Find Target

Things to consider:

• Scope
• HoF
• Appreciation Letter
• Size of the company
• Country
• Response Time
• Static? Dynamic?
• Reviews online?

Below are some of my potential targets:

• GeekforGeeks
• Australian Government
• Australia Post
• City of LA (H1)
• Arrival
• Costco
• Achema
• Marel
• BBC
• Philips
• Nestle
• Unesco
• Aliter
• Zyxel
• Paytm
• Lenovo
• Drexel Univsersity
• Bosch-HoF-E
• University of Twente-HoF-e
• Looka-HoF-e-na
• FirstCry-HoF-E
• Microstrategy
• Empire Flippers
• BBC
• Agicap
• TomTom
• Geotab
• Swisscom
• Content King
• Bentley Systems

Below are people I follow on LinkedIn for choosing the right program:

• https://www.linkedin.com/in/vishalvishw10/recent-activity/all/
• https://www.linkedin.com/in/kartik-garg-6370b6232/

For choosing correct VDP program, I use:

• https://www.openbugbounty.org/
• https://blog.grahamzemel.com/the-best-vulnerability-disclosure-programs-less-competitive-bounties-a166acbbbd1b
• https://firebounty.com/
• https://github.com/cablej/hack-your-government
• https://chaos.projectdiscovery.io/
• https://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5

40 Google Dorks for Bug Bounty Programs

1. site:example.com inurl:bug inurl:bounty
2. site:example.com inurl:security intext:bounty
3. site:example.com inurl:security ext:txt
4. site:example.com inurl:responsible-disclosure
5. site:example.com inurl:/.well-known/security
6. site:example.com intext:bug bounty program
7. site:example.com intext:responsible disclosure program
8. site:example.com intext:vulnerability disclosure program
9. site:example.com intext:security rewards
10. site:example.com intext:bug bounty payout
11. site:example.com inurl:security ext:txt -inurl:hackerone -inurl:bugcrowd -inurl:synack
12. site:example.com inurl:responsible-disclosure -inurl:hackerone -inurl:bugcrowd -inurl:synack
13. site:example.com intext:bug bounty -inurl:hackerone -inurl:bugcrowd -inurl:synack
14. inurl:/security
15. inurl:/responsible-disclosure/ swag
16. inurl:’/responsible disclosure’ hoodie
17. responsible disclosure hall of fame
18. inurl:responsible disclosure $50
19. responsible disclosure europe
20. responsible disclosure white hat
21. white hat program
22. responsible disclosure r=h:nl
23. responsible disclosure r=h:uk
24. responsible disclosure r=h:eu
25. responsible disclosure bounty r=h:nl
26. responsible disclosure bounty r=h:uk
27. responsible disclosure bounty r=h:eu
28. responsible disclosure swag r=h:nl
29. responsible disclosure swag r=h:uk
30. responsible disclosure swag r=h:eu
31. responsible disclosure reward r=h:nl
32. responsible disclosure reward r=h:uk
33. responsible disclosure reward r=h:eu
34. “powered by bugcrowd” -site:bugcrowd.com
35. “submit vulnerability report”
36. “submit vulnerability report” | “powered by bugcrowd” | “powered by hackerone”
37. intext:”we take security very seriously”
38. site:responsibledisclosure.com
39. inurl:’vulnerability-disclosure-policy’ reward
40. site:_._.nl intext: security report reward

Resources

URL	Description
https://medium.com/@Alra3ees/some-tips-to-earn-your-first-bounty-find-xss-blind-xss-sqli-ssrf-lfi-log4j-using-some-handy-tools-2ae31afeae1a	Hard to read. General methdology.
https://github.com/bhavesh-pardhi/One-Liner	One liners
https://github.com/DevanshRaghav75/AutomationGuide	Automation commands.
https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae	XSS guide. polygot
https://xelkomy.medium.com/found-ssrf-and-lfi-in-just-10-minutes-of-using-burp-492fddef3f3e	SSRF with autorepeater
https://nitinyadav00.github.io/Bug-Bounty-Search-Engine/	Bug Bounty Search Engine
https://shell.segfault.net/#/login	Free VPS
https://blog.vidocsecurity.com/blog/2022-summary-how-we-made-120k-bug-bounty-in-a-year/	Automation Tips
https://medium.com/@qaafqasim/power-of-one-liners-master-bug-bounty-automation-9ded02aaff03	One Liners
https://github.com/Elsfa7-110/Elsfa7110-Oneliner-bughunting?tab=readme-ov-file	Big list of one liners. Haven’t had time to finish reading it all.
https://infosecwriteups.com/monitoring-your-targets-for-bug-bounties-36f6be3e69c9	Target monitoring for getting updates.
https://oreobiscuit.gitbook.io/introduction/mains/build-your-own-bug-bounty-methodology	Collection of bug hunting methodology.
https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987	Methodology - Provides different insights.
https://medium.com/@ZishanSec/amass-v4-x-x-a-comprehensive-step-by-step-usage-guide-29124cdd871a	Amass result sorting tool
https://subdomainfinder.c99.nl/	Finds Subdomains
https://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3	How to find Zero Day targets (Shodan)