My original work is done! The pressure had really been mounting on me up until the last moment. I had actually done all of the penetration testing over the past few days before the due date, but didn't keep sufficient logs or screenshots of my actions while. In short, I was forced to retrace all of the steps I took within a very short time span. As expected, I was unable to find any security vulnerabilities on the target website. I tested for many of the most common vulnerabilities, but it seems as though any vulnerabilities they do have are hidden on a level much more obscure than an amateur pentester like me could see. Nevertheless, trying out my first bug bounty has turned out to be a fantastic learning experience. Merely reading about all these different web vulnerabilities would have never given me this great hands-on experience with actually attempting to exploit XSS, SQLi, etc. Rather than lamenting that I was unable to collect a bug bounty, I will view my original work as an important to step to my future growth as a pentester. In addition, even a pentest report that finds nothing is valuable to the company in question, since you are affirming the strength of their web application for them.Â
Charles Wolfe