I’ve been doing some training boxes where the source code is generally available, thus it is easier to understand and spot the vulnerability. However, I wanted to understand the mindset of Black Box testing since I tend to jump to looking at the source code after like ten minutes :/

What do I expect?

What kind of information does the tester rely on?

Do we just push buttons and find something anomalous?

Do I need to have a lot of experience with developing web applications to make educated guesses? O_O (I’m still ready to put that extra effort)

I’m asking because this is a very beneficial skill for Bug Bounty Hunters and I aspire to be one someday. Any tips or resources will be appreciated 👍🏻

Share This Discussion

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.