Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Tushar Verma
August 08, 2021
Technology
2
790
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
210
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
610
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
DDD×仕様駆動で回す高品質開発のプロセス設計
littlehands
6
2.6k
ハーネスエンジニアリング×AI適応開発
aictokamiya
1
320
【社内勉強会】新年度からコーディングエージェントを使いこなす - 構造と制約で引き出すClaude Codeの実践知
nwiizo
26
13k
脳が溶けた話 / Melted Brain
keisuke69
1
1.1k
Navigation APIと見るSvelteKitのWeb標準志向
yamanoku
2
120
How to install a gem
indirect
0
1.7k
Kiro Meetup #7 Kiro アップデート (2025/12/15〜2026/3/20)
katzueno
2
260
開発チームとQAエンジニアの新しい協業モデル -年末調整開発チームで実践する【QAリード施策】-
kaomi_wombat
0
250
Sansanの認証基盤を支えるアーキテクチャとその振り返り
sansantech
PRO
1
110
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
yahonda
0
130
RGBに陥らないために -プロダクトの価値を届けるまで-
righttouch
PRO
0
120
Phase06_ClaudeCode実践
overflowinc
0
2.2k
Featured
See All Featured
A Soul's Torment
seathinner
5
2.5k
Deep Space Network (abreviated)
tonyrice
0
96
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.4k
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
230
Paper Plane (Part 1)
katiecoart
PRO
0
6k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
290
4 Signs Your Business is Dying
shpigford
187
22k
Visualization
eitanlees
150
17k
Between Models and Reality
mayunak
2
240
The Mindset for Success: Future Career Progression
greggifford
PRO
0
290
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
1.9k
Building Applications with DynamoDB
mza
96
7k
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
littlehands
aictokamiya
nwiizo
keisuke69
yamanoku
indirect
katzueno
kaomi_wombat
sansantech
yahonda
righttouch
overflowinc
seathinner
tonyrice
marcduiker
techseoconnect
katiecoart
inesmontani
shpigford
eitanlees
mayunak
greggifford
aleyda
mza
