Open in app

Sign up

Sign in

Write

Sign up

Sign in

Home

Following

Library

Stories

Stats

Mastodon
InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Follow publication

What is Bug Bounty

Abhinav Pathak
InfoSec Write-ups
Published in
5 min readSep 27, 2024

Bug Tracking (Part of Bug Bounty)

What is a bug?

  • Security bug or vulnerability is “a weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, OR availability.

What is Bug Bounty?

  • A bug bounty or bug bounty program is IT jargon for a reward or bounty program given for finding and reporting a bug in a particular software product. Many IT companies offer bug bounties to drive product improvement and get more interaction from end users or clients. Companies that operate bug bounty programs may get hundreds of bug reports, including security bugs and security vulnerabilities, and many who report those bugs stand to receive awards.

What is the Reward?

  • There are all types of rewards based on the severity of the issue and the cost to fix. They may range from real money (most prevalent) to premium subscriptions (Prime/Netflix), discount coupons (for e commerce of shopping sites), gift vouchers, swags (apparels, badges, customized stationery, etc.). Money may range from 50$ to 50,000$ and even more.

Introduction to Bug Bounty Hunting

Bug Bounty Hunting is an inspiring field that has gained tremendous momentum in recent times. Simply put, a Bug Bounty involves rewarding ethical hackers for identifying and disclosing potential security vulnerabilities in a participant’s web, mobile, or system applications. Since you’re already here, I assume you have a basic understanding of bug bounty hunting. So, let’s dive into the essential elements as It’s important to understand what bug bounty hunting and ethical hacking really involve.

Bug Bounty Hunting a Challenge

For me, Bug bounty hunting surpasses traditional penetration testing in its intensity and demand, Bug Bounty Hunting is like penetration testing on steroids. It is a lot harder because of the following factors:

  1. Significant Vulnerabilities: Bug bounty programs typically focus on bugs that exhibit genuine business Impact, setting a higher bar for the kind of vulnerabilities that are accepted.
  2. Competition Among Bug Hunters: You will be competing against hundreds…

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app
Or, continue in mobile web

Already have an account? Sign in

InfoSec Write-ups
InfoSec Write-ups
Follow

Published in InfoSec Write-ups

57K Followers
Last published 13 hours ago

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Follow
Abhinav Pathak
Abhinav Pathak
Follow

Written by Abhinav Pathak

517 Followers
15 Following

Computer Engineer | Cybersecurity Researcher | Infosec is just a part of Life

Follow

No responses yet

Write a response

What are your thoughts?

More from Abhinav Pathak and InfoSec Write-ups

See all from Abhinav Pathak
See all from InfoSec Write-ups

Recommended from Medium

See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech