How i start testing on website from where i start which vulnerability first i start find
Tell me method plzz
And also tell me i gather informationof website so what i do with that information how o play from that information plzz tell me?
Generally speaking, enumerating (in-scope) subdomains is usually worth-while. There’s plenty of reconnaissance techniques, but if you’re new to pentesting, using all-in-one tools such as Lazyrecon might be the easiest option. You should, however, invest time in reading about recon techniques. There’s plenty of information available online.
1 Like
Oky thanks for your reply i use maltego for gathering and online tool. Plzz also give answer of my secomd question i gather information now what is next step what i do with that information how i find bug using that information.
Hope you will clear my doubts.
Thank you waike.
Google “bug bounty 101” and you will get the answers you want.
1 Like
Checkout nahamsec channel on youtube for recon.
Just walk through the application like a normal user first and try to understand the functionality and then start poking around like checking for csrf, xss ,idor etc
1 Like
This text will be blurred
Hi,
You can’t accomplish great programming quality without software testing. Regardless of whether analyzers are not profoundly associated with genuine coding they should work intimately with designers to improve the nature of the code.