Bug Bounty Hunting Full Time

Thank you for putting your thoughts into this. Those are valuable tips, though it's worth mentioning time management, scheduling, noting, constant learning, burnout prevention, etc, which are important for long-time success. Bug bounty has been my main source of income for 4 years already, where 3 years were part-time, 1 year was full-time bug hunting while nomading, and I can confirm that having an established fund before getting started in such a venture is crucial, and not doing so might be reckless. The problem isn't only not finding a bug but also an inability to get a payout because the program pays in a Resolved state - e.g., I was waiting for 4 months to get a bounty from Salesforce.

Really solid content as usual. You're a massive inspiration mate and we appreciate everything you do for the community man

Hello Naham, can we ask you to create a video where you share your screen with us and showing us step by step how you subscribe into a bug bounty program and also what we need to take into account when we start, matters of regulation etc. How to contain your findings, so other hackers won't exploit these findings. The reason why I am asking is first to understand how relevant doing bug bounty still is in 2023 and how hard it has become. Hopefully you can find the time to do this, thanks again for the video.grts

I'm 61, retired, and like all baby boomers I need extra income but the economy is bad a lot of business won't hire someone of my age, etc, etc. So I'm left up to my own resource to provide some income for myself and I have chosen to take on this task simply because I love challenges and this seems like a good one to undertake. I'm going to document my whole journey on UA-cam hopefully for other old people to see and learn from because there is a huge shortage of trained people in the security industry. You're my first video I'm watching after searching on "bug bountry" yea I know very broad but you were #1

1:44 - The idea of doing BB full time has crossed my mind a few times but have to see if it makes financial sense so that I can support my family.
11:01 After watching to the end, I need to have a plan if I make this move.
But I can plan this well and get a good pay from a few bugs I’ll give it a shot.

Bug bounty hunting full course zero to hero

This is my first video of NahamSec. I love how he just talks to us like actual "people".

i love the honesty about spending habits right off the bat. Luckily my job is slow enough that i have had tons of time to train, so i think i will have a good base to start off with. That way i don't have to build up a runway and can start supplementing some income.

New subscriber here. Really glad you touched on the money management piece. Working towards getting my first bounty! Lets go!

"Hey @NahamSec , I just wanted to say a big thank you for all the knowledge and insights you've been sharing with the bug bounty community. Your expertise has been incredibly valuable in helping many of us grow in this field.
I've been following your journey and absorbing as much information as I can, but I must admit I'm feeling a bit frustrated about getting started myself. The world of bug hunting seems both exciting and intimidating. Do you have any tips or guidance for newcomers like me who are eager to take that first step? Your advice would mean a lot.

I needed this, thanks!

so to sum up your vid and blog post, it s possible but you need an initial runaway cash bundle to feel safe and a bunch of friends to push you further away from your soft limit.
i definitely recommend to every one here to go read your blog post if interested in the subject, it gives more insight on the how and what, like your initial thought on 50% hunting only or the fact that attending conferences / hackathon made you understand how to handle a big hunting program correctly.
thanks for sharing m8

Thank you so much for your time and your help.

hey man, i love your content my only problem was your mic doesn't seem good, the sound is inconsistent or maybe just the way you speak? I always tend to raise the volume a little bit when watching your videos.

It depends where you live. I live in the countryside where regional minimum wage is around US$155 per month.
Until October this year I got US$5.550 from bug bounty. My job is merchant on the market. I prefer BB as a part time job although being a full time BB hunter is worth financially.
What I'm afraid of BB if I go full time is I will face a lot of burn out. So I do BB in my free time & do it for fun.

Thank you for this video man really appreciate it 🥰

I'm wanting to figure out how to make this a full time possibility. I feel like even just $500/wk doing this part time outside of my full time job would be proof enough it might work.

It's a important topic for everyone. if you will get some more information about it, so please share with us

I'm your biggest fan ..from Nigeria 🇳🇬 thanks alot..despite my country I try to be like you

Thank for the heads up. Much appreciated

hey naham, its a great video

Started recently, hopefully to work them out based on your pointers, making money out of it while also having fun hacking!

does mean in future still worth to focus on bug bounty , i think now there are alot of bug hunters , most of reporting happened duplicates , because alot of hunters report it at every time , with this condition does it mean still worth it?

I am trying to as a Full time bugbounty huntar, hope all is well.

