The Bug Hunter’s Recon Methodology

August 08, 2021

790

The Bug Hunter’s Recon Methodology

Tushar Verma

August 08, 2021

Tweet

More Decks by Tushar Verma

See All by Tushar Verma

The Power of Recon_ Leveraging Recon for Easy $$$$

e11i0t_4lders0n

0

200

AWS Cloud Forensics & Incident Response

e11i0t_4lders0n

1

700

Hacking OAuth Applications

e11i0t_4lders0n

1

2.1k

Exploiting SSRF like a Boss

e11i0t_4lders0n

2

1.1k

How to Fail at Bug Bounty Hunting

e11i0t_4lders0n

1

1.7k

METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING

e11i0t_4lders0n

0

600

Bypassing 2FA Misconfiguration

e11i0t_4lders0n

1

2.3k

How to get started in bug bounty

e11i0t_4lders0n

1

500

Other Decks in Technology

See All in Technology

Agentic AIが変革するAWSの開発・運用・セキュリティ～Frontier Agentsを試してみた～ / Agentic AI transforms AWS development, operations, and security I tried Frontier Agents

0

170

「リリースファースト」の実感を届けるには〜停滞するチームに変化を起こすアプローチ〜 #RSGT2026

0

310

DATA SUMMIT 2025 生成 AI 時代におけるデータ分析基盤の在り方：オンプレミスからのクラウド移行とモダンデータスタックの実現

0

100

アラフォーおじさん、はじめてre:Inventに行く / A 40-Something Guy’s First re:Invent Adventure

0

210

会社紹介資料 / Sansan Company Profile

PRO

11

390k

あの夜、私たちは「人間」に戻った。 ── 災害ユートピア、贈与、そしてアジャイルの再構築 / 20260108 Hiromitsu Akiba

PRO

0

220

Strands Agents × インタリーブ思考で変わるAIエージェント設計 / Strands Agents x Interleaved Thinking AI Agents

6

2.5k

戰略轉變：從建構 AI 代理人到發展可擴展的技能生態系統

0

170

スクラムマスターが スクラムチームに入って取り組む5つのこと - スクラムガイドには書いてないけど入った当初から取り組んでおきたい大切なこと -

0

470

人工知能のための哲学塾ニューロフィロソフィ篇第零夜「ニューロフィロソフィとは何か？」

0

230

"人"が頑張るAI駆動開発

1

670

通勤手当申請チェックエージェント開発のリアル

3

640

Featured

See All Featured

brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC

2

74

Primal Persuasion: How to Engage the Brain for Learning That Lasts

0

200

Tips & Tricks on How to Get Your First Job In Tech

0

400

Faster Mobile Websites

310

31k

Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS

0

180

Measuring Dark Social's Impact On Conversion and Attribution

1

99

Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf

0

410

DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所

PRO

61

47k

What's in a price? How to price your products and services

246

13k

How To Speak Unicorn (iThemes Webinar)

1

360

Save Time (by Creating Custom Rails Generators)

PRO

32

1.9k

Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]

10

770

Transcript

The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email: [email protected]
Thank you