Target Approaching Tactics - Know How V2

Transcript

1. TARGET APPROACHING TACTICS By Prajit Sindhkar

2. WHO AM I ? Currently in 3rd Year pursuing BE

   degree in computer science from ITM SLS Baroda University Prajit Sindhkar Working as Cybersecurity & Red Team Intern at Cybersapiens United LLP From Vadodara, Gujarat Co-Founder & Bug Bounty Leader of the BUG XS Community

3. What is a Target? Depends on which pentesting you are

   doing, for web app pentesting, a web application will be your target.

4. BASIC APPROACHING 1. Recon on the Scope. 2. Trying to

   find exploits for possible vulnerabilities found during recon and reporting it. (For eg sensitive data exposure or open ports) 3. Low hanger bugs (For eg No Rate Limiting, Failure to Invalidate session, Weal Reset Password) 4. Technology/Service Bugs (For eg Jira Vulnerabilities) 5. Authentication & Session Management Bugs. 6. From the urls & params gathered in recon, try bugs like Reflected XSS, Open Redirection, etc param based bugs. 7. Hunt for Stored XSS, SSRF, Command Injection kind of bugs which require manual testing. 8. Business Logic Bugs like IDOR, CSRF, Parameter Tampering, Interesting Account Takeover, etc 9. Github Recon
5. None
6. None
7. None
8. None
9. None
10. None
11. None

12. What is a Target? Consider functionality as your target rather

    than the whole website and test everything you can on that point.

13. 1. No Rate Limiting 2. Password Reset Poisoning 3. Weak

    Reset Password Implementation 4. Open Redirection 5. HTTP Parameter Pollution 6. Logic Bugs lead to Account Takeover. 7. SQL Injection 8. CORS Misconfiguration 9. SSRF
14. None

15. THANK YOU