Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Recon and Bug Bounties - What a great love story!

750 views

Published on

n this talk, the speaker will demonstrate few effective techniques using which researchers/pen testers can do better information gathering. The speaker would also share many stories which allowed him to earn some bounties using these recon techniques. This techniques might also be useful to red teams/incident response teams to identify rogue devices in their organisation which are often missed out during normal penetration testing. These might not be “best practices” but are definitely “good practices” and “nice to know” things while doing Penetration Testing.

Published in: Internet
  • Be the first to comment

Recon and Bug Bounties - What a great love story!

  1. 1. --Abhijeth Dugginapeddi RECON AND BUG BOUNTIES WHAT A GREAT <3 STORY
  2. 2. PPT 101– INTRODUCE THE SPEAKER • I think I’m still a script kiddie maybe? • 9:00-17:00 work at a large organization • 17:00-9:00 work on the internet • Got lucky in finding bugs with Google, Facebook, Microsoft, Ebay etc • One among top 5 bug bounty researchers on Synack • Stop bragging and start the preso man
  3. 3. AGENDA
  4. 4. DO YOU DO PEN TESTING?
  5. 5. WEB SECURITY
  6. 6. AN UNINFORMED THREAT MODEL... www.website.com shop.website.com blog.website.com stage.website.com db.website.com api.website.com dev.website.com backup-syd.website.com archive.website.com s3 Buckets github pastebin third party providers mobile applications analytics etc etc…
  7. 7. BUT WHY?
  8. 8. ATTACK DIFFERENTLY
  9. 9. OK COOL BUT HOW?
  10. 10. DO YOU STILL REVERSE IP
  11. 11. SUB DOMAIN-ING
  12. 12. SUB DOMAINS • Sublist3r • Masscan • Shodan • censys
  13. 13. Yo!! Does this work?
  14. 14. OH YEA TEST DATABASES MADE PUBLIC? SURE THANKS
  15. 15. SNAPSHOT-ING YOUR SUB DOMAIN LIST
  16. 16. SOMETHING TO HELP YOU ALONG... snapple.py
  17. 17. DIVING IN: HACKING WITH GOOGLE(DEMO)
  18. 18. DO YOU GITHUB? • Site.com API_key • Password @site.com • Site.com secret_key • Site.com FTP password • Site.com ssh • Will leave combinations to your imagination
  19. 19. EVER TRIED LINK FINDER?
  20. 20. #RANDOM TARGET
  21. 21. #RANDOM TARGET
  22. 22. OOPSY
  23. 23. MORAL OF THE STORY
  24. 24. FEW PEOPLE YOU SHOULD FOLLOW FOR SOME COOL STUFF IN THIS SPACE • Jason Haddix • Nahamsec • Naffy • Shubs_shah • Bharath kumar • Edoverflow • And me ;)
  25. 25. CREDITS https://imgflip.com/memegenerator for memes/gifs All the authors of these tools  Great job guys and Thank you!!
  26. 26. Thanks to these guys for making internet secure again  @Bugcrowd @synack @Hacker0x01
  27. 27. Cheers to @Reconvillage questions? @abhijeth

×