.png)
9 months ago
58 BOOK THIS SPACE FOR AD
ARTICLE AD
Subscribed to: https://medium.com/@kerstan
Hello everyone, I’m Kerstan.
Today is Bug bounty Tuesday, I will share with you how to find your target’s Origin IP during bug bounty hunting.
So, let’s dive right in.
During pentesting, we may encounter different WAFs (Web Application Firewalls) that prevent us from finding the accurate target IP. I am going to share how to find your target’s Origin IP during bug bounty hunting.
When you’re hunting on a bug bounty target and WAF stands in your way, here’s a powerful technique to uncover the Origin IP by scanning the target’s IP range.
I’ll be using a simple yet effective tool called hakoriginfinder by hakluke! Get it!!!
https://github.com/hakluke/hakoriginfinder
Here’s my methodology to find the Origin IP using this tool and technique:
Discover your target’s ASN and check : https://bgp.he.net/AS33848#_prefixes2. Make a note of the target’s IP range.
3️. Assuming you have a WAF-protected domain called example[.]com. Use this command with the IP range Identified in step 1 and pass your target host against the -h parameter: `prips 93.184.216.0/24 | hakoriginfinder -h example[.]com`
If you receive a “MATCH” output, there’s a strong likelihood that you’ve successfully identified the Origin IP. Now, you can send requests with the same Host header to bypass WAF or for whatever your mission requires.
Check ASN
Note target IP range
Use HakOriginFinder
If this writing has been helpful to you, please consider giving it a clap and following…
Bengali (Bangladesh) · 
English (United States) ·