README.md

bug-bounty-decision-tree

Choose your way

You think you've found a mistake, but you don't know what to do. With this tool I want to help you.

What do you do with a 403 status?

• 403 Bypass

What do you do if header injection is possible?

What do you do when inputs are filtered?

• Bypass Examples

How can I bypass a WAF?

• Case Toggling Technique
• URL Encoding Technique
• Unicode Technique
• HTML Representation Technique
• Mixed Encoding Technique
• Using Comments Technique
• Double Encoding Technique
• Junk Characters Technique
• Wildcard Obfuscation Technique

Open Redirects

XSS Bypass

Best Reports for every Bug

• SQL Injection
• CVE
• XXE
• Template Injections
• Open ports:
  • https://zero.bs/juicy-open-ports-for-recon-and-pentests.html