Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
790
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
210
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
610
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
FlutterでPiP再生を実装した話
s9a17
0
210
FastMCP OAuth Proxy with Cognito
hironobuiga
3
210
Kubernetesの「隠れメモリ消費」によるNode共倒れと、Request適正化という処方箋
g0xu
0
140
Phase12_総括_自走化
overflowinc
0
1.7k
ハーネスエンジニアリング×AI適応開発
aictokamiya
1
340
タスク管理も1on1も、もう「管理」じゃない - KiroとBedrock AgentCoreで変わった“判断の仕事”
yusukeshimizu
0
110
Kiro Meetup #7 Kiro アップデート (2025/12/15〜2026/3/20)
katzueno
2
260
Laravelで学ぶOAuthとOpenID Connectの基礎と実装
kyoshidaxx
4
1.9k
Phase10_組織浸透_データ活用
overflowinc
0
1.8k
Zephyr(RTOS)でOpenPLCを実装してみた
iotengineer22
0
130
LLMに何を任せ、何を任せないか
cap120
10
5.9k
Amazon Qはアマコネで頑張っています〜 Amazon Q in Connectについて〜
yama3133
1
150
Featured
See All Featured
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
10k
Principles of Awesome APIs and How to Build Them.
keavy
128
17k
The untapped power of vector embeddings
frankvandijk
2
1.6k
Mozcon NYC 2025: Stop Losing SEO Traffic
samtorres
0
190
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
130
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1.1k
[SF Ruby Conf 2025] Rails X
palkan
2
860
Odyssey Design
rkendrick25
PRO
2
560
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
270
GraphQLの誤解/rethinking-graphql
sonatard
75
12k
Art, The Web, and Tiny UX
lynnandtonic
304
21k
Statistics for Hackers
jakevdp
799
230k
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
s9a17
hironobuiga
g0xu
overflowinc
aictokamiya
yusukeshimizu
katzueno
kyoshidaxx
iotengineer22
cap120
yama3133
eileencodes
keavy
frankvandijk
samtorres
techseoconnect
tammyeverts
palkan
rkendrick25
baasie
sonatard
lynnandtonic
jakevdp
