Bug-Bounty.txt

OWASP & PortSwigger - lerning with labs
Hackerone Hactivity, Medium artical - Reported Bug Explain
Hacker101 (Web CTF), Try Hack Me, Hack The Box - For CTF Practice

----------------------------------------------------------------------------------------------

Information Gather: 

1. BASIC RECON WITH WHOIS LOOKUP
 https://whois.domaintools.com/

2. DISCOVERING TECHNOLOGIES USED ON WEBSITE YOU ARE PERFORMING RECON
         https://sitereport.netcraft.com/

3. GATHERING DNS INFORMATION
         https://www.robotex.com/

4. FINDING DIFFERENT DOMAINS ON SAME SERVER(REVERSE DNS)
     a.    https://www.robtex.com/
           BING ip:192.xxxx.xx.xxx or you can use google.

5. DISCOVERING SUB DOMAINS 
    git clone https://github.com/guelfoweb/knock or
   apt-get install knockpy

6. DISCOVERING SOME SENSITIVE FILES
    We will use tool called dirb in kali linux