I share with you this guide for bug hunting, enjoy 
Title: Real-world bug hunting
A field guide to web hacking
Author: Peter Yaworski
Content:
Chapter 1: Bug Bounty Basics
Chapter 2: Open Redirect
Chapter 3: HTTP Parameter Pollution
Chapter 4: Cross-Site Request Forgery
Chapter 5: HTML Injection and Content Spoofing
Chapter 6: Carriage Return Line Feed Injection
Chapter 7: Cross-Site Scripting
Chapter 8: Template Injection
Chapter 9: SQL Injection
Chapter 10: Server-Side Request Forgery
Chapter 11: XML External Entity
Chapter 12: Remote Code Execution
Chapter 13: Memory Vulnerabilities
Chapter 14: Subdomain Takeover
Chapter 15: Race Conditions
Chapter 16: Insecure Direct Object References
Chapter 17: OAuth Vulnerabilities
Chapter 18: Application Logic and Configuration Vulnerabilities
Chapter 19: Finding Your Own Bug Bounties
Chapter 20: Vulnerability Reports
Appendix A: Tools
Appendix B: Resources
Title: Real-world bug hunting
A field guide to web hacking
Author: Peter Yaworski
Content:
Chapter 1: Bug Bounty Basics
Chapter 2: Open Redirect
Chapter 3: HTTP Parameter Pollution
Chapter 4: Cross-Site Request Forgery
Chapter 5: HTML Injection and Content Spoofing
Chapter 6: Carriage Return Line Feed Injection
Chapter 7: Cross-Site Scripting
Chapter 8: Template Injection
Chapter 9: SQL Injection
Chapter 10: Server-Side Request Forgery
Chapter 11: XML External Entity
Chapter 12: Remote Code Execution
Chapter 13: Memory Vulnerabilities
Chapter 14: Subdomain Takeover
Chapter 15: Race Conditions
Chapter 16: Insecure Direct Object References
Chapter 17: OAuth Vulnerabilities
Chapter 18: Application Logic and Configuration Vulnerabilities
Chapter 19: Finding Your Own Bug Bounties
Chapter 20: Vulnerability Reports
Appendix A: Tools
Appendix B: Resources