Buy my bounty course here: app.hackinghub.io/hubs/nahamsec-bug-bounty-course Discord: Discord.gg/NahamSec

00:06 Bug Hunters Methodology V4.0 is split into two parts: Recon and Application Analysis. 02:31 Project tracking is an important part of the bug bounty and pen testing methodology 06:40 Wide recon involves multiple distinct sections of work 08:42 Verizon Media's bug bounty program has a wide scope. 12:58 Automating recon can be risky without proper context 15:27 Using ASN numbers and IP scanning to gather seed domains for recon. 19:34 The Bug Hunter's Methodology v4.0 - Recon Edition by @jhaddix #NahamCon2020! 21:37 Finding related domains and seed domains 25:40 Link discovery using Burp Suite for finding linked assets or links inside a site. 27:49 Passive scanning using Burp and setting advanced scope control with a keyword. 31:24 Using Burp Suite Pro to extract data can be clumsy. 33:24 Different tools and methods for URL crawling and subdomain discovery 37:17 Subdomain scraping is a crucial step for finding more assets 39:13 Methods for finding subdomains include using search engines and subdomain scraping tools like amass and subfinder. 43:05 Twitch uses various cloud technologies and third-party services 45:08 Use the github subdomains dot py tool to find hidden subdomains on github. 49:13 Using subdomain enumeration tools for bug hunting 51:02 Scraping cloud ranges and scanning SSL certificates help in finding hidden dev sites. 55:13 Using a large list of common subdomain names to resolve them and find any successful connections. 57:03 There are two approaches to building word lists: tailored lists and all-encompassing massive lists. 1:00:54 Use custom word lists related to Twitch for DNS subverting to find potential related domains. 1:02:48 Using permutation scanning to find obscure subdomains and bypass web location firewalls. 1:06:42 Use the tool 'masscan' for fast port scanning on IP addresses. 1:08:36 Using en masse scan as a wrapper around mask to resolve domains and perform port scanning. 1:12:50 Bash script to perform Github Dorking and find leaked sensitive information 1:14:45 Utilize automated tools and GitHub for effective reconnaissance. 1:18:37 Subdomain takeover vulnerability can result in the takeover of legitimate traffic of former domains. 1:20:49 Nuclei is a comprehensive scanning framework with subdomain takeover templates. 1:24:52 Interlace and Tom nomnom's tools are useful for automating workflow in bug hunting. 1:26:40 Different tiers of recon frameworks based on automation and workflow 1:30:12 Different tiers of recon methodologies 1:32:06 Intrigue and Assetnote are powerful SAS services for reconnaissance and asset management. 1:36:03 The Bug Hunter's Methodology v4.0 - Recon Edition 1:38:04 Appreciation for the bug bounty and pen test community

I can't believe how much free content you provide. Thanks!!

Dominican Republic we have a saying, maybe other places do too, when something is too good to be true usually isnt but maaaaaaan this is good content. Nahamsec you are the man!! thanks for gathering all those super smart dudes and freely allow us to learn from then. Thank you Thank You.

I will probably watch this five more times. So unbelievable useful information. Thank you!

I’ve been messing around with bug bounty for awhile now but never seriously giving it a go, I usually poke around and do basic manual stuff then if nothing happens in an hour or so then I stop and start from scratch again in a week or two. I think this next time I’m going to pick a program, literally follow along with this video as I go and save all my scan results and notes so I can pick up where I left off with the same program.

Thank you for the Methodology, as I am starting out on Bug Hunting and most automated tools are not welcomed, so I was stumped on how to be able to Bug Hunt. I am going to learn from this video and start my Bug Hunting to earn Rep + Money is the bonus.

The contents are amazing. The only problem is video quality, Please atleast 720p

waited for this so much!! Now upload the tomnomnom talk plz.

Thanks for all the great information from this keynote. Got some really good notes for my B.B Journey.

five minutes of your video guive more information on Recon as opposed of all i have learned in the past, Terrific

YES! I've been waiting for this forever. Thanks for the all the good content naham, you're true legend!

"Where can I get these slides?" to "Screenshotted the all slides" Love from Sweden :)

Your name 'jason haddix' sounds like someone who plays the lead role in an action flix

Nice. Always learning new tools from here. 🙏

Hell yeah right before the weekend

loved it bro jason dude you are cool bro and ben dude you too thanks for the marvelous content

This is GReat!, where can get the whole list of the tools, or copy of these sides? thanks

really big thanks @nahamsec love from nepal !!!!

Nice one, 1080p please :(

Super Cool :D Thanks Jason Haddix for this talk and NahamSec for posting this on YT :) Sooo many new tools and techniques to test! You're awesome Guys :)

He mentions a tool for scraping keywords around half way through? anyone know what tool this is?

what about aquatone for subdomain takeover checks?

Been Waiting for this.... thanks Ben 🙌

Is there a pdf or book written for this content?

amazing! Thank you!

Thanks for the lessons. Will keep learning. Lol

so much value in this video! thanks :)

If there is a PPT to provide IU, it will be more nice

Bro this is amazing!

I wish those links he showed can be listed here

Was the TBHM v4 Application Analysis edition ever released? Can't find a link, thanks

Awesome!

can i get that ppt

95% of the people in here wont get past installation of all the tools and give up... I know this because that was me when I started

You are great

what is happening after recon

you rock ! NAHAMsec

jason haddix is the best

Indians like here....... Indian hackers show our unity by hitting the like--

Can we Get TIme Stamp

You are a legend

pdf spanish ?The Bug Hunter's Methodology v4.0 - Recon Edition by @jhaddix???

Thanks Senpai!

😍🙏🥺thanks bro

Oye bro quede en 13:22

jason. You have my head. Nice names for your daughters. I hope i will be same as you. Thnks btw.

can we download the slides?

Plz upload secureinti talk

Hi bro can I privately chat with you

Direct like ❤

:)

29, 32:10

One can either be father of 3 or gamer. Not both!

I am absolutely new to bug hunting and the problem that I am facing is "When I catch a request in burp it is really confusing I can't understand which request to work on and which to not I get really confused" please help if you can .

TomNomNoms Talk?

This is great But where is Binod & Pls don't put add in betn. the video..... Especially when it is High quality speech Byee Binod

Hii guys, iam a beginner web application enthusiastic. Who is interested web application security.well, I thought i know some foundation's so, I want to touch a security issues. Iam confused which one is good resource and which one to pick and start.: portswigger notes or owsap top 10 or web application hackers hand book iam stuck could you suggest me to become a good web pentester.