Resources for Beginner Bug-Bounty Hunters By NahamSec

1 min read



There are number of new hackers joining the community on regular basis and this raises the question of “How do I get started and what are some good resources?” and we hope to help with those questions using this repository.
As a hacker, there a ton of techniques, terminologies, and topics you need to familiarize yourself with to understand how an application works. Cody Brocious (@daeken) and I put these resources together in order to help new hackers with resources to learn basics of Web Application Security.

We understand that there are more resources other than the ones we have listed and we hope to cover more resources in the near future!

Web basics

  • All in one resource
  • Headers
  • Request form
  • Response form
  • Response codes
  • URL Encoding
  • Methods

Networking basics

  • All in one resource
  • Terminology
  • What is an IP?
  • What are ports?
  • What is DNS?–cms-24704
  • Intermediate Security Testing with Kali Linux 2

Programming Basics

  • HTML
  • JavaScript
  • SQL
  • Python
  • Bash
  • Additional Resources:


  • Setting up your own web server on a VPS
  • Setting up virtualbox + linux
  • Basics of UNIX
  • Setting up Burp
  • Previously Disclosed Vulnerabilities


As we start to build this repository, we’ll be adding more vulnerability types and resources for each one. XSS is a great place to start as it’s one of the most popular and easiest vulnerabilities to find in a web application.

  • Hacker101
  • A comprehensive tutorial on cross-site scripting
  • Google Application Security (XSS Guide)

XSS Labs

  • XSS-Game


  • Hacker101
  • PentesterLab
  • HackEdu
  • DWVA
  • Google Gruyere

One Reply to “Resources for Beginner Bug-Bounty Hunters By NahamSec”

Leave a Reply

Your email address will not be published. Required fields are marked *