Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Tushar Verma
July 25, 2021
Technology
620
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
230
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
800
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
510
Other Decks in Technology
See All in Technology
SONiC Scale-Up Working Group から探る Scale-UpやUltraEthernet機能の実装方法
ebiken
PRO
2
380
フィジカル版Github Onshapeの紹介
shiba_8ro
0
290
機械学習を「社会実装」するということ 2026年夏版 / Social Implementation of Machine Learning June 2026 Version
moepy_stats
6
2.5k
Kiroで書いた 設計書 が AI レビューの 採点基準 になる
ezaki
0
120
Kubernetesにおける学習基盤とLLMOpsの概要
ry
1
320
自宅LLMの話
jacopen
1
610
FinOps × AIエージェントで実現する コストインシデントの自動調査
oasis1994liveforever
0
150
人材育成分科会.pdf
_awache
4
290
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
2k
現地で盛り上がった WWDC26 Keynote
zozotech
PRO
1
260
手塩にかけりゃいいってもんじゃない
ming_ayami
0
600
新しいUbuntu/GNOMEが使いたいからXからWaylandへ移行頑張ってるの巻 2026-06-20
nobutomurata
0
140
Featured
See All Featured
Reflections from 52 weeks, 52 projects
jeffersonlam
356
21k
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
1.1k
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
270
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.8k
Java REST API Framework Comparison - PWX 2021
mraible
34
9.4k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
56k
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
200
[SF Ruby Conf 2025] Rails X
palkan
2
1.1k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
410
Accessibility Awareness
sabderemane
1
140
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.4k
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
4k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
ebiken
shiba_8ro
moepy_stats
ezaki
ry
jacopen
oasis1994liveforever
_awache
oracle4engineer
zozotech
ming_ayami
nobutomurata
jeffersonlam
aleyda
techseoconnect
zakiyama
mraible
aki_iinuma
tmiket
palkan
inesmontani
sabderemane
tammyeverts
raygrieselhuber
