First, I want to thank everyone who shared my last write-ups. I really enjoyed seeing people support and motivate me!

Today, I decided to share my approach — from zero to finding valid bugs on any target.

Note: I’m not a big fan of tools or recon. My hunting is 100% manual — just me and Burp Suite.😊❤

Let’s get started!

If you love API testing and logic bugs, you should look for SaaS programs. They’re everywhere! My favorite type of SaaS targets usually have:

• Plans (like Free, Pro, Enterprise)
• Teams (team management features)
• A lot of features
• REST API

When I open a target with these four things, I feel confident Inshallah I’ll find bugs there.

How I approach bug hunting

For every target, I create tasks for myself.

Task 1: Understand the app like a normal user

• This is the most important step. I spend 3–4 days just testing and understanding every function.
• The best tool at this step is the program’s documentation — it helps me understand how the app works.
• Sometimes, I even find bugs just by deep diving into the docs — it’s one of my favorite tools!

But I’m not here just to use the app. Let’s move to the next step.

Task 2: Catching “No” moments (NOS)

What is NOS?

• NOS = “No” or “You can’t do this.”
• Examples:
• You can’t do this on a free plan.
• You can’t perform this action as a normal user.
• You can’t create more than one project.

For me, every NOS = a possible bug if I can bypass it!

How to bypass NOS?

• This depends on your knowledge. When you see a restriction (“NOS”), you should start thinking of different ways to bypass it.
• If you have good API knowledge, understand logic bugs, and have read many write-ups, you’ll be able to generate many bypass scenarios in your mind.
• Sometimes, I read a write-up where someone tested a function very similar to my target. If they explain why they couldn’t bypass it, I start thinking: How can I make this work on my target?