CHAPTER FOUR
My Bug Bounty Hunting Methodology
Every bug starts with a question: ‘What if?’
INTRODUCTION
I’m a very meticulous person — I love when things are just right. But for a while now, I’ve been asking myself: is there really such a thing as the perfect bug bounty hunting methodology? I mean have you ever wondered the same?
Hey there, welcome back! I’m so glad you’re here again, especially if you read the last chapter. Your support means a lot to me. In this chapter, I’ll be sharing my personal bug bounty hunting methodology — the way I stay organized and get things done. Whether you’re just starting out or want to improve your skills, I hope you’ll find something helpful here. Let’s get into it!
Here is a Friend’s Link for Non-Members.
RECONNAISSANCE AND INFORMATION GATHERING
When I start a bug bounty hunt, I always begin with passive information gathering. This just means I try to find out what information is already out there about the target. I don’t go in without knowing anything. I like to check websites like Crunchbase, W3Tech, and MXToolbox to get an idea of what the website is about and see what info is out there.
