The rat is out of the bag as they say. We all know I love main application hacking because it precludes broad scope hacking but how exactly do you go about this?
First of all, I am going to refer to
This article will contain the basis for my vulnerability and bug hunting. I always start with doing this before even exploring the application. But what do I explore and click?
0. Picking a platform and target
Everyone knows about the big platforms out there but there are so many and Decision Paralysis can become a real problem! There are of course the major platforms:
I personally recommend Intigriti as they are friendly, have a great response time, and big selection of programs but make sure you do your own research! What works for one person might not for someone else.
When it comes to picking a program, I have a few general tips on what NOT to pick when starting out:
- Don’t go for high payouts. They are usually more secure.
- Don’t pick a broad scope target unless you know how to hack them. The methodology differs from main app hacking and is much more technical.
- Don’t go for newspaper websites, they usually have little functionality
- Don’t go for banks, they usually require you to become a customer there
- Don’t go for webshops, they require you to buy stuff and return it to fully test the website’s functionality
- Don’t go for mobile targets, it adds a layer of complexity you do not need in the beginning
I’d recommend getting a feature-rich web application that allows for users with multiple privilege levels and follows the VDP principle. (For example, HR applications)
All of this does not mean you should never touch these targets but in the beginning you need every advantage you can get.