tbhm: The Bug Hunters Methodology v3

The current sections are divided as follows:

• Philosophy
• Discovery
• Mapping
• Authorization and Sessions
• Tactical fuzzing
  • XSS
  • SQLi
  • File Inclusion
  • CSRF
• Privilege, Transport and Logic
• Web services
• Mobile vulnerabilities
• Auxiliary Information

The goal of the project is to incorporate more up to date resources for bug hunters and web hackers to use during their day-to-day work.

@jhaddix updated The Bug Hunters Methodology to version 3

Slides for the Bug Hunter's Methodology 3(ish) from today's LevelUp 0x02 @bugcrowd conference – https://t.co/ZfwIAR02sm pic.twitter.com/4LrBtBYHN9

— Jason Haddix (@Jhaddix) May 26, 2018

Source: https://github.com/jhaddix/tbhm