The Bug Hunter's Methodology (TBHM)
Welcome! This repo is a collection of
- tips
- tricks
- tools
- data analysis
- and notes
related to web application security assessments and more specifically towards bug hunting in bug bounties.
The current sections are divided as follows:
Before You Get Hacking
Reconassiance
Application Analysis
- Mapping
- Authorization and Sessions
- Tactical fuzzing
- Privilege, Transport and Logic
- Web services
- Mobile vulnerabilities
Other
The goal of the project is to incorporate more up to date resources for bug hunters and web hackers to use during thier day-to-day work.
@jhaddix
History
Title | Conference | Version | Link |
---|---|---|---|
How to Shot Web | Defcon 23 | 1.0 | Link |
The Bug Hunter's Methodology | xxx | xxx | Link |
The Bug Hunter's Methodology | xxx | xxx | Link |
The Bug Hunter's Methodology | xxx | xxx | Link |
The Bug Hunter's Methodology | xxx | xxx | Link |