Bug Bounty is fun, but let's be honest: it is not easy.

I believe that every single thought you have throughout your journey matters. This means that despite the negative thoughts, the burnout, and the crippling self-doubt, you just need to keep going.

A wise hacker once said:

I would be lying if I said I was any different. Even during the good months, I still feel bad. It's that classic, sinking feeling of imposter syndrome:

• "What if I'm not good enough?"

• "What if that was just luck?"

• "What if it all ends here?"

In every single occasion that I felt like that, I was able to push through it by simply keeping going, literally. There were times I thought I had found my last vulnerability ever, then next day I find a crazy one, it just happens.

Surround yourself with the right people

As crazy as it sounds, I think that one of the most difficult things in bug bounty isn't just finding the bug; it's to simply keep going.

That's why you should always try to be surrounded by the right people, those who cheer you up, help you keep going and push you to be better. Be around those who make all of it fun!

I don't mean to imply that you should only have positive thoughts. On the contrary, it means acknowledging the doubt, the frustration, and showing up anyway.

Those negative thoughts are a part of the process. They are a sign that you care and that you're pushing your own boundaries.

Learn from your mistakes

There is a very good chance that, at some point in your journey you will make mistakes and feel burned out. Even if everything seems to be going well.

Although it can be very difficult to recover from the burnout, it's important to remember that it's a natural part of the process, every person experiences. The difference between the successful and the unsuccessful is the ability to recover from it.

You always have a decision to make, it's up to you to keep going. Just remember that if it was easy, everyone would do it.

The "I've Hacked Everything" Illusion

We've all been there. You're deep in a bug bounty program. Weeks, maybe even months, have gone by. You've done pretty much everything you think you should've done. Now, you're hitting a wall. Everything feels familiar, every feature seems locked down.

This is when the illusion creeps in.

When you get deep into a program, it's easy to feel like you've seen it all. You've mapped the attack surface you're comfortable with, and you're coming up empty. It’s tempting to close your notes and move on, thinking, "This program is secure."

But most of the time, this isn't a sign that the program is secure; it's a sign that you need to see things from a different perspective.

If you ever feel like this, take a break. Go for a walk, do something else, and come back to it with a fresh mind.

That wall you're hitting isn't the end. That that just means you have seen all that your current methodology allows you to see.

Every single time I started to feel like I knew everything about my target, I eneded up finding a new vulnerability, or at the very least, a new gadget.

The Importance of Rest

Rest is just as important as the work you do. It's easy to get caught up in the rush of bug bounty, but it's important to take a break and rest. Your body and mind need it.

If you're someone like me, you will probably feel like taking a break is a waste of time. Whenever I try to just relax for at least a day or two, I always feel bad about it.

I think it's simply because of how fun it is. Most of the time you don't feel like you're "working", you're just having fun.

That is not a bad mentality to have, as long as you're not neglecting your rest.

Working full-time in bug bounty doesn't mean you can't take a break.