Useful Links
Computer Science
Cybersecurity
Bug Bounty Hunting
1. Introduction to Bug Bounty Hunting
2. Foundational Knowledge
3. Setting Up a Testing Environment
4. Bug Hunting Methodology
5. Reconnaissance and Information Gathering
6. Web Application Vulnerabilities
7. Mobile Application Security
8. Exploitation and Proof of Concept Development
9. Reporting and Communication
10. Bug Bounty Platform Navigation
11. Advanced Techniques and Specialization
12. Career Development and Professional Growth
Reconnaissance and Information Gathering
Passive Information Collection
Domain Intelligence
WHOIS Database Queries
Registrant Information
Registration History
Expiration Dates
DNS Record Analysis
A and AAAA Records
MX Records
TXT Records
CNAME Records
NS Records
SOA Records
Certificate Analysis
Certificate Transparency Logs
Subdomain Discovery
Certificate History
Issuer Information
SSL/TLS Certificate Details
Subject Alternative Names
Certificate Chains
Search Engine Intelligence
Google Dorking
Site-Specific Searches
File Type Searches
Sensitive Information Discovery
Specialized Search Engines
Shodan
Censys
ZoomEye
Social Engineering Reconnaissance
Social Media Analysis
LinkedIn Profiles
Twitter Information
Facebook Data
Code Repository Mining
GitHub Searches
GitLab Analysis
Bitbucket Investigation
Exposed Credentials
Active Information Gathering
Subdomain Discovery
Brute Force Enumeration
Wordlist Selection
Custom Wordlists
Certificate Scraping
DNS Zone Transfers
Third-Party APIs
VirusTotal
SecurityTrails
Network Reconnaissance
Port Scanning Techniques
TCP Connect Scans
SYN Scans
UDP Scans
Nmap Usage and Options
Service Detection
Version Detection
OS Fingerprinting
Script Scanning
Web Application Fingerprinting
Technology Stack Identification
Wappalyzer Analysis
WhatWeb Scanning
Manual Header Analysis
Framework Detection
CMS Identification
Programming Language Detection
Content Discovery
Directory Enumeration
Dirb Usage
FFUF Techniques
Gobuster Implementation
File Discovery
Backup File Detection
Configuration File Search
Log File Identification
Parameter Discovery
GET Parameter Fuzzing
POST Parameter Discovery
API Reconnaissance
Endpoint Discovery
Swagger/OpenAPI Documentation
API Fuzzing Techniques
GraphQL Introspection
Authentication Mechanism Analysis
Token-Based Authentication
API Key Usage
OAuth Implementation
Previous
4. Bug Hunting Methodology
Go to top
Next
6. Web Application Vulnerabilities