Bug Bounty Tutorial [patched] < 99% POPULAR >

| Category | Tools | Purpose | | --- | --- | --- | | | Burp Suite Community, Caido, ZAP | Intercept, modify, replay requests | | Recon (Passive) | Sublist3r, Amass, Shodan, Censys | Find subdomains, open ports, tech stacks | | Recon (Active) | ffuf, gobuster, dirsearch | Directory/file brute-forcing | | Automation | Nuclei, Dalfox (for XSS) | Fast template-based scanning | | Environments | Docker, VPS, Metasploitable | Safe practice labs |