Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Tushar Verma
July 25, 2021
Technology
610
0
Share
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
220
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
800
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
510
Other Decks in Technology
See All in Technology
生成AIはソフトウェア開発の革命か、ソフトウェア工学の宿題再提出なのか -ソフトウェア品質特性の追加提案-
kyonmm
PRO
2
880
Forget technical debt
ufried
0
180
鹿野さんに聞く!CSSの最新トレンド Ver.2026
tonkotsuboy_com
6
2.9k
Oracle Exadata Database Service on Cloud@Customer X11M (ExaDB-C@C) サービス概要
oracle4engineer
PRO
2
8k
AIエージェントの支払い基盤 AgentCore Payments概要
kmiya84377
2
170
Databricks 月刊サービスアップデートまとめ 2026年04月号
tyosi1212
0
110
AI対話分析の夢と、汚いデータの現実 Looker / Dataplex / Dataform で実現する品質ファーストな基盤設計
waiwai2111
0
420
SLI/SLO、「完全に理解した」から「チョットデキル」へ
maruloop
4
410
オライリーイベント登壇資料「鉄リサイクル・産廃業界におけるAI技術実応用のカタチ」
takarasawa_
0
390
Oracle Cloud Infrastructure presents managed, serverless MCP Servers for Oracle AI Database
thatjeffsmith
0
230
ブラウザの投機的読み込みと投機ルールAPIを理解し、Webサービスのパフォーマンスを最適化する
shuta13
3
300
Modernizing Your HCL Connections Experience: Visual Report to chain, Profile Enhancements, and AI Integration
wannesrams
0
300
Featured
See All Featured
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
180
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
120
Exploring anti-patterns in Rails
aemeredith
3
350
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
280
[RailsConf 2023] Rails as a piece of cake
palkan
59
6.6k
Embracing the Ebb and Flow
colly
88
5k
How to build an LLM SEO readiness audit: a practical framework
nmsamuel
1
740
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.5k
Designing Experiences People Love
moore
143
24k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
11
910
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
WCS-LA-2024
lcolladotor
0
580
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
kyonmm
ufried
tonkotsuboy_com
oracle4engineer
kmiya84377
tyosi1212
waiwai2111
maruloop
takarasawa_
thatjeffsmith
shuta13
wannesrams
mkilby
akademiya2063
aemeredith
reverentgeek
palkan
colly
nmsamuel
signer
moore
tammyeverts
smashingmag
lcolladotor
