Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
620
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
230
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
730
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
800
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
510
Other Decks in Technology
See All in Technology
AI時代の EM への処方箋
staka121
PRO
0
130
Kaggleで成長するために意識したこと
prgckwb
2
310
AI Driven AI Governance
pict3
0
330
知らん間に、回ってる
ming_ayami
0
520
実装だけじゃない! CCA-F取得エンジニアが教えるClaude Code開発プロセス活用術
diggymo
2
650
AI時代のエンジニアキャリアについて今一度考える
sakamoto_582
2
1.5k
ローカルLLMとLINE Botの組み合わせ その3 / LINE DC Generative AI Meetup #8
you
PRO
0
130
cccccc
moznion
0
1.9k
KiCAD講習会②
tutcreators
0
110
型は壁、Rustでもバグを直すな、表現できなくせよ
nwiizo
13
2k
Control Planeで育てるBtoB SaaSの認証基盤 - SRE NEXT 2026
pokohide
1
2.3k
SRE本の知られざる名シーン / The Hidden Gems of Google SRE Book
nari_ex
1
370
Featured
See All Featured
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.4k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
2
1.6k
Rails Girls Zürich Keynote
gr2m
96
14k
Navigating Weather and Climate Data
rabernat
0
310
Noah Learner - AI + Me: how we built a GSC Bulk Export data pipeline
techseoconnect
PRO
0
220
Six Lessons from altMBA
skipperchong
29
4.3k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.4k
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
490
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
340
Agile Leadership in an Agile Organization
kimpetersen
PRO
0
190
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.8k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.7k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]