Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
770
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
180
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
670
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
580
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
480
Other Decks in Technology
See All in Technology
【TiDB GAME DAY 2025】Shadowverse: Worlds Beyond にみる TiDB 活用術
cygames
0
1k
“社内”だけで完結していた私が、AWS Community Builder になるまで
nagisa53
1
350
OpenHands🤲にContributeしてみた
kotauchisunsun
1
410
AWS テクニカルサポートとエンドカスタマーの中間地点から見えるより良いサポートの活用方法
kazzpapa3
2
500
ひとり情シスなCTOがLLMと始めるオペレーション最適化 / CTO's LLM-Powered Ops
yamitzky
0
420
エンジニア向け技術スタック情報
kauche
1
250
2年でここまで成長!AWSで育てたAI Slack botの軌跡
iwamot
PRO
4
650
rubygem開発で鍛える設計力
joker1007
2
190
登壇ネタの見つけ方 / How to find talk topics
pinkumohikan
3
350
Understanding_Thread_Tuning_for_Inference_Servers_of_Deep_Models.pdf
lycorptech_jp
PRO
0
110
VCpp Link and Library - C++ breaktime 2025 Summer
harukasao
0
240
米国国防総省のDevSecOpsライフサイクルをAWSのセキュリティサービスとOSSで実現
syoshie
2
1k
Featured
See All Featured
Building Applications with DynamoDB
mza
95
6.5k
Navigating Team Friction
lara
187
15k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
124
52k
The Language of Interfaces
destraynor
158
25k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3k
VelocityConf: Rendering Performance Case Studies
addyosmani
330
24k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
Rails Girls Zürich Keynote
gr2m
94
14k
Mobile First: as difficult as doing things right
swwweet
223
9.7k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
657
60k
Designing Experiences People Love
moore
142
24k
Measuring & Analyzing Core Web Vitals
bluesmoon
7
490
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
cygames
nagisa53
kotauchisunsun
kazzpapa3
yamitzky
kauche
iwamot
joker1007
pinkumohikan
lycorptech_jp
harukasao
syoshie
mza
lara
aki_iinuma
destraynor
rmw
addyosmani
lauravandoore
gr2m
swwweet
lemiorhan
moore
bluesmoon
