MEl-Deeb/tbhm

The Bug Hunters Methodology

The Bug Hunter's Methodology (TBHM)

Welcome! This repo is a collection of

• tips
• tricks
• tools
• data analysis
• and notes

related to web application security assessments and more specifically towards bug hunting in bug bounties.

The current sections are divided as follows:

Before You Get Hacking

• Learning Resources
• Content Creators and Influencers

Reconassiance

Application Analysis

• Mapping
• Authorization and Sessions
• Tactical fuzzing
  • XSS
  • SQLi
  • File Inclusion
  • CSRF
• Privilege, Transport and Logic
• Web services
• Mobile vulnerabilities

Other

• Auxiliary Information

The goal of the project is to incorporate more up to date resources for bug hunters and web hackers to use during thier day-to-day work.

@jhaddix

History

Title	Conference	Version	Link
How to Shot Web	Defcon 23	1.0	Link
The Bug Hunter's Methodology	xxx	xxx	Link
The Bug Hunter's Methodology	xxx	xxx	Link
The Bug Hunter's Methodology	xxx	xxx	Link
The Bug Hunter's Methodology	xxx	xxx	Link