I am trying to focus on both Web App Security and Threat Intelligence for the next few months. I would love to work on bug bounties in my spare time, but I am not a programmer and know only just enough web app development stuff to do my job. That is, I have a base knowledge from my certification studies (and lab work), and from running Burp Suite for pen testing, but I don’t feel ready to participate in any type of bug bounty programs.
So far, I have only signed up for a couple of Udemy Classes and purchased the book that was recommended, The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws, 2nd Edition. But I was looking around the bugcrowd website this morning and found a site I love. Hacksplaining is a great resource and should be included in your learning list if you too need to get up to speed quickly. The site is awesome, and super easy to follow. There are pictures and walk-thrus and is really a great way to learn.
Computer Pooh 