Sign in Subscribe

About

How to get started in bug bounty? You don't know how web security works? Come here and I will teach you everything you need to be successful in this field.

Hi! Welcome to my blog!

I'm here to share my journey in Bug Bounty Hunting and Web Security with you. But for that, I need to introduce myself :

Me

My name is Cassim, and I am known as Aituglo on the Internet. I love to share what I learn. I think that this is the best way to learn something, by teaching it.

I started doing IT Security when I was 14, discovering websites like rootme of hackthebox, At that time, I was a noob and preferred doing web dev and building websites.

Then, I learned that it was possible to get money by searching for vulnerabilities in websites I use every day like Facebook, or anything else. That was the first time I learned about Bug Bounty.

I was totally amazed by this and the community. I immediately created an account on HackerOne, wanting to find the big bug on Facebook and get a lot of money easily.

I tried, but it wasn't like expected. That was hard, very hard. And the many bounties we can see on Twitter are not the harsh reality of all hunters.

So I was disappointed, and I started to stop doing it and I went back to development.

But a few years later, at the beginning of 2020, I started again interested in it, and I started watching videos about it, of creators like Nahamsec, InsiderPHD, and Stok, and I was motivated to do it again.

I looked at a lot of CTF, and games to improve my skills like PortSwigger Web Application, which was amazing and I loved what I learned.

And then, I looked at vulnerabilities in Bug Bounty programs, and I found nothing... For months and months, I tried and nothing came to me...

I finally get an internship in a security company called BZHunt, in which I learned a lot of things, from AD pwning to web hacking.

And that was the first time I was confident about my fragile skills. And I got the mindset of a real Hacker and how to approach a target.

I started again trying to find bugs on Bug Bounty platforms, and I found my first real bug!

That was a misconfiguration on a public program, a low one, and I got 100 euros, amazing no?

After that, I got invites to private programs and I started again doing it, for fun. I was a beginner, but I was able to find bugs.

And what now? I'm now able to find bugs, 4 months after I really started doing it since my internship, and I can get up to 1000 euros per month doing it part-time.

I want to share with you that it's possible and how to approach it and get the mindset to find bugs and get money for it.

This Blog

It's now time for me to introduce you to this blog.

As I said before, I love to share and explain things and how they work.

That's why I wanted to build a platform and a methodology to improve my skills and yours and teach you how you can get started doing web security and be good at it.

I will give you all the advice I found myself and I will try to sum up everything and make it very easy to read and learn.

Join the newsletter

And if you want to master web security, you can join the club.

You will get every Wednesday a full brief about the news of the week in terms of security and you will not miss anything.

If you want to learn more about me and the content of this blog check the first blog post here :

Thoughts of a nomad hacker
Welcome to my digital place, where I’ll share with you my journey through my research, my thoughts, and my adventure.
AitugloAituglo

See you on the other side!