Table of contents Bug Bounty Hunter Guide Table of Contents Bug Bounty Checklists 🗺️ Reconnaissance Multipurpose resources Organizations Main domains Subdomains Port and services Pending Pages Vulnerability Assessment > Web > Information Gathering Domain Analysis Public Information Gathering Fingerprint Web Application Mapping the Application Subdomain Handling ?>> Subdomain Enumeration > Website Probing 🧪 Assessment Port 22 - SSH 389, 636 - LDAP 873 - Rsync 1433 - MSSQL 1833 - MQTT 2375 - Docker 2379 - etcd 3306 - MySQL 6379 - Redis 8086 - InfluxDB 27017 - MongoDB XSS 😎 Awesome Bugbounty SRC Tool Playground Awesomeness 💡 Experience Out of Scope Others (High) OOB Payload Useful Commands Others (Medium) Shiro Component Assessment WebLogic Component Assessment Others (Low) Network Host Discovery Website Probing and Analysis Subdomain Takeover Testing Host Collision Enumeration Cloud Service Fingerprint Exploiting API Kyes