My Brain Is Not a Reliable Runbook

When I change anything important in this setup (Vault config, PKI, proxies), it’s easy to miss steps:

  • forget a reload,
  • skip a test,
  • break something subtle and only notice days later.

Similarly for bug bounty work:

  • forgetting to test a certain header,
  • skipping a class of vulnerabilities,
  • not repeating a test after a change.

So I want checklists.

Infra Change Checklists

For example, for “change Vault listener”:

  • backup current config,
  • apply changes,
  • vault status from localhost,
  • test mTLS from proxies,
  • run a small scripted health check,
  • commit config + notes.

For PKI changes:

  • list certificates that may be affected,
  • run the cert health script before and after,
  • verify chain and SANs for critical services.

Bug Bounty Checklists

For a given target:

  • recon steps (subdomains, HTTP probing),
  • basic security headers,
  • auth flows,
  • parameter fuzzing,
  • file upload checks,
  • SSRF/XSS/IDOR passes.

Even simple text-based checklists are a big improvement over “I’ll remember it”.