Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
610
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
210
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
790
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
Phase05_ClaudeCode入門
overflowinc
0
2.4k
Datadog で実現するセキュリティ対策 ~オブザーバビリティとセキュリティを 一緒にやると何がいいのか~
a2ush
0
160
非同期・イベント駆動処理の分散トレーシングの繋げ方
ichikawaken
1
150
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
yahonda
0
130
データマネジメント戦略Night - 4社のリアルを語る会
ktatsuya
1
410
私がよく使うMCPサーバー3選と社内で安全に活用する方法
kintotechdev
0
130
Zephyr(RTOS)でOpenPLCを実装してみた
iotengineer22
0
130
The Rise of Browser Automation: AI-Powered Web Interaction in 2026
marcthompson_seo
0
310
Phase08_クイックウィン実装
overflowinc
0
2k
DMBOKを使ってレバレジーズのデータマネジメントを評価した
leveragestech
0
420
【AWS】CloudTrail LakeとCloudWatch Logs Insightsの使い分け方針
tsurunosd
0
120
タスク管理も1on1も、もう「管理」じゃない - KiroとBedrock AgentCoreで変わった“判断の仕事”
yusukeshimizu
0
110
Featured
See All Featured
Optimizing for Happiness
mojombo
378
71k
Utilizing Notion as your number one productivity tool
mfonobong
4
270
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
64
54k
The Curious Case for Waylosing
cassininazir
0
280
Abbi's Birthday
coloredviolet
2
5.8k
Discover your Explorer Soul
emna__ayadi
2
1.1k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
250
The innovator’s Mindset - Leading Through an Era of Exponential Change - McGill University 2025
jdejongh
PRO
1
140
Documentation Writing (for coders)
carmenintech
77
5.3k
Noah Learner - AI + Me: how we built a GSC Bulk Export data pipeline
techseoconnect
PRO
0
150
Embracing the Ebb and Flow
colly
88
5k
First, design no harm
axbom
PRO
2
1.1k
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
overflowinc
a2ush
ichikawaken
yahonda
.jpg){kind=avatar}
ktatsuya
kintotechdev
iotengineer22
marcthompson_seo
leveragestech
tsurunosd
yusukeshimizu
mojombo
mfonobong
nwiizo
cassininazir
coloredviolet
emna__ayadi
reverentgeek
jdejongh
carmenintech
techseoconnect
colly
axbom