A lot of automation lioe Snyk to remove vulnerabilities, but still many bug bounties exist, and pentesting is hugely in demand, paying a ton, too! Very confusing though.
Tbanks bro! Fellow Middle Eastern descent. I'm part Jewish, maybe part Arab, mostly White, and some other background, too. 🤝🤓💚🌱

Awesome naham 🔥

I think Freelancing is a better option. Building a brand in the long run is better.
Maybe I'll try both. Get clients and bug bounty on the side.
I like how you're optimistic about full time bug bounty. Is your course on udemy updated?

hey currently I'm full time at bugcrowd .. I think it's a great option if you're living on this country like India , Bangladesh , Pakistan and so on .. I'm from India and here 1 USD = 83.21 INR .. and in general my expense per month is less than 8000 INR . and if you got 20-25k INR , it is good for general monthly expense .. and more over a full time bug hunter can get more than 500 USD and it's enough ... so I'm full time for now ...

I've been thinking of taking a week or two of unpaid leave and put this time into bug bounty hunting. This should give me time ane hopefully motivation, cause I would not get money from my employee. Just as an experiment.

I would like to do bug bounty full time. I think it is possible to get independent with bug bounty hunting. Maybe some extra skills are needed especially for money plan usage.

Hey Ben, quick question for you. I'm a senior cybersec student. I'm trying to get into bug bounty but I am a little bit overwhelmed. I do have experience with general security which will cover most of the security principles and concepts. There are tons of labs and vulnerable apps to learn bug bounty/web security, but there are sooo many of them which I start to feel overwhelmed, I don't know which one to start and finish due to amount of resources. My question is that should I just dive right into bug bounty by choosing a target and learn as I go? I am not sure if this is good way to start since I won't be that much knowledgeable at first. What are your opinions on that? I would be really appreciate if you take your time and write back to me. Thank you in advance. Best luck!

❤❤❤great as usual

Hello Naham .Any chance you could make some videos with one liners .I am a big fan of them. Great video mate. Thanks

Hi @nahamsec, need to buy new labtop for bug bounty . Which one you recommend to buy?

That's remind me all the smoke sellers, maybe we need a Lambo behind and a bit of money 😂😂

Awesome as usual

Can you pls guide me for big bounty big fan sir

Bug bounty or API hacking
Especially API hacking course
I know you are busy take your time.
We will really appreciate it.

youtube's volume full, pc volume full but still not able to hear clearly i think you should increase the volume of video during editing

If you can’t get a solid job in cyber security it’s not worth the time cut your loses.
The amount of time you would spend learning bug bounty hunting you could learn to live off grid lol.

yeah, I think it's worth it

it's worth it

Since I never got a reward for my reports I lived off the whole 2022 with money I had saved up from previous year-2021

Sometimes I think of this is probably an illusion like doing Forex trading or criptos, it was lost time for 3+ years, well, I hope that bug bounty worth so effort (sorry for my english jejeje), greetings

It's my retirement plan.

u need some tahdig to make you happy :3

There is something we say in India : Risk hai toh Ishq hai

Bug bounty as a living is financial suicide. Companies aren't fair, they require you to PoC or even deliver exploits to absolutely everything. They establish weird scope, and platforms can claim your finding is duplicate without ever disclosing the initial report. Only the top 0.1% can make a living out of this. Content creator (sponsored by platforms) should be more honest about the hard reality of bug huntings and stop selling dreams to newcomers.

i will post all xss on spotify ? how that !!

I just keep working on networking, databases, and programming and then study cyber security to put it all together. Idk why, but i always forget about bug bounty but it seens right up my alley. Thank you for making these videos 🦾🥳

Everything is patched thats a total waste of time.

Amazing Video.
What you think can I can earn min 300$ in a month I am self teach cyber security I start 3 mouth ago. I have Comptia A+ , olmoust finish Network+. And learn 3mouth a python & Javascript.

Set up a budget and put away for retirement.

Well we like it or not bug bounties are for the very few leet hackers out there,that they 've been doing it for a long time like Ben. The newcomers that can make a living out of bb are very few too.The competition is huge, the automation from the leets plays a crucial role and i don't believe there is more than 40-50 hackers globally than can make a living out of bb's. You can confirm that if you see the hackers that go to the live hacking events. They are always the same. Ben,Todayisnew,rhynorator,zseano etc....Don't get me wrong but for me this is the hard reality,you can do it part time and have more fan but i believe if you choose to do it full time the frustration will be devastating. Cheers for the great content as always Ben!!