bughunters 님의 블로그

What do you mean by “bug bounty”?“Bug bounty” is a friendly, structured deal between an organization and independent security researchers: you look for security weaknesses (bugs) in their digital systems, you report them responsibly, and—if your finding meets the rules—they may reward you with money, swag, or public recognition. It’s not the same as randomly poking at any website on the open int..

What do we mean when we say “learn from CTF writeups”?When people talk about learning from Capture The Flag (CTF) writeups, they’re talking about using public explanations of solved security challenges as structured study material: a guided tour through someone else’s reasoning, mistakes, pivots, and final approach. A good writeup is more than a spoiler; it’s a window into the solver’s mind. It ..

Introduction: The Rise of the Modern Bug HunterIn the ever-evolving digital landscape, cybersecurity has rapidly transformed from a niche discipline into one of the most crucial pillars of the internet. With the number of cyber threats escalating year after year and the sophistication of attacks becoming more advanced, the need for skilled bug hunters—also known as ethical hackers or security re..

What Do You Mean by OWASP Top 10?The OWASP Top 10 refers to a regularly-updated list of the ten most critical web application security risks, maintained by the Open Worldwide Application Security Project (OWASP). It is a globally recognized resource and an essential reference point for developers, security professionals, and ethical hackers. When someone says “OWASP Top 10,” they’re talking abou..

What Does Learning Cybersecurity from Scratch Mean?Learning cybersecurity from scratch means starting with no prior knowledge and gradually acquiring the skills, tools, and mindset needed to understand, prevent, and mitigate digital threats. It encompasses everything from basic internet safety to advanced techniques in ethical hacking, digital forensics, and security operations. For beginners, t..

What Do You Mean by a Bug Report?A bug report is a structured documentation of an issue or problem that occurs within a system, application, or website. Think of it as your way of telling developers, "Hey, something's not working right, and here's everything I noticed about it." Whether you're a tester, a developer, or even just a user, a bug report helps identify and resolve technical flaws. Th..

What Do You Mean by Common Vulnerabilities?When we talk about "common vulnerabilities," we refer to the frequent security flaws or mistakes often made by beginner developers, sysadmins, or cybersecurity newcomers. These are weak points in a system, application, or network that can be exploited by hackers or automated tools to gain unauthorized access or cause damage. Common vulnerabilities are t..

Introduction: What Is a Bug Bounty?The term "bug bounty" might sound like something out of a hacker movie or sci-fi thriller, but in reality, it's a legitimate and increasingly popular way for cybersecurity enthusiasts to earn money and build their skills. A bug bounty program is essentially an initiative run by organizations that rewards individuals for finding and reporting software vulnerabil..

What Do You Mean by Custom XSS Payloads?Cross-Site Scripting (XSS) is a type of vulnerability found in web applications where attackers inject malicious scripts into content from otherwise trusted websites. These scripts typically execute in the browsers of unsuspecting users, enabling attackers to steal cookies, session tokens, or even perform actions on behalf of users. Custom XSS payloads ref..

The world of cybersecurity is becoming more complex as companies face the growing threat of cyberattacks. Organizations are increasingly turning to ethical hackers to help identify vulnerabilities in their systems before malicious hackers can exploit them. Two major players in this space are HackerOne and Bugcrowd. Both platforms connect ethical hackers, often referred to as "bug bounty hunters,..