Necesito que me ayuden sobre lo de bug bounty

Iniciado por Lino Romero, 6 Septiembre 2019, 06:38 AM

0 Miembros y 1 Visitante están viendo este tema.

Lino Romero

Alguien me puede guiar en sobre como comenzar bien en eso para poder ganar dinero? Osea me pueden guiar en que es lo mas recomendable para comenzar y poder ganar dinero encontrando mi primer bug? Porfavor se los agradeceria bastante

kub0x

Guiar en qué sentido. Primero has de descubrir el bug para tener algo que reportar. Las empresas conocidas tienen un programa de recompensa busca en Google si la empresa que estás evaluando aplica porque la inmensa mayoría de los bugs reportados acaban con palmadita en la espalda y sin recibir nada a cambio.
Viejos siempre viejos,
Ellos tienen el poder,
Y la juventud,
¡En el ataúd! Criaturas Al poder.

Visita mi perfil en ResearchGate


@XSStringManolo

Libros:
-The Art of Software Security Assessment Identifying and Preventing Software Vulnerabilities.

-MySQL Cookbook Solutions for Database Developers and Administrators.

https://leanpub.com/ltr101-breaking-into-infosec

-HandsOn Bug Hunting for Penetration Testers.

-Security for Web Developers Using javascript, HTML, and CSS.

-Haking Workshops Web Application Hacking Advanced SQL Injection and Data Store Attacks.

-Web for Pentester By Louis Nyffenegger.

-Java Platform, Security Developer's Guide.

-Cryptography and Network Security Principles and Practices.

-Introduction to Modern Cryptography.

-Anonymity, Hacking and Cloud Computing Forensic Challenges.

-Computer Hacking, Security Testing, Penetration Testing and Basic Security.

-Google Hacking for Penetration Testers.

-Gray Hat Hacking.

-Hacking The Art of Exploitation.

-Hacking The Art of Exploitation second edition.

-Mastering Kali Linux for Advanced Penetration Testing.

-Metasploit Penetration Testing Cookbook second edition.

-The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

-Penetration Testing a hands on introduction to hacking.

Bug Bounty Hunting Essentials: Quick-paced Guide to Help White-hat Hackers Get Through Bug Bounty Programs

-The Shellcoders Handbook. second edition.

-Wireshark Network Analysis.

- https://leanpub.com/web-hacking-101

https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents




Herramientas:

http://netcat.sourceforge.net/

https://www.wireshark.org/docs/

https://fwhibbit.es/burp-suite-i-la-navaja-suiza-del-pentester

https://www.metasploit.com/

https://nmap.org/

https://github.com/subfinder/subfinder

http://blog.ironwasp.org/

https://github.com/guelfoweb/knock

https://github.com/OWASP/Amass

https://github.com/aboul3la/Sublist3r

https://github.com/michenriksen/aquatone

https://github.com/techgaun/github-dorks

https://github.com/techgaun/github-dorks/blob/master/github-dorks.txt

Links:
https://www.cvedetails.com

http://elladodelmal.blogspot.com/2009/03/serialized-sql-injection-parte-i-de-vi.html

https://www.attackflow.com/KnowledgeBase/

https://brutelogic.com.br/

https://github.com/s0md3v/MyPapers/blob/master/Bypassing-XSS-detection-mechanisms/README.md

https://www.pentestpartners.com/security-blog/lan-surfing-how-to-use-javascript-to-execute-arbitrary-code-on-routers/

https://44con.com/44con-training/code-injections-from-beginner-to-advanced-for-defenders-and-attackers/

https://www.upguard.com/articles/top-20-owasp-vulnerabilities-and-how-to-fix-them?hs_amp=true

http://www.elladodelmal.com/2010/02/robotstxt-sitemapxml.html


https://portswigger.net/web-security/xxe

https://www.netsparker.com/blog/web-security/crlf-http-header




Laboratorios, wargames y similares:
- https://xss-game.appspot.com

- https://xss-quiz.int21h.jp/

- warzone.elhacker.net

- hackthissite



Sitios para bug hunting:

https://www.bugcrowd.com/

https://www.hackerone.com/

https://www.zerocopter.com/

https://www.synack.com/

https://cobalt.io/

https://www.yeswehack.com/

https://www.intigriti.com/

https://www.vulnerability-lab.com/

Buscando la responsible disclosure policy de un sitio.



https://bugbountyguide.com/hunters/proof-of-concepts.html

Lino Romero

Cita de: string Manolo en  6 Septiembre 2019, 16:01 PM
Libros:
-The Art of Software Security Assessment Identifying and Preventing Software Vulnerabilities.

