Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
2
760
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
Tweet
Share
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
160
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
650
Hacking OAuth Applications
e11i0t_4lders0n
1
2k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
560
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.3k
How to get started in bug bounty
e11i0t_4lders0n
1
470
Other Decks in Technology
See All in Technology
OSS構成管理ツールCMDBuildを使ったAWSリソース管理の自動化
satorufunai
0
640
ディスプレイ広告(Yahoo!広告・LINE広告)におけるバックエンド開発
lycorptech_jp
PRO
0
340
Raycast AI APIを使ってちょっと便利な拡張機能を作ってみた / created-a-handy-extension-using-the-raycast-ai-api
kawamataryo
0
210
偏光画像処理ライブラリを作った話
elerac
1
170
AWSを活用したIoTにおけるセキュリティ対策のご紹介
kwskyk
0
340
ABWG2024採択者が語るエンジニアとしての自分自身の見つけ方〜発信して、つながって、世界を広げていく〜
maimyyym
1
130
AI Agent時代なのでAWSのLLMs.txtが欲しい!
watany
2
220
脳波を用いた嗜好マッチングシステム
hokkey621
0
280
クラウド関連のインシデントケースを収集して見えてきたもの
lhazy
2
290
"TEAM"を導入したら最高のエンジニア"Team"を実現できた / Deploying "TEAM" and Building the Best Engineering "Team"
yuj1osm
1
130
クラウドサービス事業者におけるOSS
tagomoris
4
1k
Two Blades, One Journey: Engineering While Managing
ohbarye
4
1.9k
Featured
See All Featured
GraphQLの誤解/rethinking-graphql
sonatard
68
10k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.7k
A designer walks into a library…
pauljervisheath
205
24k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
Making Projects Easy
brettharned
116
6k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
366
25k
Gamification - CAS2011
davidbonilla
80
5.2k
Making the Leap to Tech Lead
cromwellryan
133
9.1k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.5k
Adopting Sorbet at Scale
ufuk
74
9.2k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
GitHub's CSS Performance
jonrohan
1030
460k
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you