Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
760
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
160
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
640
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
560
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
470
Other Decks in Technology
See All in Technology
20250116_JAWS_Osaka
takuyay0ne
2
200
商品レコメンドでのexplicit negative feedbackの活用
alpicola
2
360
KMP with Crashlytics
sansantech
PRO
0
240
dbtを中心にして組織のアジリティとガバナンスのトレードオンを考えてみた
gappy50
0
270
【Oracle Cloud ウェビナー】2025年のセキュリティ脅威を読み解く:リスクに備えるためのレジリエンスとデータ保護
oracle4engineer
PRO
1
100
Docker Desktop で Docker を始めよう
zembutsu
PRO
0
170
Goで実践するBFP
hiroyaterui
1
120
いま現場PMのあなたが、 経営と向き合うPMになるために 必要なこと、腹をくくること
hiro93n
9
7.7k
月間60万ユーザーを抱える 個人開発サービス「Walica」の 技術スタック変遷
miyachin
1
140
あなたの知らないクラフトビールの世界
miura55
0
130
My small contributions - Fujiwara Tech Conference 2025
ijin
0
1.4k
embedパッケージを深掘りする / Deep Dive into embed Package in Go
task4233
1
210
Featured
See All Featured
Intergalactic Javascript Robots from Outer Space
tanoku
270
27k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
44
9.4k
Building Better People: How to give real-time feedback that sticks.
wjessup
366
19k
Building Applications with DynamoDB
mza
93
6.2k
Designing on Purpose - Digital PM Summit 2013
jponch
116
7.1k
4 Signs Your Business is Dying
shpigford
182
22k
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.5k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Product Roadmaps are Hard
iamctodd
PRO
50
11k
How STYLIGHT went responsive
nonsquared
96
5.3k
RailsConf 2023
tenderlove
29
970
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
2k
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
takuyay0ne
alpicola
sansantech
gappy50
oracle4engineer
zembutsu
hiroyaterui
hiro93n
miyachin
miura55
ijin
task4233
tanoku
mongodb
wjessup
mza
jponch
shpigford
maggiecrowley
chriscoyier
iamctodd
nonsquared
tenderlove
eileencodes
