Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
600
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
700
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
Building Serverless AI Memory with Mastra × AWS
vvatanabe
0
390
AWS re:Invent 2025~初参加の成果と学び~
kubomasataka
0
180
MariaDB Connector/C のcaching_sha2_passwordプラグインの仕様について
boro1234
0
1k
Bedrock AgentCore Evaluationsで学ぶLLM as a judge入門
shichijoyuhi
2
220
SQLだけでマイグレーションしたい!
makki_d
0
1.2k
Knowledge Work の AI Backend
kworkdev
PRO
0
200
ExpoのインダストリーブースでみたAWSが見せる製造業の未来
hamadakoji
0
190
Oracle Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
1
400
フィッシュボウルのやり方 / How to do a fishbowl
pauli
2
370
MySQLとPostgreSQLのコレーション / Collation of MySQL and PostgreSQL
tmtms
1
1.2k
AWSに革命を起こすかもしれない新サービス・アップデートについてのお話
yama3133
0
500
松尾研LLM講座2025 応用編Day3「軽量化」 講義資料
aratako
3
2.2k
Featured
See All Featured
Bash Introduction
62gerente
615
210k
AI Search: Where Are We & What Can We Do About It?
aleyda
0
6.7k
We Analyzed 250 Million AI Search Results: Here's What I Found
joshbly
0
250
Designing Experiences People Love
moore
143
24k
Mind Mapping
helmedeiros
PRO
0
38
The untapped power of vector embeddings
frankvandijk
1
1.5k
Paper Plane (Part 1)
katiecoart
PRO
0
1.9k
Leading Effective Engineering Teams in the AI Era
addyosmani
9
1.4k
The Cult of Friendly URLs
andyhume
79
6.7k
Technical Leadership for Architectural Decision Making
baasie
0
180
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
4
2.1k
Believing is Seeing
oripsolob
0
15
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
vvatanabe
kubomasataka
boro1234
shichijoyuhi
makki_d
kworkdev
hamadakoji
oracle4engineer
pauli
tmtms
yama3133
.jpg){kind=avatar}
aratako
62gerente
aleyda
joshbly
moore
helmedeiros
frankvandijk
katiecoart
addyosmani
andyhume
baasie
inesmontani
oripsolob
