Hello everyone,
This is Kabilan. I’am sure everyone will be aware of the first bounty which is the most invisible of all(the strike of duplicates and not applicable).
On the go of this blog, you would understand my struggle, my happiness and how i rewarded with my first Bug Bounty.
My successful college days started on August 2018. As classes became interesting day by day, the term “Hacking” caught my attention deeply. Diving deep into the wide range of information about hacking, my interest towards it became stronger. The very first tactics i planned to break through was knowing how to hack a WiFi password. As days passed, i was given a govt laptop from my uncle which indeed was single booted to Kali Linux by me. I felt comfortable and confident in some way or the other to start the journey of hacking with all the tools i had. The internet was my greatest support system in the resources i needed and to develop my skills. I watched a lot of course videos which made me familiar in the path that i wanted to progress in. Parallel to the research, i came across the term “Bug Bounty”. That was when i had discovered about Bug Bounty.
How I Started With Bug Bounty
Every piece of information gathered by me felt important and Bug Bounty was one major piece of information. In a busy world of people, work is a factor that is being dependent for money. All i cared was to enrich my skills and discover the not found. Bug Bounty was dependent on the sector of skills. That’s when i started hunting for bugs. As a result I installed burp suite and the course which helped me was “Offensive Approach to Bug Hunting” by Vikas Chaudhary. It was a great course. I moved on to expand my knowledge on web application’s hacker handbook. On the other hand, reading different blogs and experiences was an inspiration to boost up my journey.
The Frustrated Not applicable
My mind and brain was flooded with theoretical information and much content. It was time to put my gathered knowledge into test. I decided to start executing my skills practically. It was when i created a first Hackerone account under my own name. My first report which was derived was about .DS Store file found in Aternity. It resulted in a response which wasn’t applicable. Frustration was being built within me which made me furious in hunting for a bug. It lead to few draw backs too.
Round Two
The first act wasn’t exactly successful but i didn’t give up on another try. I quit the first account and created another under a different name (Game0v3r). Going through the same process was in fact frustrating but nevertheless did i try to give up on what i started. From reading blogs, to articles and books i came into account with my errors. I understood my mistakes and rectified it.
Time To Advance… It was the time to face the duplicates.
It was time to face some duplicates along with not applicables.
Greatest frustration of all was knowing that gsuite or google subdomain takeover and cloudfront takeover was marked as not applicable.
I kept thriving towards my goal. My mind kept saying to not give up.
I was so happy when i was mentioned in the hall of fame. It encouraged me a lot which kept me going without worrying about the end result.
Hard Work Pays Off.
On July 25th 2019 i found an open redirect vulnerability in files.com and reported it. A comment was placed under my report stating, “NEEDS MORE INFO”. I explained about the impact.
Then the files.com team took my report into account . My happiness couldn’t have been explained any how by than. After 3 days i was awarded a bounty of $100. I was stumbled with joy. The months of hard work payed me with much joy. It took me 8 months for my first bounty. Nothing at that moment could have replaced my happiness.
Soon it was resolved and i was in the hall of fame of files.com. By concluding my pack of hard work, i would like to say that no matter what obstacles or battles that come forward, giving up isn’t a factor to even consider.and a heartful thanks to sandhya for helping me with this article.
#TogetherWeHitHarder #Happyhunting
Linkdn : https://www.linkedin.com/in/kabilan-s-4b8a90173
Instagram : https://www.instagram.com/itz_kabi/
Thank You
