Key steps to choose the right program
Choosing the right Bug Bounty program is a key step in your journey as a Hunter. YesWeHack provides a dedicated space where you can browse, filter, and explore programs before submitting reports.
Why it matters
Not all programs are the same: scope, rules, and rewards can differ.
Understanding how to navigate the program list helps you target opportunities that fit your skills.
A good choice increases your chances of valid findings and faster rewards.
Step 1: Access the list of programs
Log in to your Hunter account
Go to the 'My Programs' section from the main menu
You will see the full list of available Bug Bounty programs
Step 2: Use filters to refine your search
On top of the Programs page, you can filter by:
Scope Type (web, mobile, APIs, IoT, etc.)
Reward (0 – 20,000+)
Status (active, disabled)
Additional filters (country, collaboration, etc.)
This helps narrow down the programs that best match your skills and objectives.
Step 3: Open a program and check details
Click on “view program” to open its dedicated page.
Carefully read:
Scope of testing (what is in and out of scope)
Reward policy (what makes a report valid and eligible to a bounty)
Rules of engagement
Check hunting requirements and qualifying/non qualifying vulnerabilities
Participate if you agree with the rules and the scope matches your expertise.
ℹ️ You need to be KYC verified before submitting a report. Learn more here.
Best practices
Always check scope carefully before testing.
Start with public programs to practice before being invited to private ones.
Prioritize programs matching your strongest skill set.
Respect program rules to avoid invalid submissions.
ℹ️ To read the platform code of conduct, click here.
Expected outcome
By mastering the program list and filters, you will:
Save time finding relevant opportunities.
Avoid testing out-of-scope assets.
Focus on programs that maximize your success rate.