My first introduction to reconnaissance was Jason Haddix’s Bug Bounty Hunters Methodology. It’s the de facto standard and is still updated every year. There are currently four iterations and I encourage you to watch them all.
Nowadays, Sunday Recon with NahamSec is my main resource for all things recon. You can’t beat seeing someone do recon live and being able to ask them questions.
The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.
View these videos as a foundation and draw inspiration from them.
In the end, the best bug bounty recon methodology is a unique one only you can come up with. It’ll ensure that you get the best results and the least amount of dupes.
Th3G3nt3lman
GitHub Recon and Sensitive Data Exposure
Katie Paxton-Fear (InsiderPhD)
How To Do Recon - Introduction to Recon
The first of Katie's How to Do Recon series. Talking about all things recon, why you might want to do recon, what tools you need, and how to actually find bugs with all this data. Check out her inclusive community.
Michael Skelton (Codingo)
Recon and Corporate OSINT with DNSGrep and Rapid7 Open Data
Michael discuss the fundamentals of doing recon and OSINT on a corporation using the Rapid7 Open Data project, and DNSGrep. Part of the awesome BugCrowd community.
Jason Haddix (jhaddix)
The Bug Hunter's Methodology v4.0 - Recon Edition
An ongoing yearly installment on the newest tools and techniques for bug hunters and red teamers. Also featured in my must-watch InfoSec talks of 2020.
Tom Hudson (Tomnomnom)
Passive-ish Recon Techniques
Abhijeth Dugginapeddi
Recon and Bug Bounties What A Great Love Story
Ben Sadeghipour (NahamSec)
It’s the Little Things
Create an automated process that will actively look for vulnerabilities using OSINT and other well known recon tools. Join the Nahomies.
Rob Ragan + Oscar Salazar
Pose a Threat - How Perceptual Analysis Helps Bug Hunters
Bharath Kumar
Esoteric sub-domain enumeration techniques
Patrik Fehrenbach (ITSecurityGuard)
Amassive Leap in Host Discovery
Hussein
Recon Sunday with hussein98d
No spam. Unsubscribe at any time.
What does it look like?






Don't leave, there's more content below! 👇
Mayonaise
Recon Sunday with Mayonaise
Todayisnew
Recon Sunday with Todayisnew
A rare appearance and boy was it worth the wait. It's jam packed with information. His friendly demeanor, and automation are highly sought after. Check out my NahamSec interview notes.
Corben Leo (cdl)
Recon Sunday with CDL
Tom Hudson (Tomnomnom)
VIM tutorial - linux terminal tools for bug bounty pentest and redteams
Nathaniel Wakelam (Naffy)
Recon Sunday with Naffy
Jason Haddix (jhaddix)
The Bug Hunter's Methodology Full 2-hour Resource
Patrik Fehrenbach (ITSecurityGuard)
Sunday Live Recon with ITSecurityGuard
Patrik walks us through his recon process, sharing his love for amass. He also covers how he uses SecurityTrails, and more. Representing the HackerOne community.
Jeff Foley (Caffix)
OWASP Amass Red Team Village Resource
Want to know the ins and outs of amass? Amass creator Jeff shows you all there is to know. Did you know there was an Amass community?.
Ben Bidmead (pry0cc)
Introduction to Axiom - The Dynamic Infrastructure Framework for Everybody
In this talk, Ben give a crash-course on axiom and how to use it. He also perform a live demo of axiom using 170 instances. Founder of 0x00sec community.
rez0 @ NahamCon 2021
ffuf scripts and tricks
Nathanial (d0nutptr)