Is it actually possible to make any good money doing that or am I better off doing surveys or some shit for money on the side lol

  • PaX [comrade/them, they/them]
    hexagon
    ·
    11 months ago

    Thanks for the input. I think I'm gonna look into it I just don't wanna spend hours and hours trying to find stuff to no success :(

    • JoeByeThen [he/him, they/them]
      ·
      11 months ago

      Worth checking out; the jhaddix methodology

      https://youtu.be/uKWu6yhnhbQ?

      Also, on YouTube either nahamsec or The Cyber Mentor had a good roadmap for getting started and what websites to sign up with.

    • Sphere [he/him, they/them]
      ·
      11 months ago

      If you're going to give it a try, I would recommend giving fuzzing a shot; it's a very effective way to find interesting and potentially exploitable bugs. I'm not too familiar with the tools these days, so I don't know if there are fuzzers you can just download and start messing around with, or if you still need to roll your own to effectively target the full attack surface of the application you're interested in, but I imagine there are plenty of resources on the subject online.

      • PaX [comrade/them, they/them]
        hexagon
        ·
        11 months ago

        I think there are fuzzing libraries you can use but in the end you still have to write a way to interface with the application somehow. I'm not too familiar either.