salamm
Known
- Messages
- 229
- Reaction score
- 626
- Points
- 93
A month ago, I posted about bug bounties and explained how to report bugs. Honestly, I had never heard of bug bounties or their rewards until our dear mod introduced me to it, and I received $1,000. I am still very grateful to the Windice team for this.
After getting the bug bounty, I became eager to learn more and researched how to find different bugs.
Why do bug bounties exist? What are the benefits for them? Well, they do provide advantages for sites. Some websites value security and performance improvement. Issues can arise during website design, or parts of security and functionality might be overlooked by developers. That's why bug bounties exist—to inform site creators about problems.
It's important to know that bug bounties are not exclusive to Windice. they also apply to software and applications. However, not all websites and apps have these rewards. Some sites do offer bounties for players. It's best to ask the admins or support of the site before taking action, as finding a security bug without permission could lead to serious consequences, including legal issues. But don't worry, it usually doesn't go that far.
There are different types of bug bounties that need to be understood in detail, but they can be generally divided into two main categories:
1-Security Bugs:
These are the most valuable type of bugs, and websites offer large amount of money for finding them. If there is a security issue, hackers can easily access to the system, causing significant damage.
For example, Apple paid $2 million for a bug bounty in 2023. wow I'm really shocked by that .
The image below shows the bug bounty amounts on BitcoinTalk website, which are quite significant.
2-Functional Bugs:
These bugs negatively affect user experience and the performance of a website or app. For example, the bug I found was a functional bug that caused issues with faucet.
So how can you find bugs?
Let's start with functional bugs: If you are not familiar with programming languages, you need to work on the site and test different sections to identify issues and report them. I found a bug completely random and luckily without using any programming language. However, you can check the website’s code and try to understand it, but this can be very time taking process . When I looked at the site’s code, I was shocked by how long it was.
What about security bugs? Until a few days ago, I wanted to learn more about finding security bugs for fun, hoping to discover one and get a big bug bounty. But when I saw the requirements, I closed my browser and went to sleep
. To reach this level, you literally need to be a hacker .a white hat hacker (someone who works to improve security). To become a white hat hacker, you need to be an expert in programming languages like Python, PHP, SQL, C++, Bash/shell scripting, and many others, along with cybersecurity, computer science, networking, and more.
In short, you need to spend many years learning these topics. It's no wonder they earn a lot. However, if you're lucky, you might face some strange bugs on websites and report them before anyone else.
I hope you found this information helpful. Have a great day : )
After getting the bug bounty, I became eager to learn more and researched how to find different bugs.
Why do bug bounties exist? What are the benefits for them? Well, they do provide advantages for sites. Some websites value security and performance improvement. Issues can arise during website design, or parts of security and functionality might be overlooked by developers. That's why bug bounties exist—to inform site creators about problems.
It's important to know that bug bounties are not exclusive to Windice. they also apply to software and applications. However, not all websites and apps have these rewards. Some sites do offer bounties for players. It's best to ask the admins or support of the site before taking action, as finding a security bug without permission could lead to serious consequences, including legal issues. But don't worry, it usually doesn't go that far.
There are different types of bug bounties that need to be understood in detail, but they can be generally divided into two main categories:
1-Security Bugs:
These are the most valuable type of bugs, and websites offer large amount of money for finding them. If there is a security issue, hackers can easily access to the system, causing significant damage.
For example, Apple paid $2 million for a bug bounty in 2023. wow I'm really shocked by that .
The image below shows the bug bounty amounts on BitcoinTalk website, which are quite significant.
2-Functional Bugs:
These bugs negatively affect user experience and the performance of a website or app. For example, the bug I found was a functional bug that caused issues with faucet.
So how can you find bugs?
Let's start with functional bugs: If you are not familiar with programming languages, you need to work on the site and test different sections to identify issues and report them. I found a bug completely random and luckily without using any programming language. However, you can check the website’s code and try to understand it, but this can be very time taking process . When I looked at the site’s code, I was shocked by how long it was.
What about security bugs? Until a few days ago, I wanted to learn more about finding security bugs for fun, hoping to discover one and get a big bug bounty. But when I saw the requirements, I closed my browser and went to sleep
. To reach this level, you literally need to be a hacker .a white hat hacker (someone who works to improve security). To become a white hat hacker, you need to be an expert in programming languages like Python, PHP, SQL, C++, Bash/shell scripting, and many others, along with cybersecurity, computer science, networking, and more.In short, you need to spend many years learning these topics. It's no wonder they earn a lot. However, if you're lucky, you might face some strange bugs on websites and report them before anyone else.
I hope you found this information helpful. Have a great day : )