Bug Bounty

The difference between a bounty hunter who lives off bounties and one who files duplicates for two years is scope discipline + recon depth, not “more payloads.” These notes are about the workflow.

Pages

• Recon Checklist

How I read a program before touching anything

1. Read scope twice. Out-of-scope assets and severities are footnoted.
2. Search the program name on disclosed reports — public Hacker1/Bugcrowd reports tell you the bar.
3. Skim recent CVEs of any software the program lists as in-scope.
4. Then start recon.