When I feel satisfied with scoping, I have usually gotten an idea about the different sections. It’s not an exact science, but you just know that a custom, giant e-commerce PHP app is going to have more goodies than a random informational site with static content. I guess it would be more effective to base it on some sort of data, but I just go with gut feel on this.
What’s your approach when you don’t get any response for your submissions for months ? What should be the right approach If i face this kind of problem ?
In fact, my approach is just to ignore the target and go for another one. There’s plenty to choose from and if they don’t take the bug bounty program seriously enough to respond within a reasonable amount of time then I don’t think I want to participate anyway.
Hey @geekboy ! In my experience, logical bugs often require a thorough understanding of the application and thus are generally one of the last things I will look for. One example of a logical bug was a webshop that had voucher/discount functionality that didn’t allow you to use multiple vouchers for one order. However, if you cancelled the order after going to the payment provider, the “voucher used” count was reset and you could add another voucher. This could be repeated until you got the order for free