Pratik Shares His Hacking Story and how to become a Bug Bounty Hunter
This article first appeared on MyHackerTech
Here at MyHackerTech, we’re always interested in hackers and their stories. White hat hacking is such a varied field that attracts hackers from all corners of the globe and all walks of life. Hacking enthusiasts take the leap to become professional hackers for different reasons, and we want to showcase these reasons through the personal journeys of real hackers.
Today we’re looking at Pratik’s story. Pratik Dabhi is from India and studying a Master’s degree in Security. He also runs PraTech Tutorials where you can find videos on Gadgets Reviews, Android tutorials, Linux tutorials,Windows tutorials, Cyber Security & Ethical Hacking.
How Did You Decide on a Career in Hacking? What Is It That Attracted You to the Field?
Ever since childhood, I loved computers. I have fond memories of fixing our home computer with my dad and over time, learning how they work. As I got older, I started exploring different content on YouTube and came across some hacking videos. I was hooked!
It was then that I made up my mind – I wanted to be a hacker. Initially, I thought that hackers were all criminals who operated in the shadows of society doing something impressive, but none-the-less unsavory. As time went on and I learned more, I realized that hackers are just people with extraordinary skills. These skills can be extremely useful in combating crime and increasing cybersecurity.
What Are Your Plans for After You Finish Your Master’s?
First and foremost, I am a student. I am passionate about learning so I don’t ever plan to stop. I always try to learn as much as possible so I plan to start working in cybersecurity so I can gain hands-on experience.
What Advice Would You Give to Young People Who Are Considering Learning Hacking but Have a Lack of Programming Experience?
Can You Tell Us One Thing That Made You Decide to Start Learning and Experimenting?
I was driven by my desire to understand what makes things work, all the way down to the most basic building blocks. I like to understand everything as deeply and thoroughly as possible, and it’s this drive that motivated me to learn hacking. As I learned more, I became fascinated by the loopholes that exist in systems and software and how to break these systems.
Pratik shares with us a guide on how to get into bug bounty
Q: What is bug bounty?
A: A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities. All depends on interest and hard-work, not on degree, age, branch, college, etc.
What to study?
- 1. Internet, HTTP, TCP/IP
- 2. Networking
- 3. Command line
- 4. Linux
- 5. Web technologies, java script, php, java
- 6. At least 1 prog language (Python/C/JAVA/Ruby..)
Choose your path (imp)
- 1. Web pen testing
- 2. Mobile pen testing
- 3. Desktop apps
- 1. Web app hackers handbook
- 2. Web hacking 101
- 3. Mastering modern web pen testing
- 4. OWASP Testing guide
- Mobile application hacker’s handbook
- Live Overflow – https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
- Hackersploit –https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q/videos
- Bugcrowd – https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww
- Open SecurityTraining – https://www.youtube.com/user/OpenSecurityTraining
- Hackerone –https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw
- freeCodeCamp.org – https://www.youtube.com/channel/UC8butISFwT-Wl7EV0hUK0BQ
- ProgrammingKnowledge – https://www.youtube.com/user/ProgrammingKnowledge/videos
Writeups, Articles, blogs
- Medium (infosec writeups)
- Hackerone public reports
- Google Dorks
- Owasp BWA
- Hack the box
Select a platform
- Bugcrowd – https://www.bugcrowd.com/
- Hackerone – https://www.hackerone.com/
- Synack –https://www.synack.com/
- Japan Bug bounty Program –https://bugbounty.jp/
- Cobalt –https://cobalt.io/
- Zerocopter –https://zerocopter.com/
- Hackenproof – https://hackenproof.com/
- BountyFactory –https://bountyfactory.io
- Bug Bounty Programs List –https://www.bugcrowd.com/bug-bounty-list/
- AntiHack – https://www.antihack.me/
Choose wisely (first not for bounty)
Select a bug for hunt
Not straightforward always
- Vulnerability Name
- Vulnerability Description
- Vulnerable url
- Steps of Reproduce
Words of wisdom
- PATIENCE IS THE KEY, takes years to master, don’t fall for overnight success
- Do not expect someone will spoon feed you everything.
- Not always for bounty
How to start in Bug Bounty
Bug Bounty Tutorials Playlist
Talking With Cyber Security With Special Guest
PraTech Tutorials Youtube Channel