$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
790
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
200
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
700
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
600
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
500
Other Decks in Technology
See All in Technology
M&Aで拡大し続けるGENDAのデータ活用を促すためのDatabricks権限管理 / AEON TECH HUB #22
genda
0
230
Knowledge Work の AI Backend
kworkdev
PRO
0
200
Strands Agents × インタリーブ思考 で変わるAIエージェント設計 / Strands Agents x Interleaved Thinking AI Agents
takanorig
4
1.9k
【開発を止めるな】機能追加と並行して進めるアーキテクチャ改善/Keep Shipping: Architecture Improvements Without Pausing Dev
bitkey
PRO
1
120
半年で、AIゼロ知識から AI中心開発組織の変革担当に至るまで
rfdnxbro
0
140
Oracle Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
1
400
モダンデータスタックの理想と現実の間で~1.3億人Vポイントデータ基盤の現在地とこれから~
taromatsui_cccmkhd
2
260
[2025-12-12]あの日僕が見た胡蝶の夢 〜人の夢は終わらねェ AIによるパフォーマンスチューニングのすゝめ〜
tosite
0
170
New Relic 1 年生の振り返りと Cloud Cost Intelligence について #NRUG
play_inc
0
220
Amazon Connect アップデート! AIエージェントにMCPツールを設定してみた!
ysuzuki
0
130
Snowflake導入から1年、LayerXのデータ活用の現在 / One Year into Snowflake: How LayerX Uses Data Today
civitaspo
0
2.3k
20251222_サンフランシスコサバイバル術
ponponmikankan
2
140
Featured
See All Featured
Building the Perfect Custom Keyboard
takai
1
660
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
0
100
Automating Front-end Workflow
addyosmani
1371
200k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
What Being in a Rock Band Can Teach Us About Real World SEO
427marketing
0
150
Documentation Writing (for coders)
carmenintech
77
5.2k
[RailsConf 2023] Rails as a piece of cake
palkan
58
6.2k
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
120
How Software Deployment tools have changed in the past 20 years
geshan
0
30k
Odyssey Design
rkendrick25
PRO
0
430
Music & Morning Musume
bryan
46
7k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
190
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
genda
kworkdev
takanorig
bitkey
rfdnxbro
oracle4engineer
taromatsui_cccmkhd
tosite
play_inc
ysuzuki
civitaspo
ponponmikankan
takai
uxyall
addyosmani
keavy
427marketing
carmenintech
palkan
apolaine
geshan
rkendrick25
bryan
greggifford
