The Reality Check Beginner Bug Bounty Hunters Don’t Know They Need
Are you thinking about starting a career in Bug Bounty ?
Then this ruthless post will change your view on Bug Bounty permanently because of the things I am going to mention.
Question :
Why are you starting sudden career in Bug Bounty?
If you are here from X(formerly twitter) after liking the tweets like :
‘How I made $______ from A simple _____ Bug?’
Then definitely you are doing this after getting influenced by the money in it.
1. Temptation
The temptation is generated by some misleading hunters . They are generating Hype about Bug Bounty for some views and impressions using the screenshot from BugCrowd or HackerOne . I am not saying that everyone posted their Bounties are fraud but
Is it truth or lie ?
I wonder about it sometimes.
Make sure you are not getting influenced by these external factors.
Ask Yourself
2. Competition :
The most important part of the Bug Bounty is Competition because of its fierceness. The Competition is getting ruthless day by day and The Competition is not about skills of yours but it just revolves around ‘Duplicates’ and ‘N/As’ . It is the hard truth about it and you will need to gulp it without thinking. Bug Bounty is Competition less until the founding of Platforms like HackerOne , Bugcrowd , etc.
The First Bug Bounty program ran by NetScape for its browser Navigator 2.0 Beta.
You have various sources available to know how much competitive is bug bounty and I will leave this to you and your sources.
3. Time Consuming :
Bug Bounty is more time-consuming than you think.
Why?
Because the time required for the following things :
- Reconnaissance: Gathering information about the target, such as subdomains, endpoints, and potential vulnerabilities, can take a significant amount of time and effort.
- Complexity of Applications: Modern applications are often large and complex, requiring deep exploration and understanding before vulnerabilities can be identified.
- False Positives: Identifying valid issues often involves dealing with a lot of false positives, which can waste time as you verify whether an issue is exploitable.
4. Inconsistent Income :
Income earned through bounties are not consistent and It is risky to depend on them and because of that you need to increase your skillset to find more complex issues or consider to chain the vulnerability that is found.
5. Burnout :
It is a problem faced by all bug hunters because of the highly competitive nature of bug bounty. It completely changes the cycle of your daily life which leads to the imbalance of your personal and work life.
So, these are the things that come with a bug bounty career. You should consider the path you are walking if your health is already an issue. Bug Bounty requires long hours of hunting, which is not the case for health-conscious people. If you are already on the brink of burnout cause of constant hunting, then you should do some workouts.
Touch Some Grass Hunters
My Greatest and Last Advice is to maintain and schedule the things in your life and set a limit on your hunting because Bounty Hunting is more addictive than snow.
I am going to end things here.
If you have some ways to counter Burn outs then you should leave a comment for our fellow hunters.
Follow me on Medium for various tips and tricks related to bug bounty and I am always open to hear your opinions What should I post next.
Let’s End Here…..
Subscribe To My Newsletter :
https://spectatorguy.beehiiv.com/subscribe
Follow me on X :
https://x.com/spectat0rguy?t=bp6JxuQNWR
