Bug Bounty Platforms …

find bugs on there site

As I have said, as a beginner one should try the bug bounty platforms first
and stick around for a long time to learn the tricks and techniques. In
reality, not only beginners but many experienced security professionals
are attached to such platforms and regularly hack for them.
There are many advantages. First, we should keep lawfulness in our
minds. Through these platforms, you know what you may do and what
you may not do. It’s very important. Another essential aspect is you can
constantly keep in touch with the security community, getting feedback
and learning new things.

Here is an incomplete list of bug bounty platforms. Many good
platforms will definitely come out in the future.

Hackerone
www.hackerone.com/
Bugcrowd
www.bugcrowd.com/

BountyFactory

https://bountyfactory.io

Synack

www.synack.com/

Hackenproof

https://hackenproof.com/

Zerocopter

https://zerocopter.com/

Japan bug bounty program

https://bugbounty.jp/

Cobalt

https://cobalt.io/

Bug bounty programs list

www.bugcrowd.com/bug-bounty-list/

AntiHack

www.antihack.me/

However, before registering to any of these previously mentioned bug

bounty platforms, you should understand a few things first. You need to

know how to use a virtual machine and the hacker’s operating system

Kali Linux. You must learn to operate tools like Burp Suite, OWASP ZAP,

WebGoat, and a few others. You need to sharpen your skill in your virtual

lab. There are a few web applications that allow hacking them, or they

are made intentionally vulnerable so that beginners may try their newly

adopted hacking skill.

We will discuss them in the coming sections.