This repo highlights my jounrey in bug bounty from beginner to expert with all the resources and material I use. I will be reguarly updating this as I continue to progress. Have fun hacking :)

I also create content in Twitter on a regular basis and store select informational tweets here.

Before starting Web Application Hacking/Bug Bounty Hunting, it's super important to understand how Internet functions. To learn more, visit https://security.thebotsite.me/bug-bounty-hunting/basics

Next, you need to have an indepth understanding of what are the different well-known vulnerabilities in the wild and why they work. To learn this, I would recommend you checking out the following resources:

1. OWASP Top 10: https://owasp.org/www-project-top-ten/ - OWASP Top 10 vulnerabilities change each year with the trend. It will be super helpful to go through these at your own pace.
2. Portswigger Academy: https://portswigger.net/web-security/learning-path - This is my one stop resource for learning and practising.

Everybody learns at their own pace. Do not force yourself to grasp everything at the first attemp. It takes time and that's completely okay <3

Up next, you have to enroll in a bug bounty platform and choose a right program. A bug bounty platform contains many bug bounty programs and they all vary from one another in terms of money, triaging time and other factors. You can also hunt on bug bounty programs outside platforms, but more on that later.

There are many platforms to hack on and it's important to choose the right platform and the right program. The links below will help you understand what platforms will help you pick the right ones.

1. Choose your favourite plaform: https://bughacking.com/best-bug-bounty-platforms/
2. Choose the right program: https://twitter.com/thebinarybot/status/1559171143390695424