What to read about bug hunting

The Web Application Hacker’s Handbook — a deep guide to web vulnerabilities and exploits.

Real-World Bug Hunting (Dawson) — a practical guide: web + bug bounty.

Bug Bounty Hunting Essentials — a quick introduction and checklists for reports.

OWASP: Testing Guide and Top Ten — required for understanding common mistakes.

Best write-ups from HackerOne/Bugcrowd/Standoff365/Bi.Zone — analyses of real