Key Points:
- Choose a bounty with a large scope so you can find untrodden ground.
Find public programs:
- Public Bug Bounty List - Bugcwrod
- Google dorks
- "Responsible Disclosure"
- "Vulnerability Disclosure"
- Responsible disclosure "bounty"
- intext:"Responsible Disclosure Policy"
- vulnerability disclosure program "bounty" -bugcrowd -hackerone
Find private programs:
- Google dorks
- "responsible disclosure" "private program"
- "responsible disclosure" "private" "program"
- Responsible disclosure "private program"
- Chaos - Public repository of subdomains for bug bounty programs.