Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
590
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
690
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
490
Other Decks in Technology
See All in Technology
タグ付きユニオン型を便利に使うテクニックとその注意点
uhyo
2
620
日本Rubyの会の構造と実行とあと何か / hokurikurk01
takahashim
2
400
ECMAScript仕様の最新動向: プロセスの変化と仕様のトレンド
uhyo
2
490
pmconf2025 - データを活用し「価値」へ繋げる
glorypulse
0
440
Design System Documentation Tooling 2025
takanorip
1
930
MS Ignite 2025で発表されたFoundry IQをRecap
satodayo
3
230
Agents IA : la nouvelle frontière des LLMs (Tech.Rocks Summit 2025)
glaforge
0
380
32のキーワードで学ぶ はじめての耐量子暗号(PQC) / Getting Started with Post-Quantum Cryptography in 32 keywords
quiver
0
200
なぜフロントエンド技術を追うのか?なぜカンファレンスに参加するのか?
sakito
9
1.9k
Security Diaries of an Open Source IAM
ahus1
0
110
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
3.3k
eBPFとwaruiBPF
sat
PRO
2
930
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
514
110k
Why You Should Never Use an ORM
jnunemaker
PRO
60
9.6k
Java REST API Framework Comparison - PWX 2021
mraible
34
9k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
690
How to Think Like a Performance Engineer
csswizardry
28
2.3k
It's Worth the Effort
3n
187
29k
Automating Front-end Workflow
addyosmani
1371
200k
Learning to Love Humans: Emotional Interface Design
aarron
274
41k
Keith and Marios Guide to Fast Websites
keithpitt
413
23k
Rails Girls Zürich Keynote
gr2m
95
14k
What's in a price? How to price your products and services
michaelherold
246
12k
Making the Leap to Tech Lead
cromwellryan
135
9.6k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
uhyo
takahashim
glorypulse
takanorip
satodayo
glaforge
quiver
sakito
ahus1
sansan33
sat
addyosmani
jnunemaker
mraible
bluesmoon
csswizardry
3n
aarron
keithpitt
gr2m
michaelherold
cromwellryan
