Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Bug Hunter’s Recon Methodology
Search
Tushar Verma
August 08, 2021
Technology
800
2
Share
The Bug Hunter’s Recon Methodology
Tushar Verma
August 08, 2021
More Decks by Tushar Verma
See All by Tushar Verma
The Power of Recon_ Leveraging Recon for Easy $$$$
e11i0t_4lders0n
0
220
AWS Cloud Forensics & Incident Response
e11i0t_4lders0n
1
720
Hacking OAuth Applications
e11i0t_4lders0n
1
2.1k
Exploiting SSRF like a Boss
e11i0t_4lders0n
2
1.1k
How to Fail at Bug Bounty Hunting
e11i0t_4lders0n
1
1.7k
METHODOLOGIES AND APPROACH TO START BUG BOUNTY HUNTING
e11i0t_4lders0n
0
610
Bypassing 2FA Misconfiguration
e11i0t_4lders0n
1
2.4k
How to get started in bug bounty
e11i0t_4lders0n
1
510
Other Decks in Technology
See All in Technology
Building a Study Buddy AI Agent from Scratch: From Passive Chatbots to Autonomous Systems
itchimonji
0
140
「QA=テスト」「シフトレフト=スクラムイベントの参加者の一員」の呪縛を解く。アジャイルな開発を止めないために、10Xで挑んだ「右側のしわ寄せ」解消記 #scrumniigata
nihonbuson
PRO
3
930
Agent の「自由」と「安全」〜未来に向けて今できること〜
katayan
0
350
Oracle Exadata Database Service on Cloud@Customer X11M (ExaDB-C@C) サービス概要
oracle4engineer
PRO
2
8k
AI駆動開発で生産性を追いかけたら、行き着いたのは品質とシフトレフトだった
littlehands
0
460
ServiceによるKubernetes通信制御ーClusterIPを例に
miku01
1
160
CyberAgent YJC Connect
shimaf4979
1
170
Oracle Cloud Infrastructure:2026年4月度サービス・アップデート
oracle4engineer
PRO
0
380
AI 時代の Platform Engineering
recruitengineers
PRO
1
110
Digital Independence: Why, When and How
wannesrams
0
300
知ってた?JavaScriptの"正しさ"を検証するテストが5万以上もあること(Test262)
riyaamemiya
1
160
(きっとたぶん)人材育成や教育のような何かの話
sejima
0
660
Featured
See All Featured
The #1 spot is gone: here's how to win anyway
tamaranovitovic
2
1k
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
61
43k
Rebuilding a faster, lazier Slack
samanthasiow
85
9.5k
Utilizing Notion as your number one productivity tool
mfonobong
4
300
Chasing Engaging Ingredients in Design
codingconduct
0
180
Paper Plane
katiecoart
PRO
1
49k
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
2k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.7k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
180
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
WENDY [Excerpt]
tessaabrams
10
37k
Collaborative Software Design: How to facilitate domain modelling decisions
baasie
1
210
Transcript
The Bug Hunter’s Recon Methodology By: Tushar Verma
Whoami Application Security Engineer Synack Red Team Member Bug Bounty
Hunter Infosec Trainer & Speaker
Agenda Scope Review for any program Before Recon After Recon
Scope- based Recon Basic Methodolog y Tools and Automation frameworks
Scope review for any program • Assets • No of
reports resolved • Payout • Time to triage and Time to Bounty
Before Recon • Company name • Available scope • Overview
about the company business • Information from program page related to security purposes
After recon • Service info • Backend technology used •
Interesting Endpoints • Juicy links which may be vulnerable • More and more
Scope based recon • Small Scope Target-Single URL like domain
and subdomain(Ex. evil.com , info.evil.com • Medium Scope Target-Lists of subdomains(Ex. *.evil.com) • Large Scope Target-All website related to company is in scope
Basic Methodology Target : *.evil.com
Tools and Automation Framework ReconF TW Project Bheem Osmed eus
Get in touch at • Twitter: @e11i0t_4lders0n • LinkedIn: /in/tushars25
• Instagram: @e11i0t_4lders0n__ • Email:
[email protected]
Thank you
e11i0t_4lders0n
itchimonji
nihonbuson
katayan
oracle4engineer
littlehands
miku01
shimaf4979
recruitengineers
wannesrams
riyaamemiya
sejima
tamaranovitovic
rkaga
samanthasiow
mfonobong
codingconduct
katiecoart
aleyda
philnash
sabderemane
malarkey
tessaabrams
baasie
