If I had to explain what it is all about in one sentence, it would be easy:

Bughacking = bug bounty hunting + ethical hacking.

Bughacking is a website that aims on educating about ethical hacking and how penetration testing skills can be used in a legal way.

And one of the best ways of using these rare skills of penetration testing is to use them on various programs from bug bounty platforms.

Bughacking explains about different penetration testing tools, and techniques that might help to find bugs talks about leveling up your skills (by reviewing and recommending books, courses, vulnerable labs, etc.), talks about security researchers’ mental health.

I, being a penetration tester, will try to provide value and share what I’ve learned along my journey.

I also believe that hacking should be fun and endorse purple hat hacking – a type of hacking that is performed on your own machine in order to level up your skills that, later on, can be used for good intentions. This is why there is so much purple on the website.


As a disclaimer, I must say that this blog does not endorse any form of illegal activity. Articles on the website focus on learning penetration testing on the legal targets that were created either by OWASP or the cyber security community. Security testing should be performed only with the permission of the system’s owner. Black hat topics are not discussed here.