DELTA OBSCURA

We are the team behind Mission Cyber Sentinel, a mission dedicated to securing 446,000 digital assets globally.

GitHub

CVE Hunting Guide

By 0xhamy 11:52 AM - October 24th 2025
CVE Hunting Guide

For a long time, our team has received questions from people asking what resources they could use to become CVE hunters like us. In the past, we often shared reading materials or hosted 1-on-1 sessions to teach the essentials. However, those efforts were manual and time-consuming.

To make this knowledge accessible to everyone, members of Delta Obscura collaborated to create a comprehensive guide that’s completely free. This guide is designed to take you from zero to confidently and responsibly reporting vulnerabilities, securing digital assets and users, and gaining recognition for your discoveries through CVEs.

Success stories

Perhaps one of the best things about our CVE hunting guide is the success stories of people who took, some who had prior experience and some were completely new to the field and managed to get their own CVEs. Here are some of our success stories:

KhanMarshai

KhanMarshai is one of our members, he managed to get credited with 8 CVEs in under a month, he had some prior cybersecurity experience but no CVEs before joining Delta Obscura. Today he is one of our contributors who has also contributed to Cyber Diplomat Initiative. His findings can be found in our vulnerability database.

Guide Information

Name Version Release Date Link
CVE Hunting Guide 1.0.0 August 23, 2025 Download

Opportunities

What to do after gaining these skills, what's the point and how can you use them for good?
CVE hunting is really about identifying vulnerabilities in open-source software/hardware because you want to keep the cyber space safer, here are things you can do after going through our guide:

  • Hunt for profit on Huntr.com; earn CVEs and money
  • Hunt for profit on Bugcrowd or HackerOne; earn CVEs and money
  • Hunt on open-source projects on GitHub and build a reputation as a vulnerability research (like we have)
  • Join Delta Obscura and participate in our global cybersecurity missions and earn recognition for humanitarian cyber work

Feedback and Updates

We update this guide periodically as we continue to learn, refine our methods, and identify improvements that benefit the vulnerability research community.

If you enjoy the book or have suggestions for future versions, please reach out to our members on LinkedIn or Discord, we value your feedback and consider it carefully for upcoming updates.