Universal report skeleton
Title, scope confirmation, reproduction steps, impact, evidence, remediation, and limitations.
Free bug bounty report templates for cleaner submissions.
A scope-safe starter pack for authorized bug bounty work: report skeletons, evidence notes, impact prompts, and pre-submit checks for common web findings.
IDOR and OAuth notes
Prompts for own-account testing, expected vs actual behavior, and clear impact framing.
Pre-submit checklist
Redaction, scope proof, no private data, no destructive testing, and realistic severity language.
Built to avoid vague reports
The pack pushes for concrete impact, exact reproduction steps, evidence that proves the issue, and clear limitations. The goal is less filler and fewer reports that sound like generic AI output.
What this is not
This is not a promise of payouts, not exploit automation, and not permission to test random targets. It is a writing and workflow aid for programs where you already have written authorization.