In this article i will be going over Broken Access Control(BAC) which also includes IDOR. Some might see this as a separate issue type but in reality IDORs are simply another form of BAC.
BAC is a beautiful issue type and i think it’s often overlooked in bug bounties but you have to pick the right target of course! You target needs at least:
- To create accounts or give you accounts
- Different privilege levels
- Direct object references for…