Skip to content

ducnp/tbhm

This branch is 56 commits behind jhaddix/tbhm:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

4b384d9 · Nov 4, 2015

History

48 Commits
Oct 8, 2015
Oct 8, 2015
Oct 8, 2015
Oct 8, 2015
Oct 8, 2015
Oct 8, 2015
Oct 8, 2015
Oct 8, 2015
Oct 8, 2015
Nov 4, 2015
Oct 8, 2015
Sep 5, 2015
Oct 8, 2015

Repository files navigation

The Bug Hunters Methodology

Welcome! This repo is a conglomeration of tips, tricks, tools, and data analysis to use while doing web application security assessments, and more specifically towards bug hunting in bug bounties.

These methodology pieces are presented as an abbreviated testing methodology for use in bug bounties. It is based off of the research gathered for the Defcon 23 talk "How to shot Web: better hacking in 2015".

The current sections are divided as follows:

  • philosophy
  • discovery
  • mapping
  • tactical fuzzing
  • XSS
  • SQLi
  • LFI
  • CSRF
  • web services
  • mobile vulnerabilities

The goal of the project is to incorporate more up to date resources for bug hunters and web hackers to use during thier day-to-day work.

@jhaddix

Defcon Video

ScreenShot

About

The Bug Hunters Methodology

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published