Resources-for-Beginner-Bug-Bounty-Hunters
Media Resources & Communities 🎬
Here you find listings to useful media creations that can help beginners in different ways. If you are interested in interviews with the top hackers and bug bounty hunters, check out NahamSec's Live Recon Stream
Discord Servers
Cyber Security Content Creators
- Curated List of YT Channels by TCM
- Nahamsec - Educational Videos and VODs of his Stream, Vlogs
- STÖK - Videos About Hacking, Live Events, Bug Bounty Tips & Vlogs
- Bug Bounty Reports Explained
- LiveOverflow - Educational Videos about CTFs, Hacking in General
- John Hammond
- The Cyber Mentor - Educational Videos about InfoSec, Penetration Testing, Web Security, Scripting, etc.
- InsiderPhD - An excellent Introduction series for beginners to help them find their first bug.
- PwnFunction- Explanatory videos about Web App vulnerabilities
- ippsec
- Jason Haddix - VODs of his Stream
- Farah Hawa
- Rana Khalil
- David Bombal
- NetworkChuck
- PhD Security
- HackerSploit
Streamers
Conferences
Podcasts
- Darknet Diaries by Jack Rhysider
- CCC Luxembourg Podcast Luxembourgish Podcast from CCC Lux.
- Critical Thinking: A Bug Bounty Podcast
Curated Bug-Bounty List on Twitter by @securibee: Link
The following list does not exclusively contains Bug Bounty themed Accounts but a broad variety of InfoSec and Hacking.
Members
| handle | name | description |
|---|---|---|
| @0x0luke | Luke | MSc Cyber Security |
| @0xacb | André Baptista | 🇵🇹 Security researcher and bug bounty hunter living somewhere between 3D and 7D. Freedφm. 1128350274 |
| @0xd0m7 | 0xd0m7 | Security Researcher |
| @0xInfection | Pinaki | I am just an infected geek. 🤠 |
| @0xpatrik | Patrik Hudak | Outcome over ego. |
| @0xteknogeek | Joel Margolis | Engineer by day, researcher by night • 50% grad of @RITtigers • ProdSec @Uber • DISTURBANCE • Views and opinions are my own. |
| @11xuxx | Ashkan Jahanbakhsh | developer, pentester and bug hunter(OSCP, OSCE, OSWE) |
| @1ndianl33t | Shiv chouhan | Web & Mobile Application Security Researcher |
| @adrien_jeanneau | Adrien | Cybersecurity Lover - I love to break things (and I'm paid for that) - Bug Hunter - Creator of gitGraber https://t.co/DKteWrVYt2 #InfoSec #BugBounty |
| @AEMSecurity | AEMSecurity | Dedicated to Adobe AEM Security - Bugbounty - Vulnerability & Exploit Research. CVE-2016-0956, CVE-2013-6674 |
| @Agarri_FR | Nicolas Grégoire | Web hacker && Official Burp Suite Pro trainer https://t.co/oaXuAFhYWp…Follow @MasteringBurp for free tips and tricks |
| @ajxchapman | Alex Chapman | Bug Hunter |
| @akita_zen | Akita 🇦🇷 | bugbounty hunter & zen monk |
| @albinowax | James Kettle | Director of Research at PortSwigger Web Security aka @Burp_Suite |
| @alicanact60 | Ali Tütüncü | Bug Researcher |
| @Almroot | Fredrik N. Almroth | Co-Founder, Researcher and Head of Engineering at @detectify. Coder of stuff, breaker of things. PGP/MIT: 0xEDF8D9828B06A7F7 |
| @Alra3ees | Emad Shanab | A Lawyer & A noooob. Every Law has its own Bugs. I have no Facebook. https://t.co/n9U5HPkWcV https://t.co/46EDOU8gnq |
| @alxbrsn | Alex Birsan | |
| @Alyssa_Herrera_ | Alyssa Herrera Perez 🇩🇰 🏳️⚧️ | Sr. App Sec engineer. Bug bounty hunter on @Hacker0x01. @detectify crowdsource hacker, and @hacknotcrime Advocate. Loves birbs. Furry Hacker. NB-They/them |
