.png)
9 months ago
53 BOOK THIS SPACE FOR AD
ARTICLE AD
Hi there! It’s cyberbeat again with something amazing for you. I will be going through the topics which are easy to find and can gather you your initial bounties. Let the drumroll begin…
In the context of bug bounty programs, bugs are often classified by their severity or impact, typically using a scale from P1 to P4.
P1 bugs are the most critical, representing a high security risk.P2 and P3 bugs are of medium severity.P4 bugs are considered low severity.P5 bugs are considered informational severity.P4 bugs can get you around $50-$500 per bug. Later down the line, you can escalate the bugs using these minor bugs and can receive a big payout! Always remember to check the program guidelines; some of the explained could be out-of-scope. You will hurt your points if you submit out-of-scope bugs. So always read the targets in scope and out of scope.
Let’s get into it!
Before you look for bugs, try to explore all the functionalities of the application — what it does and what sort of logic and security measures it have. Let’s discuss some of the easiest bugs.
No Password Policy
Go to the in scope target, create an account and see if you have any password policy enabled. Here are some common password lists. Below are top 100 common passwords-
password123456
123456789
guest
qwerty
12345678
111111
12345
col123456
123123
1234567
1234
1234567890
000000
555555
666666
123321
654321
7777777
123
D1lakiss
777777
110110jp
1111
987654321
121212
Gizli
abc123
112233
azerty
159753
1q2w3e4r
54321
pass@123
222222
qwertyuiop
qwerty123
qazwsx
vip
asdasd
123qwe
123654
iloveyou
a1b2c3
999999
Groupd2013
1q2w3e
usr
Liman1000
1111111
333333
123123123
9136668099
11111111
1qaz2wsx
password1…
Bengali (Bangladesh) · 
English (United States) ·