Bug Bounty Methodology — Bug Hunting Checklist (PART-1)

  1. Amass (https://github.com/OWASP/Amass)
  2. subfinder (https://github.com/projectdiscovery/subfinder)
  3. Assetfinder (https://github.com/tomnomnom/assetfinder)
  4. dnsgen (https://github.com/ProjectAnte/dnsgen)
  5. massdns (https://github.com/blechschmidt/massdns)
  6. httprobe (https://github.com/tomnomnom/httprobe)
  7. aquatone (https://github.com/michenriksen/aquatone)
Recon Tools Required
Automated & Manual Scanning Tools
Dorks
Information Gathering Phase
Configuration Management
Secure Transmission
Authentication Vulnerabilities Checklist
Session Management Checklist

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
apex

apex

I try to analyze ransomware attacks | Static Code Analysis | Privacy & Security Updates | Pen Testing | Bug Bounty