Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
760
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
150
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
640
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
550
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.2k
How to get started in bug bounty
e11i0t_4lders0n
1
470
Other Decks in Technology
See All in Technology
Lambda10周年!Lambdaは何をもたらしたか
smt7174
2
110
B2B SaaSから見た最近のC#/.NETの進化
sansantech
PRO
0
850
IBC 2024 動画技術関連レポート / IBC 2024 Report
cyberagentdevelopers
PRO
0
110
強いチームと開発生産性
onk
PRO
35
11k
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
490
誰も全体を知らない ~ ロールの垣根を超えて引き上げる開発生産性 / Boosting Development Productivity Across Roles
kakehashi
1
230
OCI Network Firewall 概要
oracle4engineer
PRO
0
4.1k
BLADE: An Attempt to Automate Penetration Testing Using Autonomous AI Agents
bbrbbq
0
310
TypeScript、上達の瞬間
sadnessojisan
46
13k
ISUCONに強くなるかもしれない日々の過ごしかた/Findy ISUCON 2024-11-14
fujiwara3
8
870
Evangelismo técnico: ¿qué, cómo y por qué?
trishagee
0
360
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
170
Featured
See All Featured
Automating Front-end Workflow
addyosmani
1366
200k
Thoughts on Productivity
jonyablonski
67
4.3k
Navigating Team Friction
lara
183
14k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
720
Building Applications with DynamoDB
mza
90
6.1k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.5k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
Building a Modern Day E-commerce SEO Strategy
aleyda
38
6.9k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
16
2.1k
Optimizing for Happiness
mojombo
376
70k
Scaling GitHub
holman
458
140k
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you