Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
600
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
210
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
710
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
JAWS DAYS 2026 CDP道場 事前説明会 / JAWS DAYS 2026 CDP Dojo briefing document
naospon
0
120
Agentic Software Modernization - Back to the Roots (Zürich Agentic Coding and Architectures, März 2026)
feststelltaste
1
140
生成AIの利用とセキュリティ /gen-ai-and-security
mizutani
0
910
Windows ネットワークを再確認する
murachiakira
PRO
0
260
LINEアプリ開発のための Claude Code活用基盤の構築
lycorptech_jp
PRO
2
1.3k
WBCの解説は生成AIにやらせよう - 生成AIで野球解説者AI Agentを実現する / Baseball Commentator AI Agent for Gemini
shinyorke
PRO
1
330
Digitization部 紹介資料
sansan33
PRO
1
7k
Snowflake Night #2 LT
taromatsui_cccmkhd
0
320
Webアクセシビリティ技術と実装の実際
tomokusaba
0
210
Bill One 開発エンジニア 紹介資料
sansan33
PRO
5
18k
Eight Engineering Unit 紹介資料
sansan33
PRO
1
6.9k
AI Coding Agentの地殻変動 ~ ai-coding.info の定点観測 ~
kotauchisunsun
1
510
Featured
See All Featured
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
3.7k
Skip the Path - Find Your Career Trail
mkilby
1
72
RailsConf 2023
tenderlove
30
1.4k
The agentic SEO stack - context over prompts
schlessera
0
680
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
8k
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
430
The AI Search Optimization Roadmap by Aleyda Solis
aleyda
1
5.4k
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
460
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
130
Fireside Chat
paigeccino
42
3.8k
Large-scale JavaScript Application Architecture
addyosmani
515
110k
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
200
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
naospon
feststelltaste
mizutani
murachiakira
lycorptech_jp
shinyorke
sansan33
taromatsui_cccmkhd
tomokusaba
kotauchisunsun
raygrieselhuber
mkilby
tenderlove
schlessera
eileencodes
marktimemedia
aleyda
reverentgeek
jacobtomlinson
paigeccino
addyosmani
davetheseo
