
Ask HN: How to get into offensive security? - break_the_bank
I understand web application security, that means I know what the OWASP top 10 are and I know how they work. Given a 0-day I could write a script for it. I understand what people are talking about when I listen to a defcon talk or security podcast. I know what a buffer over flow is. I also understand the basics of cryptography and can write&#x2F;read assembly if I absolutely have to. I know how to read&#x2F;write iptable rules. I have taken part in CTFs.<p>1. How does one start doing bug bounties?<p>2. How does one start finding 0-days?<p>Are there any online courses that are good at teaching the above?<p>I don&#x27;t want to find 0-days because of malicious reasons. I want to learn how to find them as articles about them seem clever. I like the exploratory nature of it.
======
smoyer
If you're like me, finding vulnerabilities is like solving a puzzle. There's a
certain satisfaction but you learn something at the same time. There was a
great session at the All-Day-DevOps conference yesterday called "The 5Ws of
CTF" that espouses learning computer/software exploits through playing
"Capture-the-Flag" ([https://www.alldaydevops.com/addo-speakers/ell-
marquez](https://www.alldaydevops.com/addo-speakers/ell-marquez)). I thought
the session was recorded on YouTube but couldn't find it. I did find an
earlier version of the same talk at
[https://www.youtube.com/watch?v=WGiCO2u8JCg](https://www.youtube.com/watch?v=WGiCO2u8JCg).

------
v3nom
Try sites like HackerOne where you will get a framework for ethically looking
for vulnerabilities in public software. Since you seem to know the lingo and
top issues on the web, try to find your first XSS on a website. The first one
will take some time, but once you find one you will feel the rush of
accomplishment. The second one will be easier to find and you will start
noticing patterns in what to look for for.

