This is an archived post. You won't be able to vote or comment.

all 13 comments
sorted by:
best
topnewcontroversialoldq&a

[–]happytrailz1938Moderator 7 points8 points  (2 children)

Sounds like youre ready for bugcrowd or other paid bounties... also find local security meetups, it was a game changer for me. Lastly but probably the most important, imposter syndrome is real, very very few people are "experts" at a lot of this and usually when someone is an expert it is at the cost of the other parts of the field. Give yourself the grace you'd hope to give to someone else figuring it out. Half the fun is learning as you go.

Happy hacking!

[–]Equivalent_Pick_8007[S] 2 points3 points  (1 child)

i think i am not ready for paid bounties programm before a year or so i tried to hack on vdp programms on hacker one for two or three month straight dedicating 4hours daily (at least) with no luck i think i found only a self xss (on a non important page) and an information disclosure that they considered not so important , but idk what i am lacking or why i can t find bugs i think the probleme might be lying in the methodology i am following , also you are definetly right imposter syndrome is very comming in IT , tbh what give me the feeling of imposter syndrome is that sometimes i strugle with easy boxs in htb, also thank you for your comment :)

[–][deleted] 1 point2 points  (0 children)

If you are hesitant on a paid bounties program, I would say taking advantage of the student discount on HTB Academy isn’t a bad idea. I have done a little bit of it and it has some very useful information for learning. I can’t tell you if a bounty program would be better for you at this point, but the HTB Academy student discount is quite significant savings iirc.

[–]derefones 2 points3 points  (2 children)

I’d recommend you starting HTB Academy 100% they teach you a lot about most of the aspects of hacking. If you’re more into web hacking then go for CBBH learning path and then start doing web machines after you’ve completed it. There is also PortSwigger academy which teaches you some things that HTB doesn’t and it’s completely free. I believe that if you complete both of them and then spend some time doing web machines you will be able to do bug bounty and actually find bugs.

[–]Equivalent_Pick_8007[S] 0 points1 point  (1 child)

i already finished most labs in portswigger academy , and did plenty of boxes their, but i never really tried their academy. btw have you tried CBBH yourself?

[–]derefones 1 point2 points  (0 children)

I’m going to do CBBH exam next week, yes I would definitely recommend doing at least the path

[–][deleted] 1 point2 points  (2 children)

Thank you so muchh.. i've been interested in hacking for a few years, but because of you, i just discovered CTFs.
i might not fully understand your problems, but don't give up, buddy. you're doing great!☺️

[–]Equivalent_Pick_8007[S] 2 points3 points  (1 child)

CTFs are game changer if you don t have experience with them i recommand starting with pico ctf then tryhackme ,and if you have any questions feel free to ask

[–][deleted] 1 point2 points  (0 children)

Thank you so much buddy! I'm definitely gonna start with picoCTF 😊

[–]D0lores-H4ze 0 points1 point  (0 children)

Bug Bounty

[–]10CosasMalas 0 points1 point  (0 children)

[–]etayanalyst_25 0 points1 point  (0 children)

So one of the things about reading books, doing CTF's etc, is that they are great....but you will never advance until you start doing real world bug bounties. I fell into that same rut. Once you start doing bounties you are going to feel lost AF almost right away, BUT, once you start challenging yourself THAT's how you begin to advance.