How did you get started with bug hunting?
I ventured into bug hunting towards the end of 2019 after deciding to test vulnerabilities found during penetration tests on a bug bounty platform.
What are the most memorable vulnerabilities you've discovered?
The ones that truly tested my perseverance and skills stand out the most.
How much time do you dedicate to bug hunting each month?
In 2023, I found myself bug hunting in bursts—typically 3–4 weeks each quarter, aligning with various platform events or when my schedule lightened up.
What tools do you usually use for bug hunting?
BurpSuite is my go-to tool, I use it 99% of the time.
Any advice for those new to bug hunting?
I've noticed many newcomers dive into cybersecurity lacking a solid foundation. Mastering the basics first—like programming, operating systems, networks, and protocols—is crucial.
Choose your path and start blending practice with theory early.
Portswigger is an excellent resource for this approach, allowing you to tackle practical tasks immediately after learning the theory.
Initially, focus on your passion rather than profit. If you truly enjoy the process, everything will fall into place.
