Why Become a Hunter?
Earn rewards for finding vulnerabilities
Learn and grow by working on real-world systems
Join a trusted community of ethical hackers worldwide
Make the internet safer for everyone
Step 1: Create Your YesWeHack Account
Sign up as a Hunter
Complete your profile — include your skills and experience to access more programs
ℹ️ To know how to sign up on the YesWeHack platform, click here.
Note: YesWeHack requires identity verification (KYC) for researchers to submit reports and be invited to private programs.
Step 2: Read and accept the Code of Conduct
Before you start hunting, you must read and accept the YesWeHack Code of Conduct. This is mandatory for all users and ensures responsible interaction on the platform:
Respect the confidentiality of data and systems
Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue
Test only within the defined scope of the program
Communicate clearly, professionally, and constructively
Do not disrupt service availability (e.g., no DoS/DDoS)
Comply with all applicable laws and regulations
Please click “I have read and accept” before accessing the platform.
ℹ️ Click here to read the YesWeHack Code of conduct.
ℹ️ If you already have an account, you can review the Code of Conduct anytime in your notifications (“Messages” tab):
Step 3: You’re new to bug bounty and want to practice?
Here are some tools and documentation to help you get started:
Start Hunting – Your entry point to bug bounty with guides, tools, and practice labs.
Quick Guides – Practical techniques like parameter discovery and reconnaissance.
Report Writing Tips – Learn how to structure clear, professional reports.
YesWeHack Dojo – Practice in a training environment (accessible here).
ℹ️ Find all blog articles here.
Step 4: Begin with Dojo Challenges
Before jumping into real programs, we recommend starting with YesWeHack Dojo.
Start by submitting a report on a Dojo challenge.
Dojo offers safe, hands-on challenges designed to help you practice and sharpen your skills without any risk.
Access Dojo challenges here
Complete challenges and submit your first Report (on the DOJO) to learn common vulnerabilities and reporting techniques
Build confidence before moving to real-world programs.
Once you’ve mastered this step, you’ll be ready to submit reports on public programs.
Step 5: Submit Your First Report
Once you’re comfortable with the YesWeHack Dojo, browse “My programs” tab. These are open to all hunters.
Click on a program card to learn more
Read each program’s Scope and Rules carefully before testing
ℹ️ To know how to select a Bug Bounty program, click here.
ℹ️ Once you build a reputation, you’ll get invite to private programs.
Pro tip: A good report includes:
Steps to reproduce the vulnerability
Impact and severity
Suggested remediation
Use clear, structured language
ℹ️ To know more about Reports' Metadata and Title generation, click here
Step 6: Build Your Reputation
Deliver quality reports.
Stay active and responsive to program updates: scopes, reward grids, and rules can change — always check the latest details before testing
Engage with the community on our platform
ℹ️ It is possible to collaborate between hunters, learn more here.
Submitting more high-quality reports helps you get recognized as a trusted hunter and invited to more programs.
Pro Tips
Always test within the defined scope
Follow the rules of the platform
Keep learning — security evolves fast