Starting pentesting

This topic contains 1 reply, has 2 voices, and was last updated by  Don Donzal 1 year, 3 months ago.

  • Author
    Posts
  • #168868
     tabasco 
    Participant

    Hi all!

    I am really eager to start pentesting for real using the bugcrowd and hackerone programs but i am kind of scared to do it from home (using my own IP adress).
    Is it wise to just use my own IP or do you guys recommend using a VPN service? Or maybe TOR?

    Thanks in advance.

  • #168870
     Don Donzal 
    Keymaster

    One thing to keep in mind is that if you go with a bug hunting program like the 2 you mention, then these are legal programs sanctioned by the companies themselves. You’re doing nothing illegal, so there’s actually no need to hide or be scared of them finding your IP address.

    On the other hand, if you are going after targets that are not listed on either program, then you don’t have permission to bug hunt.

    The other consideration is if your ISP considers the activity coming from you is not appropriate. They could cut your internet access. This might be a reason to hide utilizing VPN services or TOR. Using a VM in the cloud might be another way around this.

    We touch on this and many other issues in the webinar on this topic. Go to “Video: Bug Hunting as a Second Income” for the full video and slide deck.

    @jhaddix – Thoughts on this?

    • This reply was modified 1 year, 3 months ago by  Don Donzal.

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?