u/Ill-Nose-5970

I’ve heard a lot of advice saying the best way to find bug is to hone in on one program and investigate it in depth. I want to push back on that as well as get your guy’s options.

A bit of background on me and my setup because I think it’s relevant to my argument: I’m a recently unemployed big tech software engineer turned bug bounty hunter. I have a a powerful homelab and rent 4 VPSs to maximize network output which I use to run basically every security scan/tool you can think of on every h1 and big crowd program. I use claude code (100$ plan) to investigate the findings from the scans.

From my experience I have had far more success spending no more than a day investigating each program typically multiple at a time vs honing in on one program. If I am unable to find any primitives or routes to potential primitives I quickly move on to the next program.

I want to be clear I am an inexperienced hacker and have only been doing this for 2 months but in that time I’ve found 2 crits and a few lower severity findings.

I’m curious to get your guy’s options on this matter. Am I doing myself a disservice by prioritize breadth?

I do this basically exclusively so long as there is an enchanted item with a route to a good build. For example on Mak if I get a regen item with a fire enchanted I’ll go a regen fire build.

But I’m open to other options and I’m really just curious as to what you guys do.

I submitted a critical to an H1 program an engineer made the fix immediately and then asked me to test. I tested it was fixed and then no response for 2 weeks.

Does anyone have any advice for what to do? I can’t submit mediation yet I haven’t reached the signal requirement