Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Tushar Verma
July 25, 2021
Technology
0
600
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
210
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
710
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
APMの世界から見るOpenTelemetryのTraceの世界 / OpenTelemetry in the Java
soudai
PRO
0
140
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
cybozuinsideout
PRO
10
74k
opsmethod第1回_アラート調査の自動化にむけて
yamatook
0
280
大規模な組織におけるAI Agent活用の促進と課題
lycorptech_jp
PRO
4
5.3k
欲しいを叶える個人開発の進め方 / How to Run an Indie Project That Brings Your Ideas to Life
endohizumi
0
340
Oracle Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
4
1.5k
「静的解析」だけで終わらせない。 SonarQube の最新機能 × AIで エンジニアの開発生産性を本気で上げる方法
xibuka
2
270
Microsoft Fabric のワークスペースと容量の設計原則
ryomaru0825
2
130
Intro SAGA Event Space
midnight480
0
150
AgentCore RuntimeをVPCにデプロイして 開発ドキュメント作成AIエージェントを作った
alchemy1115
3
300
Agent Skills 入門
puku0x
0
900
生成AI素人でも玄人でもない私がセイセイAIチョットワカルために勉強したこと
wkm2
2
310
Featured
See All Featured
BBQ
matthewcrist
89
10k
Between Models and Reality
mayunak
1
210
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
750
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
270
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
360
30k
Technical Leadership for Architectural Decision Making
baasie
2
270
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
0
530
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
130
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
11
850
AI Search: Where Are We & What Can We Do About It?
aleyda
0
7k
New Earth Scene 8
popppiees
1
1.6k
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
aleyda
1
1.8k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
SiteGround - Reliable hosting with speed, security, and support you can count on.
e11i0t_4lders0n
soudai
cybozuinsideout
yamatook
lycorptech_jp
endohizumi
oracle4engineer
xibuka
ryomaru0825
midnight480
alchemy1115
puku0x
wkm2
matthewcrist
mayunak
aleyda
skipperchong
bermonpainter
baasie
uxyall
sarafernandez
tammyeverts
popppiees
