By | May 9, 2021
Bug bounty methodology v4

In this article, we are telling you about Jhaddix Bug bounty methodology v4, the first question that comes to your mind will be what is Bug bounty methodology v4, who is Jhaddix.

As you complete the article with bug bounty methodology v4, you will get the answers to all your questions, here we are telling you about the bug bounty methodology, this article can be very useful for you.

Everyone’s bug bounty methodology is different, here we are sharing the bug bounty methodology of a person who has a lot of name in the field of bug bounty, I have also learned it, so I am also telling you.

Note- This article is only for educational purpose. Don’t miss use your knowledge and skills.

Bug bounty methodology

First of all, we tell you what is the bug bounty methodology like we all humans have different minds and all the ways of working are also different, just like bug bounty methodology .

Like suppose you are a bug hunter and one is your freind bug hunter, in such a way the way of finding your bugs may be different and the way of finding the bugs of your freind may be different.

Here we are telling you about the Decoding Jhaddix Bug bounty methodology v4, it was released in Bug bounty methodology v4 2020 but still it can be very useful for you so you should know about it

Decoding Jhaddix is ​​a bug hunter that shares the bug bounty methodology every year, as soon as 2021 is over, it releases its bug bounty methodology as soon as it is released, it will be shared with you here as well.

Bug bounty methodology v4

Let us now tell you what is there in Decoding Jhaddix Bug bounty methodology v4 that will help you a lot in bug hunting, here we are telling you all step by step.

Bug bounty methodology v4

As you can see in the image, you have shown all the things step by step in the image. This is all used in the bug bounty methodology. We have also shown you ways before you can find subdomains in kali linux. some of these things you should be told you earlier.

The first thing as you are told is that you have to find a domain that you get lots of subdomains so that you can have more space to do bug hunting, in such a way there are many ways to find subdomain.

Acquisitions

The first step in this bug bounty methodology v4 is described of Acquisitions First of all, know what is Acquisitions which domains that your target has already acquired.

Let’s understand this by quoting as if your target is yahoo com, if we remove the acquisitions of yahoo com, then we get more domains that yahoo has acquired, here if you can access the server through that domain. In this case it can be useful for you.

Bug bounty methodology v4

To do all this, the crunchbase website helps you, as you can see in the image, this website looks something like this, here we are taking the example of yahoo in this article.

Bug bounty methodology v4

Here, when you give your target, in this way, this website removes a lot of information about your target, as you can see in the image, you also get to see the acquisitions or you can also see the acquisitions in the option of financials.

Bug bounty methodology v4

As you can see in the image, here you are showing all the domains that have been acquired by Yahoo, so if you are able to execute vulnerabilities like remote code injection by the domains in yahoo server, then this is a is called valid bug

ASN Enumeration

After this comes your second step ASN Enumeration Now what is this ASN? First of all we know that all companies or organization have their own unique ASN no which the identity of that company

Bug bounty methodology

In this case, subdomains can also be found using the same ASN no, but first you have to find ASN no, for this you can use the website bgp.he.net as you can see in the image. The website looks something like this

Here you have to give your target in the search box as you can see in the image, here you have got ASN no at the top, as well as you are getting ASN no show from different countries also, by clicking on these here, you can also get information gathering.

Bug bounty methodology

As you can see here you also get to see the whois record from here as you have removed your ASN no. Now by using the amaas tool here it can also remove domains and subdomains associated with ASN no.

Bug bounty methodology

You have been told about the amass tool earlier. It is used a lot in bug hunting. In amass you get the intel module, through it ASN no can remove other domains as well, as you can see in the image.

Reverse WHOIS

You may not have heard about the Reverse WHOIS before, but you can find it everywhere about the WHOIS record, but there is very little talk about what this Reverse WHOIS is, let us tell you about it.

Bug bounty methodology

For Reverse WHOIS you can use whoxy website, as in this article we are running the target of yahoo, there will also be the owner of yahoo, whose name you will get from google, find other subdomains by the same name.

As you can see in the image, you have to do the reverse WHOIS of your target while bug hunting, here you get the option to reverse WHOIS by company name, owner name, email address and domain keyword.

As you can see, you have also found out about other domains of your target by owner name, here you have to see which domain or subdomain that matches your target’s name, in this way, find the subdomain.

Shodan

Subdomains can also be found by the shodan website in the bug bounty methodology. We all know about the shodan website, we use it to get the information of connected devices from the internet.

But shodan website can also be used to find subdomains, as you can see in the image, in this way you have to search query, here you have to signup first, only then you can search in this way.

As you can see, in this way you can find the subdomains of your target, here you can see how you are able to enlarge the methods to find the subdomains, similarly all the big bug hunters subdomains find.

Linked and JS discovery

Now let us know how js files helps in your bug hunting. You get to see js files in almost all websites. You can also use tools like gospider to find js files.

Also you can view js files with the help of burp suite. When you look at the page source of any website, you get to see js files there and sometimes you also get to see vulnerabilities like information disclosure in js files.

That is why it is said that whenever you do bug hunting, in such a situation, you should explore your target for the most time because the possibilities of getting bugs can be from anywhere, so you have to observe everything carefully.

After this, your next step comes of subdomain enumeration and subdomain bruteforce, we have already told you about these, if you have not read our articles, then you must read them, you have been told to practically do it for subdomain scrapping You can also use the website. https://subdomainfinder.c99.nl/

Port Analysis

The biggest question in the bug bounty methodology is why do port scanning have to be done because sometimes tools like nmap or mass scan help you a lot in finding vulnerabilities.

Like port 80 and port 443 are mostly open but there are many types of services that work on any other port, in such a case if it is open, then by bruteforce attack on it, if the password is found it Is called a valid bug

As you can see in the image, the first thing is to do port scanning, we have done this work using nmap, if you want, you can also use mass scan tool, it is your choice.

After doing all this, you have to save the report in xml file as you can see in the image, here we have saved the report of nmap in xml, similarly you have to save the file of your target as well.

After this you get a tool whose name is brutespray, you have to use it to do bruteforce attack on open services, if the password is found, you can report in such a way that you get bounty.

As you can see in the image, in this way you can give xml here as well as you can also check its help, you get to see more options of this tool, you can find this tool on github.

After doing all this you have to do github dorking and github recon which you have been told about as well as taking screenshot of subdomains which you have been told using aquatone tool, you can also use eyewitness tool.

After doing all this, you have to find the subdomain takeover vulnerability. Here we have told you in detail everything that is Jhaddix Bug bounty methodology v4. That’s how all bug hunters do bug hunting.

The Conclusion

I hope now you can understand about Jhaddix Bug bounty methodology v4? Jhaddix Bug bounty methodology v4 would have come to know about? Whatever I have, we have told you everything here

Similar big bug hunters share their own methodology from time to time, for this you should always be updated. This bug bounty methodologies can help you a lot in finding your bugs.

Therefore, if you also want to go to the advanced level in bug hunting, then you must follow the bug bounty methodologies, now you must have understood how much you can get to learn in bug hunting.

If you like this article of ours, then you must share it, this article is definitely a bit big, but if you understand this, then it becomes easy for you to find bugs.

Subscribe to our blog for latest updates

Sharing is Caring

Thankyou

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *