). Not forgetting that the organiser also invited the local white hat community to attend this event.
Receiving the Top GBBP Researcher and Most Staunch Supporter Awards
It was an honour to be the recipient of the following two awards:
Top GBBP Researcher
Most Staunch Supporter
It was an even greater honour to be able to receive the awards from our Senior Minister of State, Dr Janil Puthucheary.
Receiving the awards from our Senior Minister of State, Dr Janil Puthucheary.
Government Bug Bounty Program (GBBP)
The Government Bug Bounty Program (GBBP) is held multiple times within a year, whereby GovTech, the organiser, will liaise with various Singapore government agencies to invite them onto the program. After they have been on-boarded, they will provide a list of assets allowed to be tested by the invited white hat security researchers.
This post is a review of my bug hunting journey so far, from when I just started, to the point where I made it into the Top 200 bug hunters on Bugcrowd recently, after two years on the platform.
My profile statistics as of 30 December 2018
The Beginning Phase
Like anything else in life, you must start somewhere, or you will never make it. The worse way to fail is to never even get started.
