Finding my first bug in a bug bounty program! Took a great app sec course through my university which encouraged me to get back to practicing with PortSwigger Academy.

Learning how to identify, exploit, and fix XSS, CSRF, SQL injection, and command injection vulnerabilities in an insecure Django app was a big confidence boost to tackle real world bugs. I'm applying what I learned to GraphQL endpoints listed in bug bounty programs.

Just finishing up a great online course on application security. Next goal - find my first bug in a bug bounty program.