This is NOT Bug Bounty

There are a variety of great resources out there on real world web exploitation/bug bounty, such as this. These resources look at a holistic approach to finding web vulnerabilities. At this point in time, we don't care too much about the finer points of asset discovery, mapping, and scanning, we care about getting our exploits working.

In a CTF, we expect to find 1-2 services max and one of them will be exploitable. The challenge is to exploit the service, not to do the recon to find surface area to attack no one has ever looked at before.

As a result, CTF methodology is significantly more straightforward than in real life, and I'll skip all that bug bounty stuff. Again, this is not a bug bounty course.