India's leading non-profit foundation advancing national cyber security and professional ethics at workplace


Bug Bounty Researcher (NCBBR)

The NSD Certified Bug Bounty Researcher Program is a unique opportunity offered by ISAC to experienced as well as inexperienced cybersecurity enthusiasts to get trained, earn rewards and recognition for reporting bugs, especially those related to security exploits and vulnerabilities, legally and ethically.

The Certified Bug Bounty Researcher program allows you to quickly start your career in this challenging, adventurous and rewarding field with hands-on Instructor-led training and virtual labs.


Features & Benefits

One Year Bug Bounty Club Membership

  • New Video Lecture Every Week!
  • Exclusive scripts to fasten your bug bounty process
  • New CVE Guides every month
  • Meet other Bug Bounty Experts

30 Days Access to Cyberange Virtual Labs

  • Exclusive labs on bug bounty
  • Get target and attacker system (kali OS)
  • Cloud-based labs with new challenges added every month!

NSD Certification and Researcher ID Card

  • Choose from Cadet or Falcon level for your certification
  • Get the exclusive NSD Bug Bounty Researcher ID Card
  • Enhance your profile credibility globally as a Bug Bounty Hunter

Exclusive Hackathons

  • Win INR 10,000 or more every month with exclusive member Hackathons
  • Submit Disclosures via the BreachPoint platform and earn rewards every week!


Get NSD Certified Today!

Learn everything to get started with Bug Bounty programs. Participate with confidence in hackathons and various cybersecurity competitions!

Day One

  • Top 10 Rules for Bug Bounties
  • What is Bug Bounty & Basics
  • VAPT vs Bug Bounty
  • Motivation
  • Google Dorking
  • Become Author of Google Dorks
  • OWASP 2013 vs 2017
  • XSS & Techniques
  • Reflected XSS
  • Stored XSS

Day Two

  • Burp suite Lab Setup
  • Owasp ZAP vs Burp suite
  • Authentication Bypass
  • OTP Bypass
  • Captcha Bypass
  • Rate Limiting Attack
  • Race Conditions Attacks

Day Three

  • CSRF Attacks & Techniques
  • Open Redirect Attacks
  • Cross Origin Resource Sharing Attacks
  • Click Jacking Attacks
  • Sensitive Data Exposure Attacks

Day Four

  • HTML Injection Attacks
  • Broken Link Hijacking
  • Session Hijacking
  • Session Fixation
  • Failure to Invalidate Session

Day Five

  • SQL Injection Attacks using SQL map
  • Server Side Request Forgery
  • Local File Inclusion
  • Remote Code Execution
  • Wayback archive

Day Six

  • Shodan
  • Censys
  • Greynoise
  • Github Recon
  • Automation using bash
  • Subdomain Enumeration
  • Subdomain Takeovers

Day Seven

  • Fuzzing Web Application
  • Report writing
  • Reporting Templates
  • Pentesing / Bug Bounty Checklist
  • Mindmaps
  • Tips and Tricks
  • Ethics in Bug Bounty
  • Clean Exit Code of Conduct
  • Capstone Project
  • How to kick start your bug bounty journey

Course Benefits

The NSD Certified Bug Bounty Researcher allows you to quickly get started with hunting bugs and earning rewards from various bug bounty programs!

Register with confidence in various hackathons and hacking competitions after doing this course!

Mastering the program will set you in the right direction with potential recruiters. Get jobs in cyber security faster with experience in bug bounty hunting!


Shifa Cyclewala

ISAC Certified Instructor
Email: shifa [at]
Shifa is a web and mobile application developer with a keen interest in cybersecurity field.

Rohit Gautam

ISAC Certified Instructor
Email: rohit [at]
Rohit is an avid security researcher with special interest in network exploitation and web application security analysis.

Batch start Dates for the next Quarter

The course is for seven days and is scheduled every month. The lectures for each month/batch will be held on the following dates:

January 2022

03:00 to 05:00 PM

  • 8th January
  • 9th January
  • 15th January
  • 16th January
  • 22nd January
  • 23rd January
  • 29th January

Exam – 30th January 2021

February 2022

03:00 to 05:00 PM

  • 5th February
  • 6th February
  • 12th February
  • 13th February
  • 19th February
  • 20th February
  • 26th February

Exam – 27th February 2022

March 2022

03:00 to 05:00 PM

  • 5th March
  • 6th March
  • 12th March
  • 13th March
  • 19th March
  • 20th March
  • 26th March

Exam – 27th March 2022

You will get weekly assignments and research work to enhance your course understanding. 


Delivered online (Live Video sessions), 15 training hours in total.

Application Deadline

  • One day before the start date of class every month

Who Should Attend

The course is best suited for:

  • Security Researchers
  • Students and Professionals keen in bug bounty programs
  • Candidates participating in Hackathons
  • Teams participating in Security Competitions
  • Aspiring security professionals
  • Military and police personnel


The exam consists of 50 multiple choice questions out of which the candidates need to correctly answer a minimum of 60% questions to clear the exam successfully. The exam is conducted on the last day of the course. If you miss attending the session, you can appear for the exam with the next batch. You get a total of three attempts at no additional cost.

What you get

Get 30 days access to Cyber Range Virtual Labs - Practice with predefined vulnerable Applications and Kali OS Distribution in the cloud, in an exclusive private network only for you!

Get 60 days access to course videos on the ISAC e-learning portal, updated regularly!

The program includes Clean Exit Professional Ethics Certification that is mandatory for empanelment in the National Security Database. You can review the Bug Bounty Code of Conduct here.

Get listed in the National Security Database program at the Cadet level by completing the Bug Bounty Researcher certification. 

Get the opportunity to participate in unique hackathons and competitions from ISAC regularly!

30 Days Access to Cyber Range Virtual Labs

The NSD Bug Bounty Researcher is a fully hands-on program! You get access to Cyber Range Virtual Labs for 30 days. Gain practical knowledge and fundamental skills with multiple vulnerable applications and Kali OS Distribution on the cloud exclusively for you.
Hands On Labs


Earn more benefits with the NSD Certification pack

NSD Cadet Certification Pack

Save over 50% with the NSD Cadet Certification Pack (INR 13,300 total savings)
INR 10,000 + GST
  • Seven Days Instructor-Led Training worth INR 5000
  • One Year Access to Bug Bounty Club Plus Membership worth INR 5000
  • E-learning Access to the Video Lectures worth INR 5000
  • 30 Days Cyberange Virtual Labs worth INR 3000
  • NSD Cadet Level Certification Voucher worth INR 2500
  • Includes 2 Days Clean Exit Ethics Certification Training worth INR 2500
  • Includes Clean Exit Ethics Certification Exam Voucher worth INR 300
  • Opportunity to participate in Exclusive Hackathons
  • NSD Bug Bounty Researcher Training Completion Certificate
  • NSD Bug Bounty Researcher Cadet Empanelment Certificate
  • NSD Cadet Researcher ID Card

Make your own
  • Individual
  • Awesome