Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
800
2
Share
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
220
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
610
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
510
Other Decks in Technology
See All in Technology
20260507-ACL-seminar
satoshi5884
0
110
React 19×Rustツール 進化の「ズレ」を設計で埋める
remrem0090
1
110
Every Conversation Counts
kawaguti
PRO
0
210
Vision Banana: Image Generators are Generalist Vision Learners
kzykmyzw
0
360
AI時代に、 データアナリストがデータエンジニアに異動して
jackojacko_
0
730
会社説明資料|株式会社ギークプラス ソフトウェア事業部
geekplus_tech
0
220
知ってた?JavaScriptの"正しさ"を検証するテストが5万以上もあること(Test262)
riyaamemiya
1
190
クラウドネイティブ DB はいかにして制約を 克服したか? 〜進化歴史から紐解く、スケーラブルアーキテクチャ設計指針〜
hacomono
PRO
6
910
エンタープライズの厳格な制約を開発者に意識させない:クラウドネイティブ開発基盤設計/cloudnative-kaigi-golden-path
mhrtech
0
400
小さいVue.jsを30分で作る
hal_spidernight
0
150
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
1.6k
Oracle Cloud Infrastructure presents managed, serverless MCP Servers for Oracle AI Database
thatjeffsmith
0
230
Featured
See All Featured
The Cost Of JavaScript in 2023
addyosmani
55
9.9k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
180
Unsuck your backbone
ammeep
672
58k
The Curse of the Amulet
leimatthew05
1
12k
Deep Space Network (abreviated)
tonyrice
0
130
Building Adaptive Systems
keathley
44
3k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
3k
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.4k
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
230
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
530
Agile Leadership in an Agile Organization
kimpetersen
PRO
0
150
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
satoshi5884
remrem0090
kawaguti
kzykmyzw
jackojacko_
geekplus_tech
riyaamemiya
hacomono
mhrtech
hal_spidernight
oracle4engineer
thatjeffsmith
addyosmani
.png){kind=avatar}
helenjbeal
ammeep
leimatthew05
tonyrice
keathley
garrettdimon
ipullrank
iamctodd
cassininazir
reverentgeek
kimpetersen
