Before submitting a report on @Hacker0x01 , it's essential to understand how reports are reviewed by programs and the key factors that influence their outcomes. The three primary considerations are: 1. Response Efficiency 2. Stats 3. Rewards --- 1. Response Efficiency This metric evaluates a program's commitment to meeting response standards. While most programs on HackerOne provide performance tables, **Response Efficiency** offers a clearer view of their actual responsiveness. - If this metric falls below **75-80%**, expect delays in reviewing your report. - Programs with such low efficiency are generally **unresponsive** and slow to process reports. If you decide to report to these programs, don’t let delays frustrate you. Sending a polite follow-up is fine, but don’t expect quick responses. Patience is your best approach. --- 2. Stats The Stats section provides a detailed overview of a program’s activity and performance, much like a hacker’s profile. Key metrics to review include: - **Average Bounty** - **Top Bounty Range** - **Bounties Paid (90 Days)** - **Reports Received (90 Days)** - **Last Report Resolved** - **Reports Resolved** - **Hackers Thanked** Example: Consider a program that received 454 reports in the past 90 days but paid only $3,450 in bounties: ``` 3,450 ÷ 200 ≈ 17 ``` This indicates that only **17 out of 454 reports** were deemed Valid. If your report gets marked as **Informative** or **Duplicate**, don’t be surprised—these stats already point to such outcomes. For instance, if the Last Report Resolved was two months ago, the likelihood of **Duplicate** increases significantly. --- 3. Rewards: Before working on a program, check the Average Bounty and the types of vulnerabilities they reward. - If the average bounty is low, most vulnerabilities are likely classified as Low. - Even a issue like Client-Side attack might still be categorized as Low . --- Key Takeaway: Managing your time and energy wisely is crucial. Not every program is worth your effort, and working without clear focus can lead to wasted resources. Just as programs evaluate hacker profiles for #LHE invitations, you should assess programs’ stats and performance to ensure they align with your goals. If you know any valuable programs, feel free to share them ! 😊 #BugBounty #bugbountytips