Have you just started your #bugbounty journey? Are you new to bug bounty and is still trying to find and report your first bug to platforms like HackerOne / Bugcrowd / YesWeHack / Intigriti or others?
I’d suggest you try to stay focus on a single bug class instead of trying to become an expert in everything, everywhere all at once!
This is the bug which I focused on in the past when I started my bug bounty journey and I think they are a great type of bug class to find for bug bounty beginners who are starting out!
This post is a review of my bug hunting journey so far, from when I just started, to the point where I made it into the Top 200 bug hunters on Bugcrowd recently, after two years on the platform.
My profile statistics as of 30 December 2018
The Beginning Phase
Like anything else in life, you must start somewhere, or you will never make it. The worse way to fail is to never even get started.
This is a write-up on the Fastest Fix on Open Bug Bounty (OBB) Platform. The security team was extremely prompt in responding and fixing the bug.
I don’t usually write articles related to the bugs that I have reported to organisations through responsible disclosure, however, I have gotten explicit permission from Kevag Telekom GmbH to write a blog post about this report.
Fastest Fix Achievement Badge
To achieve “Fastest Fix” on Open Bug Bounty, it is compulsory to complete all the following within 24 hours:
Reporting a bug through the Open Bug Bounty platform (link)
Contacting the affected organisation (via Twitter, Email, Contact form, etc.)
Providing a Proof of Concept (POC) to demonstrate the vulnerability
Getting the organisation to fix the vulnerability and deploy it to the production environment
Conducting a regression test to verify that the vulnerability has been fixed
Triggering Open Bug Bounty platform to verify the fix and update its tracking status
After successfully completing the above steps within 24 hours, the following simple badge has been earned:
In the name of gamification, OBB provides Security Researchers with Awards and Achievements. They are simple badges that could be earned through fulfilling certain criteria.
