from coindesk

How to earn cryptocurrencies via bugbounties - Part 4


Hello!

My previous post explained how you can use google to find bugbounty programs. Now I will explain how to find assets of these programs. Findind assests may sound confusing, don't worry. I will be explaining how to perform all these methodologies using only a browser. That's it "WITHOUT any additional TOOLS". And if you need to learn a little deeper of have any doubts regarding extra tools, feel free to comment below.

Subdomains

A subdomain is an extra part of the main domain, so which you don't want to set up a new root domain which also confuses the visitors.

e.g google.com is the root domain and images.google.com is one of it's subdomains.

Why subdomains?

Bugbounty is competitive, so you may end up finding no bugs if you are testing root domains.

How to find subdomains?

You can use opensource tools like amass, sublister, subfinder...

OR

Use https://jldc.me/anubis/subdomains/google.com or https://crt.sh/?q=%25.google.com&output=json

Replace google.com with your target.

Stay tuned for how to find vulnerabilities in these target subdomains in the next article. 

BYE...

How do you rate this article?

4


PurpleSecOps
PurpleSecOps

I am a hacker


How to earn crytocurrency through Bugbounty?
How to earn crytocurrency through Bugbounty?

Before moving into the blog let's talk about bugbounties. Securing a social media platform with a billion-plus users takes more than an InfoSec team. It takes an army of whitehat hackers who uncover cybersecurity vulnerabilities, document them, and then share that information with the company in exchange for a reward. This program is called as bug bounty programs. Some of the sites which offers crypto as rewards are: 1. Binance 2. Crypto.com 3. BTCmarkets 4. Kraken 5. Parity.io 6. Coinjar 7. Nicehash

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.