Biscuit's Bug Bounty Playbook
  • ๐Ÿ‘‹Introduction to Biscuit's Bug Bounty Playbook
  • Mains
    • ๐ŸงพResume For Cyber Security Freshie
    • ๐Ÿ“—Browser extension For Bug Bounty
    • ๐Ÿ“€POC Videos YT Channel
    • ๐Ÿ“บ55 YouTube Channels To Learn Hacking
    • ๐Ÿ‘€Hackers to Follow on Social Media
      • Twitter
      • Medium
      • YouTube
      • GitHub
      • Discord Server
      • Security GitBooks
    • ๐Ÿ…Learn The Basics
      • ๐ŸŽ–๏ธType Of Cyber Security
      • ๐ŸฅˆCommon Job Roles
      • ๐Ÿฅ‰Get Started With InfoSec
      • โš•๏ธBest Bug Bounty Platform
      • ๐Ÿ—ž๏ธBest InfoSec Writeups Website
      • ๐ŸชHacking Books
      • ๐Ÿฅ‚CLI Commands
      • ๐Ÿ’ฟLearn WSL
    • ๐Ÿง‘โ€๐Ÿ’ปFun Programming Codes
    • ๐Ÿ”ฎBuild your own Bug Bounty Methodology
    • ๐ŸŽดBug Bounty Checklist
  • Bug Bounty Reports & Articles
    • 0๏ธโƒฃIndex
    • 1๏ธโƒฃTakeover's (Accounts, Sub-domains, etc)
      • ๐ŸšกSub Domain Takeover
      • ๐Ÿš Account Takeover
      • ๐ŸšŸdependency confusion vulnerability
    • 2๏ธโƒฃIDOR (Indirect Object Reference)
    • 3๏ธโƒฃLeaks & Disclosure (PII, API Key, etc)
    • 4๏ธโƒฃOpen Redirects
    • 5๏ธโƒฃRequest Forgery (CSRF & SSRF)
      • ๐ŸŸขCSRF
      • ๐Ÿ”ดSSRF
    • 6๏ธโƒฃInjections (HTML, XSS, etc)
      • ๐ŸŸกXSS
      • ๐ŸŸ HTML Injection
      • โšซSQL Injection
      • ๐ŸŸฃCR/LF Injection
      • ๐ŸŸขSSTI
      • ๐Ÿ”ดHost Header Injection
      • ๐Ÿ”ตCSV Injection
    • 7๏ธโƒฃBroken Access Control & Broken Authentication
      • โš™๏ธFile Upload Functionality
      • โš™๏ธPassword Reset Functionality
      • โš™๏ธ2FA Functionality
      • โš™๏ธOauth Functionality
      • โš™๏ธBypassing
      • โš™๏ธMisconfiguration
      • โš™๏ธCaptcha Bypass
    • 8๏ธโƒฃWeb Socket
    • 9๏ธโƒฃMiscellaneous Reports
    • ๐ŸงปRole Management Issue
    • 0๏ธCloud
      • ๐ŸŒฉ๏ธAWS S3
    • 1๏ธLow Hanging Fruits
    • 2๏ธCache Vulnerabilities
    • 3๏ธDOS/DDOS
  • 4๏ธForced Browsing
  • Bug Bounty Platforms
    • ๐Ÿ›BugCrowd
    • ๐ŸžHackerOne
    • ๐ŸชฒIntigriti
    • ๐ŸœOpen Bug Bounty
  • Exploiting Technologies
    • 0๏ธโƒฃIntroduction
    • 1๏ธโƒฃWordpress
    • 2๏ธโƒฃGraphQL API
    • 3๏ธโƒฃIDOR Vulnerability
    • Learn Android Hacking
Powered by GitBook
On this page
  • Content of table
  • Articles/Writeups
  • YT Videos
  • GitHub
  1. Mains

Build your own Bug Bounty Methodology

Here I'm documenting all the Methodologies I found on Internet So you can learn from them and make your own unique methodology from it

PreviousFun Programming CodesNextBug Bounty Checklist

Last updated 3 months ago

While reading All these methodologies I made notion page for each Article/Video so I can document what tool they used ? what they did first ? how they select there program ? etc

Here is my personal notes I made by reading all these methodology

Content of table

Platform
Number of Methodologies

  1. Medium/Infosec (Article/Blog)

20

  1. YouTube (Videos)

39

  1. Github Repository

4

Articles/Writeups

YT Videos

GitHub

๐Ÿ”ฎ
Notion Data.zipGoogle Docs
What To Do After Choosing a Target? Part 01 | Bug BountyInfoSec Write-ups
Part 02 What To Do After Choosing a Target? | Bug BountyInfoSec Write-ups
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug BountyInfoSec Write-ups
Main Methodology 1 | Part 04 | What To Do After Choosing a TargetInfoSec Write-ups
Deep-Subdomains-Enumeration-MethodologyMedium
Finding more subdomains | by loyalonlytoday - Freedium
Best Recon methodology (Shubham Rooter)Medium
Web Application Security & Bug Bounty (Methodology, Reconnaissance, Vulnerabilities, Reporting)Medium
Bug Bounty Methodologyโ€Šโ€”โ€ŠBug Hunting Checklist (PART-1)Medium
Bug Bounty Methodologyโ€Šโ€”โ€ŠBug Hunting Checklist(PART-2)Medium
Bug Bountyโ€Šโ€”โ€ŠHow to approach Vulnerabilities ( PART 1 )Medium
Bug Hunting Methodology (part-1)Medium
Bug Hunting Methodology(Part-2)Medium
Bug Hunting Methodology(Part-3)Medium
Bug Bounty Hunterโ€Šโ€”โ€ŠRecon is everything / Part 1Medium
/home/six2dez/.pentest-bookPentest Book
Cool Recon techniques every hacker misses! ๐Ÿ”ฅ๐Ÿ”ฅInfoSec Write-ups
Cool Recon techniques every hacker misses! Episode 2๐Ÿ”ฅ๐Ÿ”ฅInfoSec Write-ups
https://infosecwriteups.com/cool-recon-techniques-every-hacker-misses-episode-3-3812e7da3425infosecwriteups.com
How I Hack Web Applications (Part 1)InfoSec Write-ups
My Methodology In Recon And Find Bugs & My Methodology In Hunting Using PhoneMedium
BePracticalYouTube
๐™‡๐™ค๐™จ๐™ฉ๐™จ๐™š๐™˜YouTube
GitHub - daffainfo/AllAboutBugBounty: All about bug bounty (bypasses, payloads, and etc)GitHub
GitHub - sehno/Bug-bounty: Ressources for bug bounty huntingGitHub
GitHub - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of resources for those interested in getting started in bug bountiesGitHub
Logo
Logo
Logo
GitHub - bittentech/Bug-Bounty-Beginner-Roadmap: This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.GitHub
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo