Reaching Out to Fellow Beginners in Bug Bounty Hunting

Let the duplicates be a validation of your budding skills.

-Lady Secspeare

Hello there!

Though this blog post is directed toward those who have just started out as bug bounty hunters, I would like to welcome everyone in the fraternity.

As a beginner myself, there are times I feel lost.

Am I treading the right path? Am I going wrong somewhere? Most of all. Why am I getting so many duplicates? Why haven’t I earned any bounty?

Well, if you have just a few months of experience in bug bounty hunting and have been asking yourself the same questions every time you hit a dead end, then we are in the same boat. And I feel you; it is difficult to stay motivated all the time.

But, I would like to share how I overcome those feelings.

Focus on making your own success story

Other bug bounty hunters’ success stories can be a great boost of motivation. But they can also make you have unrealistic goals for yourself. Not all of us have the same background or an equal amount of time and dedication. And most of all, we do not have the same experience.

If you look at someone with two years of experience in bug bounty and see them earning thousands of dollars on an everyday basis, then do not be hard on yourself and expect to earn the same in two months.

Focusing on understanding your background, your dedication and your experience will help you formulate your own goals and build your own success story. All that matters is consistency.

Do not let duplicates bring you down

Duplicates are a bummer. We all know it.

But they don’t need to be when you are a beginner. They can be more of a validation that you’re on the right track – that you found something valid, and your bug was actually accepted. It is just that you were a bit too late to report it.

And that’s okay.

Remember, if you want to stay motivated, then consider every small thing as an achievement.

Found a P1 level bug and it was a duplicate? So, what? You found it! You know how to find it and where to find it. It’s only a matter of time before you find the same issue before anybody else on another target. The bitter taste of these duplicates will make your bounties sweeter.

And like I said – “Let the duplicates be a validation of your budding skills.”

It’s okay to take a break

There are times when you go days without finding any issue. This obviously does not mean you are not good enough or bug bounty hunting isn’t meant for you. All it means is that you need to go easy on yourself.

Remember, you have just started off on a journey that has a long way to go. There are going to be days when you will put in hours of effort and sleep without any submission. But that’s okay. It’s a part of the journey.

And if you feel like you need a breather before you come back to bug bounty hunting, then that’s alright. We all deserve a break to clear our heads and start afresh.

But what’s more important is to get back to it and never look back.

Indulge in other activities to relieve the stress

The demotivation that you feel is bound to come with stress, and sometimes it can make you feel like you’re not good enough to continue. In such situations, you should really cut yourself some slack!

It’s truly better to stop the hunt and indulge in another activity to relieve yourself before you get back to it. It can be anything from walking to jogging, from painting to singing, or from just watching your favorite TV show to taking a nap.

Find yourself something to relieve the stress and indulge in it every now and then. Such short breaks will refresh your mind; and trust me, these are times when you actually get some new ideas to try.

So no matter what others say, take care of your mental health throughout the process.

Know that bounty is not the only factor to your success

I, for one, gauged my success with the amount of bounty that I have earned. And how much is that?

Answer- $0

The moment I started gauging my success… Wait. Just to be clear, I am not successful yet, but I sure have succeeded in overcoming a lot of hurdles on my own.

So yes, the moment I started believing that every little hurdle that I have overcome, every single point that I have earned on Bugcrowd and the reputation that I have built on HackerOne is an achievement in itself, that’s when I knew that I am stepping closer toward achieving my goals.

In fact, I have curated a checklist of Top 10 Goals for 2020. By the end of the year, if I “succeed” in ticking all the boxes, then I will consider 2020 as a successful year. And it will just be the beginning, because I will have 2021 to conquer next.

But of course, someday, I will earn my first bounty, and that will be just another step toward my success story that I am waiting to share with you. Meanwhile, why don’t you share your thoughts in the comments below?

Until then, keep hunting, growing and supporting each other throughout this beautiful journey of bug bounty hunting.

Adios!

Published by Lady Secspeare

Spearing the Security for Good

6 thoughts on “Reaching Out to Fellow Beginners in Bug Bounty Hunting

  1. Thanks for writing this blog post. I have read each and every line of this post, and its very practical experience that you have shared. Please keep posting such types of blog, so that we can keep ourself motivated

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create your website at WordPress.com
Get started
%d bloggers like this: