Please do not believe everyone, do your own research before switching. Look around for genuine people , don’t take advice from those who just rode on their luck. Though Luck, proper recommendations, knowledge, skills and limited opportunities will all set the tone for what you achieve.
This pandemic changed a lot for me. I realized that upgradation of skills is must for everyone. I am a civil engineer/project manager and I have never enjoyed computers other than for gaming purposes. Ironically, the summers of 2020 changed my entire attitude towards the computer related stuff.
I barely used to get out alive from the computer classes but since 24th May,2020 bugs are in the air. As their was a significant drop in the construction activities, I was left with nothing to do. Someone advised me to look for pentesting courses and it grabbed my attention.
So, I bought the required system and downloaded bunch of pentester academy courses related to networking and web application testing. It took me four months to complete all of them and to be honest I had fun but in the end I could not remember anything. Simply because for 28 years, computers were only for entertainment purposes. I am sure a lot of people of various backgrounds learned this art before me but as I am trying to make it a full-time career, it is more challenging.
Four months were practically tough and frustration was always around the corner. During the mid October(2020), I started to reach out the security researchers, some of them were very kind and most of them were not. By the same time, bug hunting was also the part of my daily routine. Bug hunting is not easy for people like me. Finding a good program is not a piece of cake even if you submit a POC, the process of awarding bounties are damn slow and unfair. The biggest advantage of BBs are that one can learn more quickly and get the real time hands-on of whatever the courses have taught.
I have spent 9 months, submitted various bugs, solved machines (vulnhub & HTB), vulnerable web apps, tested thick clients, currently testing android and if I still get the time, I try to learn about API and cloud.
I will be presenting series of articles mostly for beginners or for people who would like to switch their careers and explore the possibilities. The articles will enlighten about DOs and DONTs, bug bounty tricks & tips, profile development and how to stay motivated because the path is not as easy as it sounds.
I’ll be back.