Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
590
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
690
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
490
Other Decks in Technology
See All in Technology
日本Rubyの会の構造と実行とあと何か / hokurikurk01
takahashim
2
400
その設計、 本当に価値を生んでますか?
shimomura
2
180
Oracle Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
0
640
Product Engineer
resilire
0
130
Docker, Infraestructuras seguras y Hardening
josejuansanchez
0
150
原理から解き明かす AIと人間の成長 - Progate BAR
teba_eleven
2
300
MCP・A2A概要 〜Google Cloudで構築するなら〜
shukob
0
160
Agents IA : la nouvelle frontière des LLMs (Tech.Rocks Summit 2025)
glaforge
0
380
Playwrightのソースコードに見る、自動テストを自動で書く技術
yusukeiwaki
2
720
Design System Documentation Tooling 2025
takanorip
1
930
Eight Engineering Unit 紹介資料
sansan33
PRO
0
5.7k
Data Hubグループ 紹介資料
sansan33
PRO
0
2.3k
Featured
See All Featured
Navigating Team Friction
lara
191
16k
A designer walks into a library…
pauljervisheath
210
24k
The Art of Programming - Codeland 2020
erikaheidi
56
14k
Statistics for Hackers
jakevdp
799
230k
[RailsConf 2023] Rails as a piece of cake
palkan
58
6.1k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
37
2.6k
Optimizing for Happiness
mojombo
379
70k
The Cost Of JavaScript in 2023
addyosmani
55
9.3k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
659
61k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.7k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.1k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
31
2.7k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
takahashim
shimomura
oracle4engineer
resilire
josejuansanchez
teba_eleven
shukob
glaforge
yusukeiwaki
takanorip
sansan33
lara
pauljervisheath
erikaheidi
jakevdp
palkan
eileencodes
mojombo
addyosmani
lemiorhan
reverentgeek
irinanazarova
bluesmoon
