Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
760
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
160
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
650
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
560
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
470
Other Decks in Technology
See All in Technology
目の前の仕事と向き合うことで成長できる - 仕事とスキルを広げる / Every little bit counts
soudai
24
7.2k
PHPカンファレンス名古屋-テックリードの経験から学んだ設計の教訓
hayatokudou
2
310
君も受託系GISエンジニアにならないか
sudataka
2
430
Platform Engineeringは自由のめまい
nwiizo
4
2.1k
現場の種を事業の芽にする - エンジニア主導のイノベーションを事業戦略に装着する方法 -
kzkmaeda
2
2.1k
自動テストの世界に、この5年間で起きたこと
autifyhq
10
8.5k
アジャイル開発とスクラム
araihara
0
170
30分でわかる『アジャイルデータモデリング』
hanon52_
9
2.7k
データマネジメントのトレードオフに立ち向かう
ikkimiyazaki
6
980
急成長する企業で作った、エンジニアが輝ける制度/ 20250214 Rinto Ikenoue
shift_evolve
3
1.3k
Moved to https://speakerdeck.com/toshihue/presales-engineer-career-bridging-tech-biz-ja
toshihue
2
740
表現を育てる
kiyou77
1
210
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
511
110k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
550
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
12
960
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
4
410
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.1k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.3k
Practical Orchestrator
shlominoach
186
10k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
30
4.6k
Gamification - CAS2011
davidbonilla
80
5.1k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.3k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.4k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
7
630
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
soudai
hayatokudou
sudataka
nwiizo
kzkmaeda
autifyhq
araihara
hanon52_
ikkimiyazaki
shift_evolve
toshihue
kiyou77
addyosmani
irinanazarova
honnibal
tammyeverts
thoeni
eileencodes
shlominoach
kevinliebholz
davidbonilla
productmarketing
danielanewman
