here i'm going to lay out stuff i am learning for (web) Bug Bounties mostly for my own sanity but perhaps you, dear reader *points to the camera* may find it useful as well
1st off i am an absolute noob at this so please let me know if you find anything wrong with any of this infopage
2nd please don't use anything on this page to do illegal shit. i am not going to court for you, sorry
3rd this is for EDUCATIONAL PURPOSES ONLY
lets have fun, people :)
okay so first thing you need is a proxy tool of some sort. the big 3 are:
besides this you will need some sort of developer tools panel, CTRL+SHIFT+I for Windows in your web browser of choice
maybe an open notepad or something to store logs in
so there are 3 main platforms but as discussed in this video there are also smaller, specific platforms that are connected to individual companies/sites (sometimes they run their own shit) that may be better for lower-level bounty hunters
anyway here are the main 3
these are the main platforms that you can sign up for to actually get paid for bounties.
after this its about learning What the different types of vulnerabilities are and how to exploit them. now there are plenty of places to learn but if you, like me, like a nice shortform video tutorial i highly recommend Nahamsec's video series on the basics, complete with exploitation examples
List of Vulns