Member-only story
What After choosing a target ? Recon Methodology— Bug Bounty Restart Phase 3
Hello Everyone,
In the last blog we saw how to choose a good target and how to understand the application properly, in today’s blog we will see a basic methodology for recon which you can change according to you. So let’s start.
Not a medium member? Read this story for free here
What is Recon ?
It is the process of collecting information about a target in order to identify vulnerabilities, its the first and most important step in bug bounties because -
- It helps you understand your target better
- It reveals hidden assets
- Saves time
So let’s see the recon methodology -
1. Subdomain Enumeration
So the first and most important thing we are going to do is subdomain enumeration as it helps us in finding the hidden assets and target the one’s which looks more prone to vulnerabilities. There are many different tools for subdomain enumeration, here are few of them which I use the most -
assetfinder target.com -subs-only | tee -a asset.txt
