In this french-language talk, I’ll share how I uncovered a €1,000 vulnerability by combining a user’s perspective with targeted technical analysis—without relying on automated scanners like Nmap or FFUF. As a new bug hunter, I explored the application’s functionality like a real user, studied its code behavior, and tested custom scripts to zero in on overlooked entry points and subtle misconfigurations. I’ll show you how adopting a user-focused mindset, backed by hands-on experimentation and minimal tooling, can reveal high-value bugs that scanners often miss. Whether you’re just starting out or looking to refine your methods, come learn why manual recon remains one of the most powerful techniques in any bug hunter’s arsenal.