Published on

My first bug bounty #bugbounty #bugbountytips #bugbountyhunter

Introduction

I remember the moment vividly: after making just one request, the application I was testing suddenly stopped responding. This was a consistent behavior that I could replicate effortlessly. Initially, I thought to myself, “This feels like a denial of service attack, but it’s not the type of vulnerability that would earn me a bounty.”

However, to my surprise, I learned that GitLab does indeed offer rewards for this particular class of vulnerability. Despite my skepticism, I decided to submit a report detailing the issue I had encountered. I couldn’t shake off the feeling that it was all too good to be true and that perhaps they wouldn’t consider it a true bug. But much to my astonishment, I received a response confirming the vulnerability and a payout of $ 1,000!

The exhilaration that came with that notification was incredible. I believe many in the bug bounty community can relate to that mixture of excitement and disbelief during the wait for a bounty payout—always thinking of scenarios where they might not recognize your issue as worthy of compensation. Yet, in my case, they did pay me, and it felt surreal.

With my first bounty, I decided to treat myself a little. I spent half of the amount on a watch, which I still cherish today. That initial bug bounty experience was not just rewarding financially; it also solidified my passion for bug hunting and gave me the confidence to continue pursuing vulnerabilities in software applications.

Keyword

  • Bug bounty
  • GitLab
  • Vulnerabilities
  • Denial of service
  • $ 1,000 payout
  • First experience

FAQ

Q: What is a bug bounty?
A: A bug bounty is a reward offered to individuals for reporting bugs or vulnerabilities in software applications.

Q: Can denial of service attacks be reported for bug bounties?
A: Yes, some companies, like GitLab, do pay for vulnerabilities that fall under denial of service attacks.

Q: How much can you earn from bug bounties?
A: Payouts for bug bounties can vary widely depending on the severity and impact of the reported bug; in my case, I received $ 1,000 for my first submission.

Q: What did you do with your first bounty payout?
A: I used half of the bounty to purchase a watch that I still own today.

Q: What was your reaction to receiving your first bug bounty payout?
A: It felt surreal and incredible, as I was uncertain if my report would qualify for a payout. Receiving the notification was exhilarating!

Read More