Why I Quit Bug Bounty: The Unspoken Truth About Hunting Software Vulnerabilities

Table Of Contents :

A boy who knows nothing !

From my birth to class 11 of my school I was a normal guy who doesn’t know about more in the field of tech and I had taken commerce after my 10 th exams, so I wan also not in the field of tech I live in India so as you all know our Indian education system is very bad I don’t had a basic knowledge of what is a programming language, I even don’t know what is programming language because our schools only taught us useless subjects. So, I think Indian education system is nothing but a joke.

How I started in the field of ethical hacking

I was in my mid 11 th and one day my sister give me a course on ethical hacking on udemy, In that tutorial the first thing that the instructor taught was how to install kali linux and I was so bad in tech that It takes me 3 to 4 days to just install kali linux, now I can install it in less than a minute. When the interface of kali linux opened the was just shocked after seeing the interface and I could not understand what it was when I started to explore it I found that Internet is not working in kali linux, then i started searching online how to fix internet issues and then again it take me 1 day to fix that. I was very curious about hacking and this seems so cool. I started exploring different tools in kali linux and I can’t understand a single thing in it. After that I started doing the course and then It took me about 2 months to complete this course because I was not able to understand much more. Then atlast I completed the course and then I moved to more advance courses like on bug bounty hunting, So I get vikash chaudhary course of bug hunting the name of the course was An offensive approach to hunt bugs. I had completed that course in less than 15 days and my basics of bug hunting was cleared.

The depression phase

Although I have completed the course but still I had not enough knowdlege on bug hunting. After that I had created a account on  then I started my bug bounty journey. In the starting I picked some programes but I could not found any severe bug on the websites I had funded many kinds of bugs like XXS, SPF, CSRF and etc but they always Reject my report but at that time I don't quit it. I was finding bugs day and night. I spend very much time on finding bugs but I couldn't find bug i was not doing it for bounty (Reward), I was doing it for self-satisfaction, after 1 month of continious hunting I stopped hunting and I do a research on what to do if we don't get any bug. I get to know that Recon is also very essential part of bug hunting from a youtube channel and I started researching about recon for bug bounty and I had done also a specific course on recon after doing the course I thought I should start bug hunting once more Then I chose a program from bugcrowd and I had done a big recon on that site through many tools and make a note of recon, and then I started hunting bugs on it I had found some minor bugs  and they got rejected I had a big patience so now I started hunting on programes that were not listed on bugcrowd or hackerone. I choose a site and  I had found a  verification bypass in that site but they silently fixed the bug and does not respond to my report I had also send then emails but they don't respond. I can't do anything now,

After that I got sick for a week due to excessive work load and when I got recovered I started bug bounty again but at that time after one day I just quit it and I think that I wag bountys not enough prepeared for bug bounty and I promise that I will found atleast 1 valid bug then I will fully quit bug bounty.

After 4 months at a random evening a just started to find bugs just for fun I selected a site now I had founded a XSS vulneability but that XSS payload can't be executed by a noramal user but It was only working on burpsuite because browser encodeds the payload , So they rejected my report and after that I started my own blogging website and a write blogs every 2 to 3 days and for now I am not doing bug bounty but I am learning about hacking in depth, So, I will definetily found a bug in future it is my dream to found a bug  now i am just learnng about bugs and I will start it again in future.


So, don't be be depressed if you also don't found any bugs one day you will also found a bug or you can get a job using your knowledge and skill. You can also see more career options in cybersecurity

Spread the love

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top