Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
METHODOLOGIES AND APPROACH TO START BUG BOUNTY ...
Search
Tushar Verma
July 25, 2021
Technology
0
580
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
Tushar Verma
July 25, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
180
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
680
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
The Bug Hunter’s Recon Methodology
e11i0t_4lders0n
2
770
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
490
Other Decks in Technology
See All in Technology
kaigi_on_rails_2025_設計.pdf
nay3
8
4.1k
【新卒研修資料】LLM・生成AI研修 / Large Language Model・Generative AI
brainpadpr
21
14k
PythonとLLMで挑む、 4コマ漫画の構造化データ化
esuji5
0
120
Pythonによる契約プログラミング入門 / PyCon JP 2025
7pairs
4
2.2k
Sidekiq その前に:Webアプリケーションにおける非同期ジョブ設計原則
morihirok
17
6.3k
Railsアプリケーション開発者のためのブックガイド
takahashim
12
5.2k
非エンジニアのあなたもできる&もうやってる!コンテキストエンジニアリング
findy_eventslides
3
850
OpenAI gpt-oss ファインチューニング入門
kmotohas
1
590
AWSのProductのLifecycleについて
stknohg
PRO
0
300
バイブコーディングと継続的デプロイメント
nwiizo
2
360
Green Tea Garbage Collector の今
zchee
PRO
2
360
BtoBプロダクト開発の深層
16bitidol
0
140
Featured
See All Featured
Building an army of robots
kneath
306
46k
The Straight Up "How To Draw Better" Workshop
denniskardys
237
140k
Designing Experiences People Love
moore
142
24k
The Cost Of JavaScript in 2023
addyosmani
53
9k
Navigating Team Friction
lara
189
15k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
657
61k
Building Adaptive Systems
keathley
43
2.8k
Stop Working from a Prison Cell
hatefulcrawdad
271
21k
YesSQL, Process and Tooling at Scale
rocio
173
14k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.2k
It's Worth the Effort
3n
187
28k
Balancing Empowerment & Direction
lara
4
670
Transcript
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING By: Tushar
Verma
WHOAMI Application Security Engineer Synack Red Team Member Bug Bounty
Hunter
AGENDA What is Bug Bounty Hunting Bug Bounty Platform Scope
Review and Target Selection Recon Methodologies Manual Testing Approach
WHAT IS BUG BOUNTY HUNTING
Bug Bounty Platform Bugcrowd Hackerone Intigriti YesWeHack HackenProof Cesspa Synack
Private Programs
Scope Review and Target Selection Check the Description and Focus
Area Check the In-Scope and Out-scope of the target Check the average response time Check the pay-out and How many vulnerabilities reported
Recon Methodologies Small Scope Recon – Specific sets of single
URLs Medium Scope Recon - Specific set of “*.target.com” Large Scope Recon – Everything in Scope
Automating Recon Project Bheem ReconFTW Osmedeus
MANUAL TESTING APPROACH
GET IN TOUCH AT ◦ Twitter: @e11i0t_4lders0n ◦ LinkedIn: /in/tushars25
◦ Instagram: @e11i0t_4lders0n__ ◦ Email:
[email protected]
e11i0t_4lders0n
nay3
brainpadpr
esuji5
7pairs
morihirok
takahashim
findy_eventslides
kmotohas
stknohg
nwiizo
zchee
16bitidol
kneath
denniskardys
moore
addyosmani
lara
lemiorhan
keathley
hatefulcrawdad
rocio
zakiyama
3n
