Bug Bounty : A reward given for reporting a security vulnerability.
Bug Bounty Program : Companies or individuals that reward security researchers for reporting security vulnerabilities in their products. This term is commonly abbreviated to "BBP".
Bug Bounty Hunter : An individual that hunts for security issues on bug bounty programs.
Duplicate : A report describing the same issue as a previously submitted report is referred to as a "duplicate". Bug bounty platforms usually allow programs to set the status of a duplicate report to "duplicate" to inform the hunter that the issue has been submitted previously.
Exploit : Exploit is a code that takes advantage of a software vulnerability or security flaw to gain system access.
Full disclosure : When the entire report is publicly disclosed. Bug bounty hunters will usually request public disclosure of their report once the issue has been resolved or a certain number of days have gone by since the initial report.
Payload : Payloads are simple code or scripts that the hunter use to identify vulnerability.
PoC : Abbreviation for proof of concept, a detailed demonstration of a security vulnerability.
Scope : Outlines the rules of engagement for a bounty program. This includes a clearly defined testing parameter to inform researchers what they can and cannot test, as well as the payout range for accepted vulnerabilities.
Target : A target is the thing (web or mobile application, hardware, API) that the crowd test for vulnerabilities.
Vulnerability : A security flaw or weakness found in software or in an operating system (OS) that can lead to security concerns.
Local PentestLab Management Script - Bash script to manage web apps using docker and hosts aliases. Made for Kali linux, but should work fine with pretty much any linux distro.
A huge list of tools that can help you with bug bounty researching. (Recon, Exploiting & Scanning, Fuzzing & bruteforcing, Fingerprinting, Decompilers, Proxy plugins, Monitoring, JS Parsing and Mobile Testing)