Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OSINT For Bugbounty And Easy $$$

Pj borah
September 08, 2021

OSINT For Bugbounty And Easy $$$

How i Got All employee details

Pj borah

September 08, 2021
Tweet

More Decks by Pj borah

Other Decks in Technology

Transcript

  1. Why OSINT Open-source intelligence is a multi-factor methodology for collecting,

    analyzing and making decisions about data accessible in publicly available sources to be used in an intelligence context. I Love Because discovering unknown assets I Love most censys.io
  2. I do Part time Bugbounty Hunting And mostly i do

    recon using search engine Eg: shodan, censys which Gives lot's of info And My $$$$$ Lets Start Bugbounty and censys And $$$$ censys
  3. Navigate to censys.io As we see we have option lookup

    Host info or Certificates info by IP, Domain Name , CIDR etc. This discover, monitor, and analyze Our target info But How it work? How this help us to find your Critical Bug
  4. How to Lookup Host Info Lookup Host details using domain

    name Lookup Certificate Details Belongs to target eg: facebook.com
  5. Navigate to censys.io I was Testing on Private Program And

    where i found All 500+ employee data From Misconfigure This discover, monitor, and analyze Our target info But How it work? How this help us to find your Critical Bug
  6. Always Look for unique port in my case i found

    5001 come to know through One IP Which is AWS and deploying TableAir.AdminFlow And What They replied to me And Issue is resolved within 2 days .