[BC-32320] Updates to Bugcrowd Methodology Taxonomy - Website testing, and Internal Infrastructure#23
Merged
adarshaks91 merged 14 commits intomainfrom Aug 20, 2025
Merged
Conversation
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
adarshaks91
force-pushed
the
new-methodologies
branch
from
224e37b to
f379878
Compare
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
fedetaglia
reviewed
Aug 19, 2025
Contributor
fedetaglia
left a comment
fedetaglia
left a comment
There was a problem hiding this comment.
can we use the snakecase on the methodologies files to match the other files?
active_directory.json
internal_network.json
thls
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds two new security testing methodologies for Bugcrowd's methodology taxonomy: Internal Network Penetration Testing and Active Directory Testing. The changes also update the JSON schema to support additional characters (ampersands and colons) and numbers in pattern validation to accommodate the new methodology content.
- Adds comprehensive internal network penetration testing methodology covering reconnaissance, protocol assessment, and vulnerability identification
- Adds specialized Active Directory testing methodology with focus on privilege escalation and lateral movement techniques
- Updates JSON schema patterns to support new characters and numbering in methodology content
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| schema.json | Updates regex patterns to allow ampersands, colons, and numbers in titles and keys |
| methodologies/internal_network.json | New comprehensive methodology for internal network penetration testing |
| methodologies/active_directory.json | New specialized methodology for Active Directory security testing |
Comments suppressed due to low confidence (2)
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
fedetaglia
approved these changes
Aug 20, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adding methodologies for internal infrastructure and active directory testing.
original commits