Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
800
2
Share
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
230
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
620
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
510
Other Decks in Technology
See All in Technology
Javaで学ぶSOLID原則
negima
1
240
エンジニアは生成AIと どのように向き合うべきか? ことばの意味という観点から
verypluming
3
290
Claude Codeを組織で使いこなす— サーバサイドAIエージェント運用の実践知
techtekt
PRO
0
130
A Harness for Behaviour: how to get AI to generate code that does what we intend, or "TDD in the age of AI"
xpmatteo
1
520
CloudFront VPCオリジンとVPC Latticeサービスの内部ALBをマルチアカウントで一元利用しよう
duelist2020jp
5
260
Agentic Design Patterns
glaforge
0
290
AI駆動開発でなんでもハンズオン環境をつくってみた
yoshimi0227
0
180
GitHub Copilot のこれまでとこれから: From Copilot to Collaborative Agents
yuriemori
1
230
ルールやカスタム機能、どう使う?理想の出力を引き出すために今知りたいIBM Bob 5つの機能
muehara
0
150
プラットフォームエンジニア ワークショップ/ platform-workshop
databricksjapan
0
140
Agentic AI時代における メルカリのAIガバナンスとガードレール実装
naoichihara
16
17k
大規模災害時でも高い信頼性を維持するアプリケーション基盤の実現/nikkei-tech-talk46
nikkei_engineer_recruiting
0
120
Featured
See All Featured
Are puppies a ranking factor?
jonoalderson
1
3.4k
Optimising Largest Contentful Paint
csswizardry
37
3.7k
Build The Right Thing And Hit Your Dates
maggiecrowley
39
3.2k
Ten Tips & Tricks for a 🌱 transition
stuffmc
0
120
The Invisible Side of Design
smashingmag
302
52k
Embracing the Ebb and Flow
colly
88
5.1k
Building Applications with DynamoDB
mza
96
7.1k
AI: The stuff that nobody shows you
jnunemaker
PRO
7
670
Heart Work Chapter 1 - Part 1
lfama
PRO
7
36k
The Spectacular Lies of Maps
axbom
PRO
1
770
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
220
Into the Great Unknown - MozCon
thekraken
41
2.5k
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
negima
verypluming
techtekt
xpmatteo
duelist2020jp
glaforge
yoshimi0227
yuriemori
muehara
databricksjapan
naoichihara
nikkei_engineer_recruiting
jonoalderson
csswizardry
maggiecrowley
stuffmc
smashingmag
colly
mza
jnunemaker
lfama
axbom
pwiseman
thekraken
