Read for Freee..ee.e

🐺Hunters,

I hope my write-ups are easy to understand with helpful tips and learnings for you so that you can also get your bug using the same thing.

If you learned something from my articles you can send appreciation with

50 claps and comment your thoughts

My Hunting

My recon usually follows three things subdomain enumeration, waybackurls data and just random Hunting. I am telling you this because I got many DMs on instagram like what kind of Methodology or pdf check I followed, I don’t have any checklist and it’s not bad to follow a checklist.
My bug bounty tip for you:

Understand your Target.

Introduction

I started hunting on my primary target, and actually lously looking at my target’s waybackurls data to get something interseting so that I can start hunting. After sometime one url which is basically an static page with usual Subscribe Me button to get notifications caught my attention.
As a hunter, I started with XSS payloads to get an alert but the…