🧠 Why I’m Starting
I've decided to begin my bug bounty journey — not because I'm an expert, but because I want to learn the right way from zero.
This blog is my daily log — what I learn, what I fail at, and what I figure out.
📚 What I Learned Today – Day 1
✅ What bug bounty is
✅ HTTP requests and responses
✅ Cookies, authorization headers, and login logic
✅ Analyzed real web requests using DevTools
🔍 One Concept That Stuck – IDOR
Changing a URL like ?id=101 to ?id=102 might expose other users' data if the app doesn't check permissions properly.
💭 Reflections
I didn’t use any tools today — just focused on understanding the basics, which is a big win.
Tomorrow, I’ll explore IDOR more deeply through labs and examples.
If you're reading this and have tips or feedback, feel free to drop a comment
Top comments (0)