My previous post explained how you can use google to find bugbounty programs. Now I will explain how to find assets of these programs. Findind assests may sound confusing, don't worry. I will be explaining how to perform all these methodologies using only a browser. That's it "WITHOUT any additional TOOLS". And if you need to learn a little deeper of have any doubts regarding extra tools, feel free to comment below.
A subdomain is an extra part of the main domain, so which you don't want to set up a new root domain which also confuses the visitors.
e.g google.com is the root domain and images.google.com is one of it's subdomains.
Bugbounty is competitive, so you may end up finding no bugs if you are testing root domains.
How to find subdomains?
You can use opensource tools like amass, sublister, subfinder...
Replace google.com with your target.
Stay tuned for how to find vulnerabilities in these target subdomains in the next article.