Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
600
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
700
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
Scrum Guide Expansion Pack が示す現代プロダクト開発への補完的視点
sonjin
0
300
田舎で20年スクラム(後編):一個人が企業で長期戦アジャイルに挑む意味
chinmo
1
930
Redshift認可、アップデートでどう変わった?
handy
1
120
「アウトプット脳からユーザー価値脳へ」がそんなに簡単にできたら苦労しない #RSGT2026
aki_iinuma
6
3.3k
Cloud WAN MCP Serverから考える新しいネットワーク運用 / 20251228 Masaki Okuda
shift_evolve
PRO
0
130
2025-12-27 Claude CodeでPRレビュー対応を効率化する@機械学習社会実装勉強会第54回
nakamasato
4
1.4k
プロンプトエンジニアリングを超えて:自由と統制のあいだでつくる Platform × Context Engineering
yuriemori
0
140
わが10年の叡智をぶつけたカオスなクラウドインフラが、なくなるということ。
sogaoh
PRO
1
170
Digitization部 紹介資料
sansan33
PRO
1
6.4k
なぜ あなたはそんなに re:Invent に行くのか?
miu_crescent
PRO
0
250
スクラムを一度諦めたチームにアジャイルコーチが入ってどう変化したか
kyamashiro73
0
130
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
3.6k
Featured
See All Featured
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
livdayseo
0
38
Chasing Engaging Ingredients in Design
codingconduct
0
93
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
140
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
72
SEO for Brand Visibility & Recognition
aleyda
0
4.1k
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.3k
Reality Check: Gamification 10 Years Later
codingconduct
0
2k
Building a Modern Day E-commerce SEO Strategy
aleyda
45
8.5k
[RailsConf 2023] Rails as a piece of cake
palkan
58
6.2k
Producing Creativity
orderedlist
PRO
348
40k
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
250
Navigating Team Friction
lara
191
16k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
sonjin
chinmo
handy
aki_iinuma
shift_evolve
nakamasato
yuriemori
sogaoh
sansan33
miu_crescent
kyamashiro73
livdayseo
codingconduct
frankvandijk
tmiket
aleyda
ipullrank
palkan
orderedlist
mfonobong
lara
