Hi, this is a compilation of recon workflows found online. Use it as inspiration for creating your own Web pentest / bug bounty recon workflow.
These are all the ones that I could find. So if yours is missing and you want to see it featured above too, please send it to [email protected].
I will update this every time I have a new flowchart or mindmap. So keep an eye on this page!
Table of contents
- Lazyrecon’s workflow by @CaptMeelo
- Recon workflow found on Reddit
- Recon workflow by @rvismit
- Recon workflow by @rub003
- Recon workflow by @Aishee_Nguyen
- Assessment mindmap by @dsopas
- Autorecon’s workflow by JoshuaMart
- Recon steps by 0xpatrik
- Visual guide to recon by @NahamSec
- imran parray
- Domain footprinting by dnsdumpster.com
- Recon map by @_sehno_
- Recon summary by @Jhaddix
- OSINT domain name by @@TheGelios
- DomLink’s workflow by @vysecurity
- WAHH Methodology desktop background by @Jhaddix
- AWS S3 recon flow
- Multiple worflows for recon automation by @mhmdiaa
Lazyrecon’s workflow by @CaptMeelo
Recon workflow found on Reddit
Recon workflow by @rvismit
Recon workflow by @rub003
Recon workflow by @Aishee_Nguyen
Assessment mindmap by @dsopas
Autorecon’s workflow by JoshuaMart
Recon steps by 0xpatrik
Visual guide to recon by @NahamSec
imran parray
Domain footprinting by dnsdumpster.com
Recon map by @_sehno_
Recon summary by @Jhaddix
OSINT domain name by @@TheGelios
DomLink’s workflow by @vysecurity
WAHH Methodology desktop background by @Jhaddix
AWS S3 recon flow
Multiple worflows for recon automation by @mhmdiaa
Input can be a domain, registrant name or registrant email:
Let me know if you have any comments, requests, questions… Feedback is always welcome.
See you next time!
Comments