I recently came across the website https://hackerone.com through which we can submit bugs and get paid for it, from different companies. There is a lot of money involved. So naturally I became interested. I have worked on different web technologies and web frameworks. How difficult will it be to find security bugs in different websites? Any resources which can be used to get started ?