All Courses

Uncle Rat’s Bug Bounty Guide

Uncle Rat’s Bug Bounty Guide

Take the leap from practice platform to bug bounty target

What you’ll learn

Uncle Rat’s Bug Bounty Guide

  • A Bug Hunters mindset, I won’t hold your hand. This is bug bounties
  • A solid bug bounty methodology to help you get started
  • Several attack techniques and how to employ them
  • What parameters to test for what vulnerabilities


  • Be familiar with the basics of web communication like, GET, POST, PUT, DELETE… calls
  • A computer that can run burp suite, OS doesn’t matter



I can not promise this course will find you bugs. I can promise I will leave you with a solid methodology that’s netted me a few nice extra monthly salaries. This method is not guaranteed to work for you. You will need to be adept. You will need to work.

If any course promises you that they WILL find you bugs, run as fast as you can.


My name is uncle rat and I am here to help you take the next step. I am not here to hold your hand, I am here to push you over the edge. You’ve been practising on practice platforms for long enough now, don’t you think? It’s time.

I will provide you with a solid methodology to build upon. I don’t want you to follow in my footsteps, I want you to write your own legend. This is after all the place where legends are born.

Every chapter has at least a video file with slides to download and where applicable a full-text PDF with extra information. All extra’s like cheat sheets are separately downloadable for your comfort.

– The XSS Rat

CAT ‘goals.txt’

I can hack, but I can only hack one target at a time. My passion is teaching so why not hit two birds with one stone?

I created this course because I strongly believe that if I hack 1 target I am just me but if I train 1000 hackers, we are an army.

This is my goal, I want to make the internet a safer place but I can’t do it alone.

Who this course is for:

  • Beginner bug bounty hunters who are looking for a solid methodology and mindset
  • Experienced pen-testers looking to get into bug bounties
  • Companies training their cybersecurity staff to withstand even the toughest of logic attacks
  • Last updated 7/2021

Content From: