How to succeed in bug bounty as a non-talented bug hunter
When I started bug bounty hunting about 4 years ago. I looked up information about top bug bounty hunter and wondered how are they hunting bugs and grow their H1 reputation so fast. 1 year later, when I found my 1st, 10th, 20th bugs. I still had this question. Because although I had found some bugs, it took me a few days to find one. Recently, as I get more mature in bug bounty. I start to develop a deep understanding for a program. I see many attack surfaces that other people don't realize. When this program releases a new feature, I check if this feature can be abused to attack the attack surfaces A, B, C or D. Oftentimes, at least 1+ bugs are found. When I keep hunting on this program and discover a new attack surface, I check if any existing features can be abused to attack this attack surface. Oftentimes, at least 1+ bugs are found. When there is no new released feature and attack surfaces. I sometimes wander the program, looking at already tested features and to my surprise.