Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
780
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
190
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
690
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
580
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
490
Other Decks in Technology
See All in Technology
Redux → Recoil → Zustand → useSyncExternalStore: 状態管理の10年とReact本来の姿
zozotech
PRO
6
3.3k
設計は最強のプロンプト - AI時代に武器にすべきスキルとは?-
kenichirokimura
1
350
AI時代におけるドメイン駆動設計 入門 / Introduction to Domain-Driven Design in the AI Era
fendo181
0
670
バグと向き合い、仕組みで防ぐ
____rina____
0
250
ステートレスなLLMでステートフルなAI agentを作る - YAPC::Fukuoka 2025
gfx
2
560
CDKの魔法を少し解いてみる ― synth・build・diffで覗くIaCの裏側 ―
takahumi27
1
140
Copilotの精度を上げる!カスタムプロンプト入門.pdf
ismk
10
3.3k
エンジニアに定年なし! AI時代にキャリアをReboot — 学び続けて未来を創る
junjikoide
0
180
Flutter DevToolsで発見! 本番アプリのパフォーマンス問題と改善の実践
goto_tsl
1
370
Dart and Flutter MCP serverで実現する AI駆動E2Eテスト整備と自動操作
yukisakai1225
0
350
AIエージェントは「使う」だけじゃなくて「作る」時代! 〜最新フレームワークで楽しく開発入門しよう〜
minorun365
11
1.6k
日々のSlackアラート確認運用をCustom Chat Modesで楽にした話 / 日々のSlackアラート確認運用をCustom Chat Modesで楽にした話
imamotohikaru
0
440
Featured
See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
36
6.1k
Music & Morning Musume
bryan
46
6.9k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
118
20k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
9.7k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
54k
A designer walks into a library…
pauljervisheath
210
24k
[RailsConf 2023] Rails as a piece of cake
palkan
57
6k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
zozotech
kenichirokimura
fendo181
____rina____
gfx
takahumi27
ismk
junjikoide
goto_tsl
yukisakai1225
minorun365
imamotohikaru
kevinliebholz
bryan
tanoku
caitiem20
panda_program
eileencodes
sugarenia
malarkey
destraynor
pauljervisheath
palkan
addyosmani
