Diving into the world of bug bounty, this article serves as an essential toolkit for aspiring and seasoned security researchers alike.

It compiles a vast array of vulnerabilities, bypass techniques, and strategic insights gathered from diverse sources.

Whether you’re looking to enhance your hacking skills, contribute to cybersecurity, or simply explore the depths of bug bounty hunting, this guide offers a wealth of knowledge to navigate the intricate landscape of cybersecurity challenges.

These are my bug bounty notes that I have gathered from various sources, you can contribute to this repository too!

List Vulnerability

List Bypass



  • CVEs 2021
  • CVEs 2022 (SOON)
  • CVEs 2023 (SOON)





  •  Tidy up the reconnaisance folder
  •  Added more lesser known web attacks
  •  Added CVEs folder
  • Writes multiple payload bypasses for each vulnerability
    •  Payload XSS for each WAF (Cloudflare, Cloudfront, AWS, etc)
    •  Payload SQL injection for each WAF (Cloudflare, Cloudfront)