Summary
This is a structured playbook for reconnaissance and vulnerability discovery, covering the full chain from subdomain enumeration through endpoint discovery to actual bug hunting. It walks you through passive and active recon with tools like subfinder, ffuf, and nuclei, then shifts into the mindset piece: how to actually find bugs others miss by going deep instead of wide, testing where filters exist, and understanding what each parameter type implies about server-side behavior. The Zseano methodology section is the strongest part, it's less about running tools and more about developing intuition for where vulnerabilities hide. Use this when you're starting work on a new bug bounty target or need to systematize your recon process instead of just throwing automated scanners at everything.
Install to Claude Code
npx -y skills add yaklang/hack-skills --skill recon-and-methodology --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →First SeenMay 16, 2026
