Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
600
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
700
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
業務の煩悩を祓うAI活用術108選 / AI 108 Usages
smartbank
9
19k
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1k
re:Invent2025 セッションレポ ~Spec-driven development with Kiro~
nrinetcom
PRO
2
160
Everything As Code
yosuke_ai
0
470
「リリースファースト」の実感を届けるには 〜停滞するチームに変化を起こすアプローチ〜 #RSGT2026
kintotechdev
0
400
テストセンター受験、オンライン受験、どっちなんだい?
yama3133
0
200
善意の活動は、なぜ続かなくなるのか ーふりかえりが"構造を変える判断"になった半年間ー
matsukurou
0
120
Eight Engineering Unit 紹介資料
sansan33
PRO
0
6.1k
Introduction to Sansan for Engineers / エンジニア向け会社紹介
sansan33
PRO
5
58k
AI: The stuff that nobody shows you
jnunemaker
PRO
1
130
自己管理型チームと個人のセルフマネジメント 〜モチベーション編〜
kakehashi
PRO
4
650
Qiita Bash アドカレ LT #1
okaru
0
140
Featured
See All Featured
We Analyzed 250 Million AI Search Results: Here's What I Found
joshbly
0
380
Designing for Performance
lara
610
70k
We Have a Design System, Now What?
morganepeng
54
8k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.3k
Exploring anti-patterns in Rails
aemeredith
2
220
How to Talk to Developers About Accessibility
jct
1
94
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
0
1.8k
ラッコキーワード サービス紹介資料
rakko
0
1.9M
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
170
The Curious Case for Waylosing
cassininazir
0
200
Tips & Tricks on How to Get Your First Job In Tech
honzajavorek
0
400
Scaling GitHub
holman
464
140k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
smartbank
sansan33
nrinetcom
yosuke_ai
kintotechdev
yama3133
matsukurou
jnunemaker
kakehashi
okaru
joshbly
lara
morganepeng
tammyeverts
aemeredith
jct
aleyda
rakko
reverentgeek
cassininazir
honzajavorek
holman
