This document provides an introduction to bug bounty programs. It discusses what a bug bounty is, which are popular bug bounty platforms, how to choose target programs, reconnaissance methods like subdomain enumeration and content discovery, attacking single domains by analyzing requests and responses and hidden endpoints, and provides examples of the author's past bug bounty finds. The presentation ends by answering any questions about bug bounty programs.