Hi, this is a compilation of recon workflows found online. Use it as inspiration for creating your own Web pentest / bug bounty recon workflow.
These are all the ones that I could find. So if yours is missing and you want to see it featured above too, please send it to [email protected].
I will update this every time I have a new flowchart or mindmap. So keep an eye on this page!
Hey hackers! This is the first post of a series on the topic of: How to think out of the box?
When I was preparing the Bug Hunter podcast Ep. 4 on this same topic, I wanted to include advice from different bug hunters. So I asked several hackers these 3 specific questions:
- How to find bugs that are not duplicates?
- How to find new areas of research (like in @securinti’s last blog post or what James Kettle does)?
- How to find logic bugs or bugs that don’t fall under any category, can’t be found with tools or require real thinking?
@zseano was one of the hackers I reached out to, and he was kind enough to respond with awesome advice!
Here is his response:
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.
This issue covers the week from 8 to 15 of March.
Our favorite 5 hacking items
1. Conference of the week
OWASP AppSec California 2019, especially:
OWASP AppSec conferences are great for anyone interested in (both offensive and defensive) Web app security. This one is particularly good, as you can judge from the list of talks above that I’m planning to watch!
Some of the topics addressed are: extracting endpoints from JS files, FaaS & GraphQL security, Web Caching vulnerabilities, scaling visual identification for bug hunters, new features in ZAP, interesting OWASP tools for white box pentesting…
The only thing missing is the video/slides from workshops which look really interesting. Gonna have to go there myself some day!
Hi, here’s a new episode of the Bug Hunter podcast!
You can now listen to it using the widget below or on the following platforms: Apple podcasts/iTunes, Google Podcasts, Podbean, Anchor, Spotify, Breaker, Pocket Casts, Overcast and RadioPublic.
If your favorite podcasting app is missing from this list, please let me know so I can add it.
Also, if you prefer written text, you’ll find the whole transcript below. It’s also helpful for finding any links or commands mentioned in the audio.
Hi, these are the notes I took while watching the “Eliminating False Assumptions in Bug Bounties” by Frans Rosén (@fransrosen) on OWASP Stockholm 2018.
This is a talk where @fransrosen responds to arguments he heard on why you shouldn’t do bug bounties. It’s full of thoughts and ideas on how to approach bug bounty mentally and what you can do to overcome common hurdles.