A comprehensive checklist-based educational resource designed to guide bug bounty hunters through various common security testing methodologies.
These are my checklists which I use during my hunting.
This repository serves as a practical guide for bug bounty hunters and penetration testers to systematically test and identify vulnerabilities across multiple security domains such as authentication, CSRF, rate limiting, and OAuth. It is ideal for security professionals seeking structured methodologies to enhance their bug hunting efficiency and coverage.
This repository is an educational resource and does not contain executable code or commands; users should follow the checklists manually during penetration testing. It is recommended to have foundational knowledge in web security and bug bounty hunting to effectively utilize the methodologies provided.