My debut with a Critical Bug: How I found my first bug (API misconfiguration)

Finally, the day arrived when I could share my own findings, rather than just reading other researchers’ findings (which I truly love to do, as they are a significant source of my motivation). Without further ado, let’s dive into the journey of my first bug discovery. In short, it’s an API misconfiguration bug where I found an API key with potentially dangerous permissions in the request.

Allow me to introduce you to our target with a cliché statement: let’s call …

bug bounty bug-bounty-tips bug-bounty-writeup ethical hacking hackerone