title: "Hacker Success Guide"

path: "/hackers/hacker-success-guide.html"

id: "hackers/hacker-success-guide"

New to hacking or want to sharpen your skills? We’ve created this leveling up guide to help you grow as a hacker and be on your way to earning your first bounties.

1. [Create a HackerOne account](create-an-account.html).

2. Go to [Hacker101](https://www.hacker101.com/).

3. Get started on the [Newcomers Playlist](https://www.hacker101.com/playlists/newcomers) if you’re new to hacking or want a refresher on web hacking basics.

4. Learn about and set up Burp suite through the [Burp Suite playlist](https://www.hacker101.com/playlists/burp_suite).

5. Watch the [Hacker101 videos](https://www.hacker101.com/videos) to be educated on various topics related to hacking so that you can have a broad range of knowledge and understanding of the different areas of hacking.

6. Start the [Hacker101 CTF](https://ctf.hacker101.com/) (Capture the Flag) game where you can hack and hunt for bugs in a safe environment. [Learn how to get started with the Hacker101 CTF](hacker101.html#hacker101-ctf).

* Every time you earn 26 points in the CTF, you’ll be put in the [invitation priority queue](invitations-priority-queue.html) to receive invitations to private programs. Once you receive and accept an invitation to a private program, you’ll be taken out of the priority queue until you earn another 26 points to be put back in the queue.

7. Join the Hacker101 HackerOne [Discord group](https://www.hacker101.com/discord) to ask questions, connect, and learn from other hackers.

8. Finish the Hacker101 CTF. Even if you’ve already received an invitation to a private bug bounty program, we recommend going through all of the CTF curriculum to ensure you learn all of the concepts, so that you can better succeed at hacking.

9. Look for public programs in the [Directory](https://hackerone.com/directory/programs) that you’re interested to hack on. For starters, we suggest IBM, GM, DoD and Verizon Media.

* For starters, we suggest: IBM, GM, DoD, and Verizon Media as good programs to start with.

10. Start hacking and apply all that you’ve learned from Hacker101.

* *Web Hacking 101* by Peter Yaworski

* *The Web Application Hacker's Handbook* by Dafydd Stuttard and Marcus Pinto

* *The Hacker Playbook 2: Practical Guide To Penetration Testing* by Peter Kim

* *Hacking: The Art of Exploitation* by Jon Erickson

* *The Basics of Hacking and Penetration Testing* by Patrick Engebretson

* *RTFM: Red Team Field Manual* by Ben Clark

* Frans Rosen provides some insight as to how to win over security teams and gain influence as a hacker on https://hackerone.com/fransvisitsvegas.

11. [Submit a report](submitting-reports.html) once you’ve found a vulnerability. Submitting valid reports is important for building up your [Reputation](reputation.html), [Signal and Impact](signal-and-impact.html).

* Here’s a guide on what constitutes a [quality report](quality-reports.html).

* You can look at [hacktivity](https://hackerone.com/hacktivity?order_field=popular) and past reports to understand what security teams look for in a quality report.

Once you’ve submitted your first report, the security analyst will review, assess, and validate it. They will typically respond with questions and comments. As security teams handle many reports, it may take a little while to respond back to your report. We recommend giving teams at least a week before asking for updates. While you’re waiting to hear back, we encourage you to keep on hacking and to check out other programs.

Happy hacking!

- title: Hacker Success Guide

path: /hackers/hacker-success-guide.html