Whether you do Pentesting or Bug Bounty Hunting, Recon is an important phase for expanding your scope. However, not everyone does that as they are busy filling forms with random payloads. Effective Recon can often give you access to assets/boxes that are less commonly found by regular Pentesters or Bug Hunters. More assets mean more opportunities to find bugs. While there are lots of different tools available to make this process easier, without a working methodology you may not be maximizing your Recon output.
In this session, Rohan will demonstrate effective techniques that Pentesters/Bug Hunters can use for better information gathering and how then to utilize the information to find differential bugs. Rohan will share his Recon Methodology, and some stories, which lead him to turn from Pentester to Full Time Bug Bounty Hunter. At the end of the session Rohan will be releasing his Fully Automated Recon Script.