What is Bug Bounty?

Bug bounties, also known as responsible disclosure programs, are setup by companies to encourage people to report potential issues discovered on their sites. Some companies chose to reward a researcher with money, swag, or an entry in their hall-of-fame. If you’re interested in web application security then they’re a great way of honing your skills, with the potential of earning some money and/or credibility at the same time.

History of Bug Bounty

1. At October 1995 by Netscape.
2. At August 2002 by iDefense [VCP].
3. At August 2004 by Mozilla.
4. 2007 CanSecWest……ZDI…$10k.
5. March 24, 2010…pwn2own.big money.
6. Days before 2008 was Tough for Security Researchers.
7. 2009, the year of revolution.

Why Bug Bounties?

1. Values of your Resume.
2. Increase Possibility of getting a job in the industry.
3. Opportunity to make money on spare time. 3. Increase Possibility of getting a job in the industry.
4. Glory and Fame.
5. Knowledge.
6. The proven one.

Bug Bounty Platform

1. BugCrowd : https://bugcrowd.com/
2. HackerOne : https://hackerone.com/

  • Live Demonstration
  • Internship/Career Opportunities from Ignite and its associates.
  • Hands on Practice Sessions
  • 24*7 Email Supports through Email.
  • Introduction to Web-Application penetration Testing Introduction to Web-Application penetration Testing               
  • Introduction to OWASP               
  • Brute Force Attack and Dictionary Attack               
  • CAPTCHA Bypass               
  • SQL Injection               
  • Testing for SQL Injection               
  • 8.XSS (Cross-Site Scripting)               
  • Exploiting XSS Vulnerability               
  • Privilege-Escalation Vulnerability               
  • CSRF (Cross Site Request Forgery)               
  • CSRF Token Bypass               
  • Broken Authentication and Session Management               
  • Insecure Direct Object Reference (IDOR)               
  • Security Misconfiguration               
  • Sensitive Data Exposure               
  • Un-validated Redirects and Forwards               
  • Rate Limiting               
  • Click jacking Vulnerability               
  • Business Logic Bugs               
  • Some Ways to Find Logical Vulnerability               
  • Writing Exploitation Codes in PHP               
  • Burp Tools and Mozilla Extension               
  • Mobile App security Testing               
  • Bug Bounty