A naukri.com initiative
Hackingblogs
2w
281
Image Credit: Hackingblogs
Bug Bounty 10-Day Complete Free Training: Day3 – Building Workflows
- Day 3 of the Bug Bounty Bootcamp focuses on building workflows and bug bounty searching methods.
- Topics covered include GitHub, cloud operations, recon procedures, Google Dorks, leaked credentials, exploits, misconfigurations, CMS, OWASP, and brute force workflows.
- Creating a well-structured workflow is essential for efficient bug bounty hunting.
- The recon workflow involves identifying root domains, subdomains, performing DNS resolution, and gathering A, NS, MX, and CNAME entries.
- Understanding terms like Root Domains, Subdomains, DNS Resolution, A Record, NS Record, MX Record, and CNAME Record is crucial for recon processes.
- CIDR ranges are used for IP addresses, and port scans are conducted to identify exposed protocols and services.
- Verifying Autonomous System Number (ASN) and geolocation is important to identify IP ownership.
- Fingerprinting, content detection, and tools like WhatWeb, Wappalyzer, Nikto, and Nmap are used to identify technologies used by web applications.
- Practical application of knowledge and tools is emphasized for skill development in bug bounty hunting.
- Upcoming topics in the bootcamp include Google Dorks, password leaks, common attacks, misconfigurations, CMS, OWASP, and brute force workflows.
Read Full Article
16 Likes
For uninterrupted reading, download the app