New to hacking or want to sharpen your skills? We’ve created this leveling-up guide to help you grow as a hacker and be on your way to earning your first bounties.
Go to Hacker101.
Get started on the Newcomers Playlist if you’re new to hacking or want a refresher on web hacking basics.
Learn about and set up Burp Suite through the Burp Suite playlist.
Watch the Hacker101 videos to be educated on various topics related to hacking so that you can have a broad range of knowledge and understanding of the different areas of hacking.
Once you have earned 26 points in the CTF, you’ll be marked as eligible to receive invitations to private programs.
Join the Hacker101 HackerOne Discord group to ask questions, connect, and learn from other hackers.
Finish the Hacker101 CTF. Even if you’ve already received an invitation to a private bug bounty program, we recommend going through all of the CTF curriculum to ensure you learn all of the concepts, so that you can better succeed at hacking.
Look for public programs in the Directory that you’re interested to hack on. For starters, we suggest IBM, GM, DoD and Verizon Media.
Start hacking and apply all that you’ve learned from Hacker101.
Once you’ve submitted your first report, the security analyst will review, assess, and validate it. They will typically respond with questions and comments. As security teams handle many reports, it may take a little while to respond to your report. We recommend giving teams at least a week before asking for updates. While you’re waiting to hear back, we encourage you to keep on hacking and to check out other programs.