My Experience With BugBountyHunt3r — Hands on Bug Bounty Hunting Learning Platform
Hello, I’m Syed Mushfik Hasan Tahsin (@SMHTahsin33) , a Cyber Security Enthusiast from Bangladesh :)
“Let’s Start In the name of Allah, Most Gracious, Most Merciful”
Bugbountyhunter.com has become much popular among all Cyber Security Enthusiasts who’s taking a look into bug bounties, mostly people just getting started in bug bounties. In this blog, I’m going to share my experience and thoughts about Bugbountyhunter.com after using it like 5 months :)
So, What is BugBountyHunter.com ?
Bugbountyhunter.com is a hands on bug bounty hunting learning platform created by @zseano, where you can both learn and practice on a sand boxed environment at the same time. A fully functional web application has been designed and deployed for learners to get a real world bug hunting experience. The users have to find vulnerabilities on the web application and report them through the built in Vulnerability Report Form and being triaged by Zseano Himself. This helps them to get a stronger grip on different bug classes and develop their own methodology for pen testing real world web applications. The Web Application is regularly updated and pushed with new bugs. As of the last update made on 29/01/2021, ‘Barker’ has now 116 unique bugs to be found :)
So, How much BugBountyHunter.com Costs and What Things Does it Offer?
BugBountyHunter.com costs 250€ and offers a Lifetime Membership along with lifetime access to Zseano’s Methodology PDF. Bugbountyhunter.com has some levels from Level 1 to Level 5. And again each level has different perks as given below ;)
*BOUNTY HUNTER LEVELS & THEIR PERKS
N:B: You Will Be Getting One Hard Copy of Zseano’s Methodology and One Bug Bounty Hunter Hoodie With Your Username on the back :)
So, How was My Experience With BugBountyHunter.com ?
I have been using bugbountyhunter.com from December 2020, like about 5 months. When I saw this my expectation was it would be like as same as other learning platforms with typical different bug class based labs to learn and practice. But man here where I was wrong. It was something beyond my imagination. I Didn’t even thought of getting a fully functional web application given to be tested on :) . I was in bug bounties much before getting the membership of bugbountyhunter.com, so I was pretty much used to with the bug classes and already knew how to test them on web apps :)
But it helped me to have a stronger grip on them as i was going through the Web App (‘Barker’) and tested the bugs. I Found a lot of bugs on it which were totally replicated as of the real world. The Writeups, the Disclosed Reports I read helped me to find a lot of bugs on Barker as everything was so real. It helped me to improve own methodology of testing web applications.
So, My thoughts about the Zseano’s Methodology?
If the quote “Talk Less, Do More” had a face :) I Would refer it to the methodology. I Haven’t seen any book like this, where no extra talk has been given except the one you will mostly need and will help :)
I Found it very helpful, It has a great impact on our thinking and mindset while hunting, like on which situation what should be done, what things we should poke, what things should be automated and what shouldn’t be etc. :D
So, Any Recommendation For BugBountyHunter To Improve More?
I Find it totally fulfilled, Just Keep Pushing More Bugs to be found :)
So, Who Should get a Membership of BugBountyHunter.com?
I Think, Everyone should get access to this if they can afford. It offers much extra than the price tag it came with and don’t forget it’s lifetime ;)
It will never expire, Learn and Practice limitless :)
So This was a review for bugbountyhunter.com after 5 months usage and I am pretty satisfied with this for the things it offers. And I highly Recommend everyone to get one too if you can :)
Hope you guys liked it and cleared your confusions about bugbountyhunter.com. Stay Safe & Have a Nice Day :)