u/Current_Dinner_5162

I’ve been doing bug bounty for around 5 months now. So far, I’ve found and reported one valid bug (information disclosure).

Recently I’ve been studying API attacks, GraphQL attacks, and broken access control, and I’m trying to improve my methodology.

Right now, I feel like I understand the technical side of these vulnerabilities, but I still struggle with actually finding logic bugs and access control issues during real hunting.

I’d really appreciate advice from more experienced hunters:

• How do you approach finding business logic vulnerabilities?
• What’s your process for discovering broken access control / IDOR issues in real targets?
• How do you think about application workflows when testing?
• Is there anything important I might be missing or should focus on learning next?

I’m trying to move beyond just learning vulnerability categories and start thinking more like an actual hunter during testing.

Any advice, learning resources, or mindset tips would be really appreciated

I’ve been doing bug bounty for around 5 months now. So far, I’ve found and reported one valid bug (information disclosure).

Recently I’ve been studying API attacks, GraphQL attacks, and broken access control, and I’m trying to improve my methodology.

Right now, I feel like I understand the technical side of these vulnerabilities, but I still struggle with actually finding logic bugs and access control issues during real hunting.

I’d really appreciate advice from more experienced hunters:

• How do you approach finding business logic vulnerabilities?
• What’s your process for discovering broken access control / IDOR issues in real targets?
• How do you think about application workflows when testing?
• Is there anything important I might be missing or should focus on learning next?

I’m trying to move beyond just learning vulnerability categories and start thinking more like an actual hunter during testing.

Any advice, learning resources, or mindset tips would be really appreciated

I’ve been doing bug bounty for around 5 months now. So far, I’ve found and reported one valid bug (information disclosure).

Recently I’ve been studying API attacks, GraphQL attacks, and broken access control, and I’m trying to improve my methodology.

Right now, I feel like I understand the technical side of these vulnerabilities, but I still struggle with actually finding logic bugs and access control issues during real hunting.

I’d really appreciate advice from more experienced hunters:

• How do you approach finding business logic vulnerabilities?
• What’s your process for discovering broken access control / IDOR issues in real targets?
• How do you think about application workflows when testing?
• Is there anything important I might be missing or should focus on learning next?

I’m trying to move beyond just learning vulnerability categories and start thinking more like an actual hunter during testing.

Any advice, learning resources, or mindset tips would be really appreciated.

I’ve been doing bug bounty for around 5 months now. So far, I’ve found and reported one valid bug (information disclosure).

Recently I’ve been studying API attacks, GraphQL attacks, and broken access control, and I’m trying to improve my methodology.

Right now, I feel like I understand the technical side of these vulnerabilities, but I still struggle with actually finding logic bugs and access control issues during real hunting.

I’d really appreciate advice from more experienced hunters:

• How do you approach finding business logic vulnerabilities?
• What’s your process for discovering broken access control / IDOR issues in real targets?
• How do you think about application workflows when testing?
• Is there anything important I might be missing or should focus on learning next?

I’m trying to move beyond just learning vulnerability categories and start thinking more like an actual hunter during testing.

Any advice, learning resources, or mindset tips would be really appreciated.

I’m currently learning bug bounty / web security, and I want to start moving into cloud bug bounty / cloud pentesting (AWS, Azure, GCP).

Before jumping into cloud-specific labs and exploitation, I want to build the right foundations first.

What are the core fundamentals / prerequisites I should study and understand well before taking cloud bug bounty seriously?

If anyone here has followed a similar path, I’d really appreciate it if you could share a roadmap or recommend good learning resources to get started.