Information Sharing and Analysis Center

Information Sharing and Analysis Center

An international non-profit, solving large problems impacting the connected, digital world on cyber security.


Bug Bounty Researcher (ICBBR)

The ISAC Certified Bug Bounty Researcher Program is a unique opportunity offered by ISAC to experienced as well as inexperienced cybersecurity enthusiasts to get trained, earn rewards and recognition for reporting bugs, especially those related to security exploits and vulnerabilities, legally and ethically.

The Certified Bug Bounty Researcher program allows you to quickly start your career in this challenging, adventurous and rewarding field with hands-on Instructor-led training and virtual labs.

ICBBR Program available on GeM

Standard Price: ₹75,000 + GST 

Special Offer Price for Students: ₹20,000 + GST

Special Prices for Professionals and Corporates: Contact Us

Promotional price valid till 31st October 2023


Features & Benefits

One Year Bug Bounty Club Membership

  • New Video Lecture Every Week!
  • Exclusive scripts to fasten your bug bounty process
  • New CVE Guides every month
  • Meet other Bug Bounty Experts

30 Days Access to Cyberange Virtual Labs

  • Exclusive labs on bug bounty
  • Get target and attacker system (kali OS)
  • Cloud-based labs with new challenges added every month!

NSD Empanelment

  • Choose from Cadet or Falcon level for your certification
  • Get exclusive  access to NSD Bug Bounty Researcher Community
  • Enhance your profile credibility globally as a Bug Bounty Hunter

Exclusive Hackathons

  • Win INR 10,000 or more every month with exclusive member Hackathons
  • Submit Disclosures via the BreachPoint platform and earn rewards every week!


Get NSD Empanelment Today!

Learn everything to get started with Bug Bounty programs. Participate with confidence in hackathons and various cybersecurity competitions!

Day One

  • Top 10 Rules for Bug Bounties
  • What is Bug Bounty & Basics
  • VAPT vs Bug Bounty
  • Motivation
  • Google Dorking
  • Become Author of Google Dorks
  • OWASP 2013 vs 2017
  • XSS & Techniques
  • Reflected XSS
  • Stored XSS

Day Two

  • Burp suite Lab Setup
  • Owasp ZAP vs Burp suite
  • Authentication Bypass
  • OTP Bypass
  • Captcha Bypass
  • Rate Limiting Attack
  • Race Conditions Attacks

Day Three

  • CSRF Attacks & Techniques
  • Open Redirect Attacks
  • Cross Origin Resource Sharing Attacks
  • Click Jacking Attacks
  • Sensitive Data Exposure Attacks

Day Four

  • HTML Injection Attacks
  • Broken Link Hijacking
  • Session Hijacking
  • Session Fixation
  • Failure to Invalidate Session

Day Five

  • SQL Injection Attacks using SQL map
  • Server Side Request Forgery
  • Local File Inclusion
  • Remote Code Execution
  • Wayback archive

Day Six

  • Shodan
  • Censys
  • Greynoise
  • Github Recon
  • Automation using bash
  • Subdomain Enumeration
  • Subdomain Takeovers

Day Seven

  • Fuzzing Web Application
  • Report writing
  • Reporting Templates
  • Pentesing / Bug Bounty Checklist
  • Mindmaps
  • Tips and Tricks
  • Ethics in Bug Bounty
  • Clean Exit Code of Conduct
  • Capstone Project
  • How to kick start your bug bounty journey

Course Benefits

The NSD Certified Bug Bounty Researcher allows you to quickly get started with hunting bugs and earning rewards from various bug bounty programs!

Register with confidence in various hackathons and hacking competitions after doing this course!

Mastering the program will set you in the right direction with potential recruiters. Get jobs in cyber security faster with experience in bug bounty hunting!


Shifa Cyclewala

ISAC Certified Instructor
Email: shifa [at]
Shifa is a web and mobile application developer with a keen interest in cybersecurity field.

Rohit Gautam

ISAC Certified Instructor
Email: rohit [at]
Rohit is an avid security researcher with special interest in network exploitation and web application security analysis.

Batch start Dates for the next Quarter

The course is for seven days and is scheduled every month. The lectures for each month/batch will be held on the following dates:

No event found!

You will get weekly assignments and research work to enhance your course understanding. 


Delivered online (Instructor Led Live Video sessions), 21 training hours in total.

15 hours Virtual Labs Practice

Application Deadline

  • One day before the start date of class every month

Who Should Attend

The course is best suited for:

  • Security Researchers
  • Students and Professionals keen in bug bounty programs
  • Candidates participating in Hackathons
  • Teams participating in Security Competitions
  • Aspiring security professionals
  • Military and police personnel


The exam consists of 24 hours CTF exam and 3 hours of MCQ exam.

What you get

30 Days Access to Cyber Range Virtual Labs

Get 30 days access to Cyber Range Virtual Labs – Practice with predefined vulnerable Applications and Kali OS Distribution in the cloud, in an exclusive private network only for you!

Access to e-learning videos

Get 60 days access to course videos on the ISAC e-learning portal, updated regularly!

Clean Exit Professional Ethics Certification

The program includes Clean Exit Professional Ethics Certification that is mandatory for empanelment in the National Security Database. You can review the Bug Bounty Code of Conduct here.

Profile in the National Security Database

Get listed in the National Security Database program at the Cadet level by completing the Bug Bounty Researcher certification. 

Opportunity to participate in exclusive hackathons

Get the opportunity to participate in unique hackathons and competitions from ISAC regularly!

Bug Bounty Researcher Certificate

30 Days Access to Cyber Range Virtual Labs

The NSD Bug Bounty Researcher is a fully hands-on program! You get access to Cyber Range Virtual Labs for 30 days. Gain practical knowledge and fundamental skills with multiple vulnerable applications and Kali OS Distribution on the cloud exclusively for you.
Hands On Labs