Thursday, March 28

Inspiring Story of a Student From 25000 Loan To Winning 3 Lakh Facebook Bug Bounty Program

I did my 12th on scholarship. Got 65% marks in 12th and failed to qualify IIT-JEE and AIEEE. Dropped a year to prepare on my own, was not able to afford the extra financial pressure of coaching . Next year result was better but not good enough to get admission in government colleges.

My father said “we can’t afford engineering, join the local college for B.Sc”.

That was tough for me, I contacted few private college and got to know I can get admission on my present rank and 12th marks.

But “Where’s the money ?” dad asked.

“Give me 25K , that’ll confirm the admission and then we’ll talk to banks for education loan” I replied.

“I earn 8k per month, 25k is big deal but don’t worry I’ll ask my boss if he could help” dad replied.

Next day he borrowed 25k from his boss, asked one of his friend to convert that in DD (demand draft) . I got the DD by 5 PM and next day took a general ticket to Delhi.

I got the admission and later with little struggle got the loan as well.

From the 1st day there was this extra pressure of loan.

Somewhere in second year I came to know about this term Bug bounty program , where big company pay for reporting security issues in their website. It took me almost a year to learn in and out of security, meanwhile I got a cheap laptop.

And one Sunday afternoon I reported few security bugs to Facebook (notes and message).

Monday evening I got a mail from Facebook and Bang !

I was not able to sleep that night. $5000 (3 lakh) was a big deal, I had never seen that much amount in my account or even in my dad’s account.

Next day I took the day off from classes to calm down but one of my teacher called and asked me to come (It was all over my Facebook).

I made a guest appearance for 5 minute with a copy of W-8BEN form in my hand. (Someone clicked this pic ), whole class congratulated.

Next day it was in newspaper,

After this I never stopped, I became financially independent. Paid my education loan that year, got clients from all over the world, contributed to security of 500+ websites.

Now Ranked #62 (worldwide) on Google bug bounty program > Vulnerability Reward Program

Made my first million in college and got covered by national/international newspapers and blogs.

Meet the Bugcrowd – Bughunter profile of Manish Bhattacharya @umenmactech

Indians top league of nerds in spotting bugs for tech companies – The Economic Times

बग बाउंटी हासिल करने में अमेरिकियों से आगे हैं भारतीय – Navbharat Times

Few friends asked “how to get started with bug bounty ?” , I guess first step will be this classic book on web application security Buy The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws Book Online at Low Prices in India

NOTE: The story was first published on Quora.