How to approach target in bug bounty ?

 

How to approach target in bug bounty ?



Every bug bounty hunter began by reporting low-hanging bugs and minor problems that business didn't care about at the time.

 

1) Architecture Based Approach


First find the technologies used by the website.

For finding use this tool:

  • Wappalyzer
  • Buildwith



Then you can find if there are any CVE or public exploits related to the technology the web app.

You can read through documentations and bug bounty reports related to each dependencies. Find out what the most common mistakes that can be made by developer.

If you are a beginner, it would takes quite long time to understand each technologies behind. This approach works well on modern web app.



2) Asset-based Approach


Bug hunters using this approach heavily relies on tools to find out as many assets as possible.


For example -

  • Use sublist3r to find all subdomains
  • Use gau to fetch all URL.
  • Discover all IPs belonged to the target.



Then you need to have a proper way to sort out and analyze the information obtained. This approach works well if the target has wide scope (eg. Facebook, Microsoft, Google).

To become successful in this approach, You better familiar with some bash scripting or use python to automate some tasks. Also it might create a lot of unneccessary noice to the target and might lead to ip ban from the target.

Read more about what bug you want to Report :- Click Here



3) Function based approach


In this approach start testing the website as the normal user uses it and use burp suite to record all request/response. Then, try to do something that is not supposed to do, access some URL that is not authentication to do so. Creativity is a key to be successful in this approach. Here are some of the type of information that should be gathered on your target:

  • Create a list of all the subdomains and IPs that belong to the target.
  • Find information about the type of software and services the site uses.
  • Check if they have a github account?
  • check the robots.txt file
  • Does the site have any input forms, any parameters in the URLs?
  • Start hunting as soon as any organization introduces the program.


Read more about Burp Suite Tutorial :- Click Here



Conclusion:



You can read more bug hunting report and find out more yourself. Then, you can mix and match these approaches and techniques.

As time passes you would find yourself developed your own methodology and getting smooth in bug hunting.


Disclaimer

 
 
All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.

 

Post a Comment

Previous Post Next Post

Contact Form