-MySQL Cookbook Solutions for Database Developers and Administrators.

https://leanpub.com/ltr101-breaking-into-infosec

-HandsOn Bug Hunting for Penetration Testers.

-Security for Web Developers Using javascript, HTML, and CSS.

-Haking Workshops Web Application Hacking Advanced SQL Injection and Data Store Attacks.

-Web for Pentester By Louis Nyffenegger.

-Java Platform, Security Developer's Guide.

-Cryptography and Network Security Principles and Practices.

-Introduction to Modern Cryptography.

-Anonymity, Hacking and Cloud Computing Forensic Challenges.

-Computer Hacking, Security Testing, Penetration Testing and Basic Security.

-Google Hacking for Penetration Testers.

-Gray Hat Hacking.

-Hacking The Art of Exploitation.

-Hacking The Art of Exploitation second edition.

-Mastering Kali Linux for Advanced Penetration Testing.

-Metasploit Penetration Testing Cookbook second edition.

-The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

-Penetration Testing a hands on introduction to hacking.

Bug Bounty Hunting Essentials: Quick-paced Guide to Help White-hat Hackers Get Through Bug Bounty Programs

-The Shellcoders Handbook. second edition.

-Wireshark Network Analysis.

- https://leanpub.com/web-hacking-101

https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents




Herramientas:

http://netcat.sourceforge.net/

https://www.wireshark.org/docs/

https://fwhibbit.es/burp-suite-i-la-navaja-suiza-del-pentester

https://www.metasploit.com/

https://nmap.org/

https://github.com/subfinder/subfinder

http://blog.ironwasp.org/

https://github.com/guelfoweb/knock

https://github.com/OWASP/Amass

https://github.com/aboul3la/Sublist3r

https://github.com/michenriksen/aquatone

https://github.com/techgaun/github-dorks

https://github.com/techgaun/github-dorks/blob/master/github-dorks.txt

Links:
https://www.cvedetails.com

http://elladodelmal.blogspot.com/2009/03/serialized-sql-injection-parte-i-de-vi.html

https://www.attackflow.com/KnowledgeBase/

https://brutelogic.com.br/

https://github.com/s0md3v/MyPapers/blob/master/Bypassing-XSS-detection-mechanisms/README.md

https://www.pentestpartners.com/security-blog/lan-surfing-how-to-use-javascript-to-execute-arbitrary-code-on-routers/

https://44con.com/44con-training/code-injections-from-beginner-to-advanced-for-defenders-and-attackers/

https://www.upguard.com/articles/top-20-owasp-vulnerabilities-and-how-to-fix-them?hs_amp=true

http://www.elladodelmal.com/2010/02/robotstxt-sitemapxml.html


https://portswigger.net/web-security/xxe

https://www.netsparker.com/blog/web-security/crlf-http-header




Laboratorios, wargames y similares:
- https://xss-game.appspot.com

- https://xss-quiz.int21h.jp/

- warzone.elhacker.net

- hackthissite



Sitios para bug hunting:

https://www.bugcrowd.com/

https://www.hackerone.com/

https://www.zerocopter.com/

https://www.synack.com/

https://cobalt.io/

https://www.yeswehack.com/

https://www.intigriti.com/

https://www.vulnerability-lab.com/

Buscando la responsible disclosure policy de un sitio.



https://bugbountyguide.com/hunters/proof-of-concepts.html

Gracias, sos un angel de Dios, voy a leerlo todo

Lino Romero

Cita de: kub0x en  6 Septiembre 2019, 10:47 AM
Guiar en qué sentido. Primero has de descubrir el bug para tener algo que reportar. Las empresas conocidas tienen un programa de recompensa busca en Google si la empresa que estás evaluando aplica porque la inmensa mayoría de los bugs reportados acaban con palmadita en la espalda y sin recibir nada a cambio.

Las empresas que salen en hackerone te pagan por eso

@XSStringManolo

Cita de: Lino Romero en  6 Septiembre 2019, 19:31 PM
Las empresas que salen en hackerone te pagan por eso
As of July 2018, HackerOne's network consisted of approximately 200,000 researchers, had resolved 72,000 vulnerabilities across over 1,000 customer programs, and had paid $31 million in bounties.

Depende del bug que reportes. Yo reporté varios y nunca me dieron nada. Por los que se paga suele ser solo por los de seguridad. Yo por ejemplo encontré muchos bugs en juegos con los cuales me ponía en el leaderboard pero como no comprometían la seguridad de los usuarios de ninguna forma...