| @ameenmaali | Ameen | appsec infant, bug bounty fetus - Blog: https://t.co/IULDdK4Wh1 (@abugzlife1) |
| @andirrahmani1 | Andi Rrahmani | Security Researcherhttps://t.co/Xenw3BiShq |
| @anshuman_bh | Anshuman Bhartiya | I love Security, Automation, Innovation, Challenges and Changes. My opinions here, not my employers. https://t.co/RyQUQzkYzm |
| @ap_ceng | Ashish Padelkar | |
| @ArchAngelDDay | Douglas Day | Born again. Libertarian. Bug Bounty Hunter. Crypto Enthusiast.Views are correct. BTC to 3Jo3Yn7Xt3SYUmm49LiqF1nsKwa9R9wNhi for bugbounty mentorship |
| @arneswinnen | Arne Swinnen | IT Security. Bug Bounty Hunter. |
| @atul_hax | Atul | I love pwn, reading RFCs, and I just dabble on the keyboard until things happen but Emacs gave me carpal tunnel. |
| @avlidienbrunn | Mathias Karlsson | Web security fiddler. Bug bounty bastard. CTF with @HackingForSoju. |
| @B3nac | Kyle | Full time Security Researcher. I really enjoy everything Android. Creator of InjuredAndroid and BountyPay apk. Send me all the apks plz. https://t.co/myQCNOp959 |
| @bbuerhaus | Brett Buerhaus | https://t.co/usMDC8wsVM - websec research, bug bounties, CTF (@hackingforsoju) and puzzles (@fomo_team). |
| @bendtheory | bend theory | 1 1 2 3 5 8 13 21 34 55 69 420 666 911 |
| @bitquark | bitquark ✪ | Tesla red team by day, |
| @Black2Fan | Sergey Bobrov | |
| @BonJarber | Jon Barber 🤖 | AppSec engineer @Cruise |
| @brxxnh1 | brxxn (security) | views and opinions are those of a wild ostrich on the loose |
| @bsysop | bsysop | If you can dream with it, you can do it🤘🏻! |
| @BugBountyHQ | BugBountyHQ | |
| @bug_dutch | Floerer | Bug Bounty Hunter - CS Student - 🇳🇱 - https://t.co/a2pvqTuEF9 |
| @chevonphillip | Chevon Phillip | Bugcrowd Ambassador |
| @codecancare | todayisnew | May you be well on your side of the screen. |
| @codingo_ | Michael Skelton | Global Head of Security Ops and Researcher Enablement @bugcrowd, Ex-pentester. Maintainer of NoSQLMap, VHostScan, Reconnoitre, Interlace, Crithit |
| @Corb3nik | Ian Bouchard | Security Enthusiast, CTF Fanatic, Bug Bounty Hunter, @opentoallctf/perfect.blue Web guy, NorthernCoalition Co-Founder |
| @d0nutptr | d0nut | Lead Security Engineer @graplsec, part-time bug hunter (https://t.co/INDLSLS2Qu). (he/they). Formerly @Dropbox, @Cruise.My tweets are my own. |
| @damian_89_ | Damian Strobel | #webdev #php #machinelearning #python #laravel #python #websec #bugbounty #pentest |
| @dee__see | Dominic | Outdoor enthusiast, friend of all dogs, hacker, AppSec engineer @gitlab - fighting inertia |
| @defparam | Evan Custodio | FPGA/Hardware Hacker. Web Security Researcher. I break web servers so that others can't.@awscloud - My opinions are my own |
| @dhauenstein | Daniel Hauenstein | I am the Klaus Kinski of IT security. I do bug bounties (H1/BC/SynAck/zerocopter). I know memes and drink beer. Co-Founder of Last Unicorn Con. Hacking magician |
| @eboda_ | eboda | full-spectrum cyber warrior |
| @EdOverflow | Ed | Web developer & security researcher. |
| @erbbysam | erbbysamᐸscriptᐳaler | software, cryptography, etc. DEFCON black badge with https://t.co/UBvdIM5TW6 |
| @eur0pa_ | europa | 𝙸 𝚑𝚊𝚌𝚔 𝚜𝚝𝚞𝚏𝚏 𝚏𝚘𝚛 𝚙𝚛𝚘𝚏𝚒𝚝, 𝚊𝚗𝚍 𝚕𝚒𝚏𝚝 𝚑𝚎𝚊𝚟𝚢 𝚝𝚑𝚒𝚗𝚐𝚜 𝚏𝚘𝚛 𝚏𝚞𝚗. 𝙿𝚘𝚠𝚎𝚛𝚎𝚍 𝚋𝚢 𝙱𝙱𝙰𝙲. |
| @farah_hawa01 | Farah | noobiest of the noobs |
| @filedescriptor | FD | @0xReconless |
| @foobar0x7 | foobar7 | IT Security Consultant & Bug Hunter |
| @fransrosen | Frans Rosén | Dev/Security/Founder at @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do. |
| @garethheyes | Gareth Heyes | javascript:/--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[/[]/+alert(1)//'> |
| @gehaxelt | Sebastian Neef | Freelancer. Student. Traveller. Hacker. WhiteHat. Bughunter. CTFs @ENOFLAGBlogs @0daywork, @blogbasis and co-Founder of @internetwache |
| @gerben_javado | Gerben Javado | Security Engineer @Facebook. Into bug bounties. Personal opinions. |
| @gregxsunday | Grzegorz Niedziela | pentester / bughunter |
| @Gromak123_Sec | Gromak123_Security | French Security Researcher and Pentester at @Unumkey. C |
| @gwendallecoguic | Gwendal Le Coguic | Bug hunter, tool maker. |
| @h1_sp1d3r | Evgeniy Yakovchuk | Toss a coin to your hacker, A friend of humanity. |
| @hacker_ | Corben Leo | Christian, Computer Science @DakotaState, Hacker |
| @hahwul | HAHWUL | Security engineer, Bugbounty hunter, Developer and H4cker. Say ha-hul but you can just call me howlhttps://t.co/FhMxZy51Qr , https://t.co/gYBnn30EHm , https://t.co/DAjEwvaq0u |
| @hakluke | HΔKLUKΞ | Luke StephensDad, husband, hacker. https://t.co/Zurv4bdcyFhttps://t.co/d1aqj2Q46E |
| @hateshaped | hateshape | |
| @HazanaSec | ʜᴀᴢᴀɴᴀ | ␀https://t.co/OqwyPoZFFf |
| @hgreal1 | hg_real | Just another random QA guy |
| @honoki | Pieter Hiele | Cyber entomologist 🐛 amateur musician 🎹 occasional blogger 💻 https://t.co/0to21Mri4bhttps://t.co/fd9pUEXxbn |
| @HusseiN98D | Hussein Daher | Bug bounty hunter - If you're reading this I love you. - [email protected] - https://t.co/JTJxMBZ7Qshttps://t.co/8iuIYnLHg4 |
| @Hxzeroone | Hx01 | Not evil just misunderstood. |
| @IAmMandatory | mandatory/Matthew Bryant | Sec@Snapchat. Ex-Google, Uber, Bishop Fox. XSS Hunter author, DNS/TLD/web security researcher. parallel26(at)opsecmail(dot)com |
| @imranparray101 | Imran Parray | Independent cyber security researcher |
| @infosec_au | shubs | continuous security, @assetnote |
| @inhibitor181 | Cosmin | Bug bounty hunter |
| @InsiderPhD | Katie Paxton-Fear | PhD Student, Occasional #BugBounty hunter & Educational #CyberSecurity YouTuber. I study at @CranfieldDefSec: Insider Threats using #nlproc. she/her. |
| @irsdl | Soroush | appsec \ web / https://t.co/3mMc7BsRyw @MDSecLabs |
| @itscachemoney | Tanner | Somewhere between a builder and a breaker |
| @ITSecurityguard | Patrik Fehrenbach🤖 | rɪsˈpɒnsəbl dɪsˈkləʊʒə HackerOne |
| @jackds1986 | Daniel Bakker | Lead Security Analyst & Ethical Hacker |
| @jackhcable | Jack Cable | Coder turned white hat hacker with public interest mindset. @Stanford ‘22. Rebel @defensedigital. @StanfordIO / @CISAGov. All tweets are in my personal capacity |
| @Jhaddix | Jason Haddix | Father, hacker, educator, gamer, & nerd. Streaming sometimes at: https://t.co/WBZcSgGOIG & posted to https://t.co/I2yhmJjGAb |
| @jinonehk | Jinone | Security researcher |
| @jobertabma | Jobert Abma | I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01). |
| @JohnH4X00R | John H4X0R | Entrepreneur, Programmer & a Bug Hunter https://t.co/vIahtTjPHh Adobe https://t.co/GNSAsABaOl Oracle https://t.co/dObZSH4Gwb Got my👍in each 1 of those pies. |
| @JonathanBouman | Jonathan Bouman | Medical Doctor (GP), Web Developer, Security Researcher |
| @jon_bottarini | Jon Bottarini | Security person. I post about bug bounties, infosec, and everything in between. “insert long job title here” @Hacker0x01, but tweets are my own. |
| @joohoi | Joo, N/A | Hacks for beer. FOSS, infosec and privacy. Chaotic good. |
| @JR0ch17 | JR0ch17 | Bug bounty hunter, penetration tester and security researcher |
| @jstnkndy | Justin Kennedy | Infosec professional & beverage snob. Research Consulting Director @ Atredis Partners. |
| @kapytein | Nadir | Student. Participates on bug bounty programs, kapytein on almost all platforms (h1/intigriti). AppSec @officientapp. |
| @KasperFritzo | Kasper Borg | Danish Security Researcher. |
| @kazan71p | kazan71p | https://t.co/oTV7m505NG https://t.co/HOkYMVa48M |
| @Masonhck3571 | Masonhck357 | Dominican |
| @MasteringBurp | Mastering Burp Suite Pro | Tweets and retweets about Burp Suite Pro |
| @mcipekci | Mustafa Can İPEKÇİ | I'm an engineer from Turkey, who is interested with biotechology, computer science and digital gaming.A.K.A nukedx |
| @Michael1026H1 | Michael Blake | H1: michael1026.Software engineer interested in software security.Oregon |
| @michenriksen | Michael Henriksen | Freelance security engineer and consultant. Need help with web application security? |
| @Mik317_ | Michele Romano | The walls of Sparta are the chests of its warriors - Agesilao |
| @mongobug | mongo | I like bug bounty programs and breaking things that other people have built. I love kudos. |
| @MrMustacheMan3 | MrMustacheMan | https://t.co/N9HO1Nhef0 |
| @MrTuxracer | Julien Ahrens | Vulnerability Intel |
| @nader_brandi | nader | Security Researcher / Bug Bounty Hunter / web developerhttps://t.co/1mefovxcwn |
| @NahamSec | NahamSec | 🇮🇷 Co-founder @bugbountyforum |
| @nahoragg | Rohan Aggarwal | I spend more time on things, to understand them until they don’t understand me and start giving me what they aren’t programmed to. |
| @nbk_2000 | ₦฿₭ | Script-Kitty Thought-Feeder#SemperFur #bugbounties #hacking |
| @ngalongc | Ron Chan | Security Engineer at GitLab. This is a personal stream, opinions expressed are mine. |
| @ngkogkos | Nick | |
| @ngocdh | Huy Ngoc | Pentester |
| @nijagaw | Nico | Founder of @codegrazer, #Penetrationtester, #bughunter on https://t.co/ufQNKpG2JS, infosec enthusiast |
| @nnwakelam | n a f f y | security expert |
| @not_an_aardvark | Teddy Katz | Programming language design/security/software correctness enthusiast. Working on privacy @Google (this is a personal account). he/him. ✊🏻✊🏽✊🏿 |
| @nullenc0de | Paul Seekamp | I spend a significant amount of time reading security stuff. |
| @orange_8361 | Orange Tsai 🍊 | This is 🍊 |
| @p4fg | Peter | Are developers better hackers? I think so... |
| @PascalSec | ΡΛSCΛLSΞC | 👨💻 Senior Security Engineer / Pentester @Dynatrace📺 Youtuber posting hacking videos at @Hacksplained |
| @PentesterLand | Pentester Land | Resources for penetration testers and bug bounty hunters |
| @plmaltais | ramsexy | French-Canadian hacker 🇨🇦. Full-time bug bounty hunter. Craft beer connoisseur 🍻. Surfing the web and hacking the waves. 🌊🏄 |
| @pnig0s | Terry Zhang | Security @ Ant Group (Attack & Defence) |
| @pudsec | Shaun | |
| @pxmme1337 | Pomme | Triager @Hacker0x01 |
| @r0bre | r0bre | itsec @tudarmstadt , web- and systemsecurity, bugbounty, iOS security research, open source. /stack sommelier/code connaisseur/kernel asmr artist/ 👾📲 |
| @r0hack | Ramazan | Researcher in @deteacthacked by r0hackhttps://t.co/xUo4swrcWM |
| @r0x33d | Matt | Security Researcher |
| @Regala_ | Fisher | Half hacker, half daydreamer. DISTURBANCE. Mercenary for hire. Casabranca. Host @bounty_podcast |
| @restr1ct3d | Niv Levy | Penetration Testing Engineer / Offensive Security Certified Professional / Bug Bounty Hunter |
| @rez0__ | rez0 | Joseph Thacker // Sr. Security Engineer // Hacker, bug bounty hunter, & hobby jogger. Slay all the dragons that stand in your way. Talk to me about Jesus. |
| @Rhynorater | Justin Gardner | Christian |
| @rhyselsmore | 🥯 | xfitter, bjj newb, oz shep dad. internet mall cop at @heroku, bugs at https://t.co/MFzfzsrYBp. opinions my own, not employers |
| @RockyBandana | Rocky Bandana | Hacking for Good |
| @rohk_infosec | Kevin | senior application security engineer at @Okta - all tweets are my own |
| @rootxharsh | Harsh Jaiswal | Views are my own |
| @rub003 | 003random | [ 'student', 'system and network engineering', 'bug bounty', 'developer', 'bbac' ] |
| @_ruby | ruby nealon | 😷 |
| @rwincey | b0yd | software construction & deconstruction |
| @Sambal0x | Richard Tan | Father, security researcher, pentester, proficient diaperchanger. |
| @samengmg | samuel eng | |
| @Samm0uda | Youssef Sammouda | Cyber Security Expert. YES™ team member. |
| @samwcyo | Sam Curry | Full time bug bounty hunter. Run a blog to better explain web application security. Somewhere between high school and pretending to be an adult. |
| @santi_lopezz99 | Santiago Lopez | 1# Millon Dollar hacker on @Hacker0x01 #bugbounty. Instagram: https://t.co/fLSrAlKf4Q |
| @satishb3 | Satish Bommisetty | |
| @SaxX | S. A. X. X. | #BugBounty ¦¦ #Hacker ¦¦ @HexpressoCTF member ¦¦ @breizhctf Org ¦¦ #WebSec ¦¦ Sometimes breaks stuff ¦¦ Building #Cybersecurity in #Africa ¦¦ #OSINT & #Recon |
| @seanmeals | Sean Melia | I bug bounty when I can. Thoughts are my own. etc. |
| @seanyeoh | notsy | I only tweet when I'm mad cuz bad. |
| @SebMorin1 | Sébastien Morin | Bug bounty hunter, pentester and security researcher |
| @securibee | Big Body Bee 🐝 | Creative problem solver that gets things done.Bee different, bee yourself. |
| @securinti | Inti De Ceukelaire | Uncertified Ethical Hacker (UEH) and bug bounty bro. @intidc (dutch), community dude @intigriti. Tweets are mine and so is your computer. |
| @securitybites | Jesse Kinser | Hackerone/bugcrowd: randomdeduction |
| @SecurityMB | Michał Bentkowski | Penetration testing, bounty hunting |
| @shailesh4594 | Shailesh Suthar | An independent security researcher :-)https://t.co/V7JrsztJK4 |
| @shmilylty | Jing Ling | Developer, pentester and bug hunter. |
| @shub66452 | $! | 3nt_4unt3r |
| @skeltavik | Bram Ruttens | Penetration Tester @OrangeCyberBE 💉 |
| @smiegles | Olivier Beg | Head of researchers at @zerocopter, Co-founder @bugbountyforum |
| @sml555_ | Sajeeb Lohani (sml555) | Platform Security Engineer @Bugcrowd |
| @snyff | Louis Nyffenegger | CVE connoisseur @PentesterLab. Security engineer. Bugs are my own, not of my employer. I just want to be a webservice... |
| @soaj1664ashar | Ashar Javed | Web AppSec Researcher |
| @spaceraccoonsec | spaceraccoon 🦝 | Here to learn! Hackerone: https://t.co/UK9KDsRVlL |
| @_staaldraad | Etienne Stalmans | Security researcher and breaker of things. & |
| @StanFaas | StanFaas 🦉 | Father - Full-time developer - Wannabe hacker / Night-time bug hunter (GangsterSquad) https://t.co/Ew6Xw2eyST |
| @steve_mcilwain | Steve Mcilwain | Cybersecurity / Bug Bounty Hunter / Pen Tester / Tool Developer / Illustrator / Animator / Cat Dude |
| @stokfredrik | STÖK ✌️ | Hi.. im that hacker that your friends told you about. I used to travel the world, hack & vlog about it. Hackfluencer - Creative - Sustainable Fashion - he/him |
| @streaak | streaak (on a break) | BBAC kidnapped me |
| @sushiwushi2 | iamsushi | I tweet strange things and find bugs #OSCP |
| @sw33tLie | sw33tLie | Bug bounty hunter and CS student, 20yo.Playing with software since I can remember.https://t.co/qABvqCl1Pxhttps://t.co/DFfjocm4aR |
| @Th3G3nt3lman | Th3g3nt3lman | a born terror, a rebel without a pause, i never had a good christmas so who is santa claus? |
| @thedawgyg | dawgyg | 1 of 8 Millionaire Hackers thanks to @hacker0x01 #h1415 2020 MVH, Bug Bounty Hunter, Reformed Blackhat, Synack Red Team Member, Nissan Skyline Collector |
| @theflofly | Florian Courtial | 0x00 |
| @TomNomNom | TomNomNom | Open-source tool maker, security researcher, trainer, talker, fixer, eater, not really a sheep. He/him. |
| @twitt3raccnt | psaux | https://t.co/yQUH0WHaJo |
| @uraniumhacker | Uranium238 | CS undergrad 3rd year, I hack companies. Team: Ophion. Personal Twitter: @mallocsys. forbes top 20 hackers ever (100% legit) |
| @vinodsparrow | Vinoth Kumar | DevSecOps. Partime Bug Bounty Hunter. Views are obviously mine |
| @vortexau | vortex | I work @ Bugcrowd (personal account). Ex-Pentester, Ex-DevTweets about infosec, bounty hunting, homebrewing and cars.SecTalks Adelaide Co-organiser. OSCP/OSWP |
| @vp440 | Felix Veillette-Potvin | Pentester @gosecure_inc, Bug bounty hunter, general security enthusiast. Opinions and views expressed are my own. |
| @Wh11teW0lf | Wh11teW0lf | @Synack MEMBER |
| @x1m_martijn | x1m | hacker from Groningen |
| @xEHLE_ | xEHLE | true(1) |
| @Yassineaboukir | Yassine Aboukir 🐐 | Popping shells for flight tickets at your nearest airport departure terminal. AppSec consulting, and bug bounties (11th ranked) on @Hacker0x01 🇲🇦🇫🇷 |
| @yaworsk | yaworsk | Author of https://t.co/4sI75efGSk, Hacker Interviewer https://t.co/Utz8Qr1kUR, @shopify AppSec. Tweets are my own. Unless you wrote them. |
| @yip404 | Mohamed Ebrahem | |
| @zeroxyele | xyele | 🇹🇷https://t.co/PEtNHYrIVKhttps://t.co/p67rsc3GE9 |
| @zseano | @zseano | webapp hacker and also that annoying lucio 🐸 Recognised by @Amazon in 2018 for my security research work. ~busy working on @bugbountynotes v2!~ |
Misc
- ChaosComputerClub Germany Media Resources - bunch of conference talks and other media
- Phrack
back to Intro Page