Information Sharing and Analysis Center

Information Sharing and Analysis Center

An international non-profit, solving large problems impacting the connected, digital world on cyber security.


Bug Bounty Researcher (ICBBR)

The ISAC Certified Bug Bounty Researcher a 64 hour Program is a unique opportunity offered by ISAC to experienced as well as inexperienced cybersecurity enthusiasts to get trained, earn rewards and recognition for reporting bugs, especially those related to security exploits and vulnerabilities, legally and ethically.

The Certified Bug Bounty Researcher program allows you to quickly start your career in this challenging, adventurous and rewarding field with hands-on Instructor-led training and virtual labs.

ICBBR Program available on GeM

Unlock Lifetime Access to ISAC Certifications with Complimentary Training and Free of cost Online Internship: pay only for certification and lab costs.​

Standard Price: $300 + GST + Training is Complimentary

NSD Empanelment Price (Optional): $70 + GST


Features & Benefits

One Year Bug Bounty Club Membership

  • New Video Lecture Every Week!
  • Exclusive scripts to fasten your bug bounty process
  • New CVE Guides every month
  • Meet other Bug Bounty Experts

30 Days Access to Cyberange Virtual Labs

  • Exclusive labs on bug bounty
  • Get target and attacker system (kali OS)
  • Cloud-based labs with new challenges added every month!

NSD Empanelment

  • Choose from Cadet or Falcon level for your certification
  • Get exclusive  access to NSD Bug Bounty Researcher Community
  • Enhance your profile credibility globally as a Bug Bounty Hunter

Exclusive Hackathons

  • Win INR 10,000 or more every month with exclusive member Hackathons
  • Submit Disclosures via the BreachPoint platform and earn rewards every week!


Get NSD Empanelment Today!

Learn everything to get started with Bug Bounty programs. Participate with confidence in hackathons and various cybersecurity competitions!

Bug Bounty Fundamentals & Google Dork Mastery

  • Top 10 Rules for Bug Bounties
  • What is Bug Bounty & Basics
  • VAPT vs Bug Bounty
  • Motivation
  • Google Dorking
  • Become Author of Google Dorks
  • OWASP 2013 vs 2017
  • XSS & Techniques
  • Reflected XSS
  • Stored XSS

Hands-On Security Testing with Burp Suite & ZAP

  • Burp suite Lab Setup
  • Owasp ZAP vs Burp suite
  • Authentication Bypass
  • OTP Bypass
  • Captcha Bypass
  • Rate Limiting Attack
  • Race Conditions Attacks

Web Defense Strategies: CSRF to Sensitive Data Exposure

  • CSRF Attacks & Techniques
  • Open Redirect Attacks
  • Cross Origin Resource Sharing Attacks
  • Click Jacking Attacks
  • Sensitive Data Exposure Attacks

Mastering Session Security & HTML Injection

  • HTML Injection Attacks
  • Broken Link Hijacking
  • Session Hijacking
  • Session Fixation
  • Failure to Invalidate Session

Advanced Exploitation Techniques & Web Archives

  • SQL Injection Attacks using SQL map
  • Server Side Request Forgery
  • Local File Inclusion
  • Remote Code Execution
  • Wayback archive

Reconnaissance & Automation Tools for Bug Bounty

  • Shodan
  • Censys
  • Greynoise
  • Github Recon
  • Automation using bash
  • Subdomain Enumeration
  • Subdomain Takeovers

Practical Web Application Fuzzing & Reporting

  • Fuzzing Web Application
  • Report writing
  • Reporting Templates
  • Pentesing / Bug Bounty Checklist
  • Mindmaps
  • Tips and Tricks
  • Ethics in Bug Bounty
  • Clean Exit Code of Conduct
  • Capstone Project
  • How to kick start your bug bounty journey

Course Benefits

The NSD Certified Bug Bounty Researcher allows you to quickly get started with hunting bugs and earning rewards from various bug bounty programs!

Register with confidence in various hackathons and hacking competitions after doing this course!

Mastering the program will set you in the right direction with potential recruiters. Get jobs in cyber security faster with experience in bug bounty hunting!


Batch start Dates for the next Quarter

The course is for seven days and is scheduled every month. The lectures for each month/batch will be held on the following dates:

You will get weekly assignments and research work to enhance your course understanding. 

July Batch

4PM - 7PM

  • 6th July 2024
  • 7th July 2024
  • 13th July 2024
  • 14th July 2024
  • 20th July 2024
  • 21st July 2024
  • 27th July 2024

Written Test – Jul 28th 2024 7:30 PM – 9:30 PM

Lab Test – Jul 28th 10 PM to Jul 29th 10 PM

August Batch


  • 3rd Aug 2024
  • 4th Aug 2024
  • 10th Aug 2024
  • 11th Aug 2024
  • 17th Aug 2024
  • 18th Aug 2024
  • 24th Aug 2024

Written Test – Aug 25th 2024 7:30 PM – 9:30 PM

Lab Test – Aug 25th 10 PM to Aug 26th 10 PM

September Batch


  • 7th Sep 2024
  • 8th Sep 2024
  • 14th Sep 2024
  • 15th Sep 2024
  • 21st Sep 2024
  • 22nd Sep 2024
  • 28th Sep 2024

Written Test – Sep 29th 2024 7:30 PM – 9:30 PM

Lab Test – Sep 29th 10 PM to Sep 30th 10 PM


Delivered online (Instructor Led Live Video sessions), 21 training hours in total.

17 hours Virtual Labs Practice 

Application Deadline

  • One day before the start date of class every month

Who Should Attend

The course is best suited for:

  • Security Researchers
  • Students and Professionals keen in bug bounty programs
  • Candidates participating in Hackathons
  • Teams participating in Security Competitions
  • Aspiring security professionals
  • Military and police personnel Personnel
  • Preferably should have undergone CCIO + CPEW, ICBIS, ICPT 


The exam consists of 24 hours CTF exam and 3 hours of MCQ exam.

What you get

30 Days Access to Cyber Range Virtual Labs

Get 30 days access to Cyber Range Virtual Labs – Practice with predefined vulnerable Applications and Kali OS Distribution in the cloud, in an exclusive private network only for you!

Access to e-learning videos

Get 60 days access to course videos on the ISAC e-learning portal, updated regularly!

Clean Exit Professional Ethics Certification

The program includes Clean Exit Professional Ethics Certification that is mandatory for empanelment in the National Security Database. You can review the Bug Bounty Code of Conduct here.

Profile in the National Security Database

Get listed in the National Security Database program at the Cadet level by completing the Bug Bounty Researcher certification. 

Opportunity to participate in exclusive hackathons

Get the opportunity to participate in unique hackathons and competitions from ISAC regularly!

Bug Bounty Researcher Certificate

3 Examination Attempts

You can appear for the examination 3 times in the same fee.

30 Days Access to Cyber Range Virtual Labs

The NSD Bug Bounty Researcher is a fully hands-on program! You get access to Cyber Range Virtual Labs for 30 days. Gain practical knowledge and fundamental skills with multiple vulnerable applications and Kali OS Distribution on the cloud exclusively for you.
Hands On Labs