New or experienced, learn about various vulnerability types on custom made web application challenges based on real bug bounty findings! Learn about new techniques and bypasses whilst embracing the mindset of a hacker.
The stage is yours, take it and have some fun!Browse free challenges
For newcomersChecking if a whitelisted string is found is a bad approach
For newcomersYou may only redirect to *.bugbountyhunter.com
Open RedirectBrowse challenge
🔥 Level upThere's cross site request forgery (CSRF) protection, but how good is it?
For newcomersCan you find any XSS on this "harmless" page?
FastFoodHackings is a demo web application designed to test your approach to discovering vulnerabilities. You've learnt about various vulnerability types from our other challenges, but now can you go and find them without knowing where they are?
Please note there is no triage available for this demo.Visit playground
Take your learning to the next level and put your knowledge & skills around web vulnerabilities to the test and apply them on our fully working web application dubbed BARKER.
BARKER contains over 100 real-life vulnerabilities, real bugs from real life scenarios, all you have to do is understand the features & begin testing for vulnerabilities!
True hacker style. Signup, login and begin interacting with the various features and start testing for vulnerabilities instantly.
Gain confidence as you go through the application & begin to understand how everything works, parameters used etc, rather than being told, "there's xss here, can you find the bypass?". Over time the more you play with BARKER, the more you'll begin to find. How many bugs are staring at you in the face?Learn more about joining BugBountyHunter
An article contributed by one of our top hackers,
iBruteforce giving you tips and advice on taking effective notes when participating in bug bounties