I’ll try to be as direct as possible. It’s been almost 8 months since I started and I have already surpassed the 15,000$ in bounties mark with no prior experience in bug bounties*. A lot of you kind people were reaching me out on various different platforms to congratulate me (I’m very grateful for that!) and with that I have also been receiving a variation of this question a lot from you people:
and 100+ more similar DMs, and since it’s impossible to answer each one of you with the same question - I decided to answer it publicly.
Umm, I also wanted to say that I really appreciate all of your DMs and I’ll always be happy to help. I’m gonna answer all of your FAQs one by one publicly as soon as I can. Also, please don’t DM me with “Hi”, “Hello”, “Hey”, “How are you?” - be direct, ask what you want to ask, if you reach me out with “Hi”, “hello”, “hey” - you probably ain’t gonna receive a response.
So, let me answer everything Roadmap related step by step:
That’s a bit of a difficult question to answer to be very honest. I would say that I had almost 0 experience when I got started in August 2023 (oops! everyone has 0 experience when they get started 🤦🏻 - what am i saying) but I would say that I had a pretty solid technical background. Not an expert level - just enough to understand the basics. I was reporting very basic bugs like hyperlink injection in email, no rate limit, session not expiring, etc when I first started.
I passed out of college in May/June 2023 and I have a CS Degree, if that helps.