Whenever someone asks what bug they should look for I always say IDORs/access control issues particularly across large enterprise level apps (think Atlassian), where you have complex access control rules. While these bugs don't requite advanced technical skills they do require a lot of manual testing, but when you're still looking for your first bug you have a lot of time.
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: [ Ссылка ].
- Social Media -
Discord: [ Ссылка ]
Patreon: [ Ссылка ]
Twitter: [ Ссылка ]
![](https://i.ytimg.com/vi/cV0uoZTLVVY/maxresdefault.jpg)