Scribd
Upload
2 views

Bug_Bounty_Checklist_Fillable

The document outlines a two-week bug bounty learning path checklist, detailing daily tasks and resources from platforms like TryHackMe and PortSwigger. It covers fundamental topics such as web reconnaissance, various types of vulnerabilities, and practical exercises for exploitation. Additionally, it includes estimated payouts for common bugs like XSS, SQL Injection, and CSRF.

Uploaded by

Nassur Juma
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2 views

Bug_Bounty_Checklist_Fillable

The document outlines a two-week bug bounty learning path checklist, detailing daily tasks and resources from platforms like TryHackMe and PortSwigger. It covers fundamental topics such as web reconnaissance, various types of vulnerabilities, and practical exercises for exploitation. Additionally, it includes estimated payouts for common bugs like XSS, SQL Injection, and CSRF.

Uploaded by

Nassur Juma
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Bug Bounty Learning Path Checklist

This checklist helps you track progress in your two-week bug bounty learning journey
using free resources from TryHackMe, Hack The Box, and PortSwigger. Tick off each
task as you complete it.

Week 1: Bug Bounty Fundamentals & Recon

Day 1: Introduction to Bug Bounties


Read 'What is Bug Bounty?' on
HackerOne Complete TryHackMe:
Web Fundamentals Set up a Burp
Suite environment

Day 2: Web Reconnaissance


Learn Passive vs. Active Recon
Complete PortSwigger: Information
Disclosure TryHackMe: OSINT Module
Day 3: Google Dorking & Shodan
Practice Google Dorks
Use Shodan to find vulnerable
assets TryHackMe: Google
Dorking Module
Day 4: Subdomain Enumeration
Use Sublist3r and Amass for subdomain
discovery TryHackMe: Subdomain
Enumeration Lab
Read about Wildcard DNS and Takeovers
Day 5: Directory Bruteforcing
Use Gobuster and FFUF to find hidden
directories TryHackMe: Web Directory
Enumeration
Understand Forbidden Directory Bypasses
Day 6: Parameter Discovery
Use Arjun for parameter fuzzing
Read about URL parameters and attack
vectors TryHackMe: Parameter Tampering
Bug Bounty Learning Path Checklist

Lab
Day 7: Review & Capture The Flag (CTF)
Solve a web-based CTF challenge
Bug Bounty Learning Path Checklist

Review recon
techniques Plan for
Week 2

Week 2: Exploiting Bugs for Bug Bounties

Day 8: XSS - Cross-Site Scripting


Complete PortSwigger: XSS
Labs TryHackMe: XSS
Fundamentals Practice DOM-
based XSS

Day 9: SQL Injection


Complete PortSwigger: SQL Injection
Labs Use SQLMap for automated
testing
TryHackMe: SQL Injection Module
Day 10: IDOR (Insecure Direct Object Reference)
Understand how IDOR works
TryHackMe: Broken Access
Control Test real-world API
endpoints for IDOR
Day 11: CSRF (Cross-Site Request
Forgery) Learn about CSRF token
validation Complete
PortSwigger: CSRF Labs Practice
CSRF exploitation

Day 12: SSRF (Server-Side Request Forgery)


Complete PortSwigger: SSRF
Labs Use Burp Suite to test for
SSRF
TryHackMe: SSRF Module
Day 13: Exploiting Authentication Flaws
Learn about JWT and Session
Hijacking TryHackMe: Authentication
Bug Bounty Learning Path Checklist

Bypass
Test OAuth and SSO vulnerabilities
Day 14: Reporting & Bug Submission
Read 'How to Write a Good Bug Report'
Bug Bounty Learning Path Checklist

Review top bug bounty write-


ups Submit a report on a test
platform

Low-Hanging Bugs & Payouts

XSS (Cross-Site Scripting) (Easy) - Estimated Payout: $500 -


$1,500 SQL Injection (Medium) - Estimated Payout: $2,000 -
$10,000
IDOR (Broken Access Control) (Easy) - Estimated Payout: $500 - $5,000
CSRF (Cross-Site Request Forgery) (Medium) - Estimated Payout: $1,000 -
$3,000 SSRF (Server-Side Request Forgery) (Hard) - Estimated Payout:
$3,000 - $10,000

You might also like