"Easiest" Beginner Bugs? Access Control and IDORs

Whenever someone asks what bug they should look for I always say IDORs/access control issues particularly across large enterprise level apps (think Atlassian), where you have complex access control rules. While these bugs don't requite advanced technical skills they do require a lot of manual testing, but when you're still looking for your first bug you have a lot of time.

This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking …

access access control access control issues advanced apps atlassian beginner bug bugs control don enterprise large media rules skills social social media technical testing