PinkDraconian
@PinkDraconian
Followers
9,093
Following
259
Media
382
Statuses
2,257
Explore trending content on Musk Viewer
Mbappé
• 654002 Tweets
Carvajal
• 422074 Tweets
Real Madrid
• 290905 Tweets
#EveryWONWOO_Day
• 182112 Tweets
Amber Rose
• 164492 Tweets
#Jimin_Who
• 163882 Tweets
WHO IS COMING
• 151731 Tweets
Jack Black
• 143187 Tweets
JIMIN IS COMING
• 140990 Tweets
Gibraltar
• 131332 Tweets
Hala Madrid
• 93215 Tweets
WHO MV TEASER
• 84120 Tweets
Prime Day
• 84048 Tweets
#남신_그러나_고양이_전원우생일
• 74596 Tweets
#西園寺さんは家事をしない
• 73568 Tweets
Haddad
• 62395 Tweets
Walker
• 58866 Tweets
Bronny
• 42871 Tweets
Tenacious D
• 41668 Tweets
wonu
• 34504 Tweets
土井先生
• 34307 Tweets
Yoro
• 33615 Tweets
Kyle Gass
• 32701 Tweets
THANK YOU HAECHAN
• 31468 Tweets
アルカディア
• 27373 Tweets
Virgen del Carmen
• 26838 Tweets
WHO IS MY HEART WAITING
• 23556 Tweets
PARK JIMIN
• 18062 Tweets
Joe Bryant
• 16154 Tweets
KP.3
• 15380 Tweets
ピーナッツくん
• 15280 Tweets
インライ
• 13409 Tweets
レイエス
• 11331 Tweets
Matt Walsh
• 10341 Tweets
Pinned Tweet
I just found a really cool CTF website! You might have heard of it, it's called "GitHub"!
They have all these challenges called "repositories"🕵️
The flag format is a little weird... CVE-\d{4}-\d{4,} 🤔
Anyways, I found this flag: CVE-2024-21644🚩
3
6
140
Just finished my OSCP exam.
Pwned all 6 machines📦
Took me 12 hours ⌛
Time to write that report and get that cert 📜
I always said I would never get the OSCP cert, but after getting CPTS, I was curious about OSCP's difficulty. I'll make a more complete review soon!
57
58
1K
Is there anything that we, security professionals, can do to aid Ukraine? 🇺🇦
Any good place to follow cybersecurity related news about this conflict?
34
69
521
My recent bug bounty earnings 👀
2️⃣0️⃣2️⃣3️⃣
January -> 0$
February -> 0$
March -> 0$
April -> 0$
May -> 0$
June -> 0$
July -> 0$
August -> 0$
September -> 0$
October -> 0$
November -> 0$
December -> 0$
2️⃣0️⃣2️⃣4️⃣
January -> 1500$
Build your own luck. Want results? Do the work!
19
19
335
✅ I obtained the CPTS certificate by
@hackthebox_eu
🟩
If you've never heard of it, you should start paying attention NOW! 👇
32
10
313
I'm incredibly happy to announce that today was my first day as a Hacker Manager at
@intigriti
! 🥳
Can't wait to see what we can accomplish! 💫
29
3
248
OSCP? ✅
CPTS? ✅
But which one is the best? Should you go for OSCP or CPTS? What are the differences? ❓
Everything and more in my video 👇
7
37
240
In February, I challenged myself to do more bug bounty hunting 🐛
Here's the good 📈 the bad 📉 and the ugly 😫
10
23
199
Do you like learning new infosec skills in a visual way? Do you like staying up to date in this amazing field?
Why not check out the PinkDraconian YouTube channel?
We're almost 10000 hackers strong! 🚀
13
24
194
Hi 👋 I suppose this is a trend so...
If you are interested in:
Hacking Videos 📺
Security 💻
Terrible trends 💩
Follow me✔️
I'm planning on using Twitter to share a lot of content that you won't want to miss. 🥳
10
8
167
Them: "What's your job?"
Me: "I'm an ethical hacker"
Them: "Can you ..."
Me: "No."
13
16
145
Wow! This is soooo cool! 💚
Thanks
@hackthebox_eu
🟩
It's always a pleasure to join in from time to time and give back to the community!
Hack The Box is where I started hacking, so who knows if I would even have become a hacker without HTB! 🥺
8
2
143
I was hunting for vulns on an NPM package and found a vulnerability. Hooray 🎉
But when I was researching how to exploit it, I found a video made by myself exploiting the exact same bug in the exact same package two years ago 😅
I guess this time I'm requesting a CVE for it 😂
5
4
109
Hey 👋 I'm looking for someone to join me in creating AWESOME hacker content for
@intigriti
! 💜
Fling me a DM 📨📨📨
8
10
104
There are so many PRO CTF players that have insane hacking skills. 👩💻
I love this idea of
@intigriti
to hide a flag in a real environment to see if it gets found. ⛳
Imagine a full CTF where all challenges are real applications 🔥
4
9
100
After passing the OSCP exam, a company (
@TheSecOpsGroup
) reached out asking me to try out some of their certifications 📜
- Certified AppSec Practitioner (CAP) ✅
- Certified Network Pentester (CNPen) ✅
- Certified AppSec Pentester (CAPen) ✅
A thread 🧵👇
5
3
95
I cannot wait for ChatGPT to start being used by developers! 👨💻
".innerHTML will automatically escape any HTML characters to prevent XSS attacks" 😂🤣
5
6
88
Getting invites to VDPs on
@Hacker0x01
be like 😬
"Here's the✨exclusive✨opportunity to hack a public website whilst getting nothing in return!"
8
3
89
If your mom's phone number was your bank account balance, how much money would you have?
Type in the comments how rich you would be! 💸💸💸
29
2
86
I tried to solve the easy "Nibbles" box from
@hackthebox_eu
and I failed 🤕
I needed a hint because I got stuck 😨
Would you have found the solution?
Let's walk through it together!
2
4
79
Can you bypass the following CSP? 🤔
default-src 'self'; script-src https:; script-src-elem 'self';
6
7
80
A scanner says it has found an HTTP Request Smuggling vulnerability 🤩
But wait, is it a real vulnerability? 🧨
Learn more about Request Smuggling and common false positives in this video 👇
Thanks
@GoogleVRP
for making this video possible! 🔥
0
30
80
1️⃣ Tried to login into my account and got asked to enter my 2FA.
2️⃣ Click button "Skip this step".
3️⃣ Logged into account.
This is the pinnacle of security.
#BugBounty
#bugbountytips
12
5
77
Just completed the Analytics box by
@hackthebox_eu
🥳
Had an amazing pizza hacking night with the
@toreon_BE
pentest team. Was loads of fun! 🍕
(If there's anyone else who solved it, I'd love to discuss the privilege escalation, as we're interested in seeing how others did it!)
2
2
76
My motivation for bug bounty hunting has reached an all-time low.
❌ Critical bug - "We had a penetration test that found this issue one day before you reported it..."
❌ Critical bug - "This is intended behavior". The bug is now fixed tho 🤔
❌ Critical bug - "Duplicate"
12
5
74
I think I made ChatGPT rage quit 😅
Well, he shouldn't have kept on shoving vulnerabilities in my face! 😡
1
2
72
#bugbountytips
RFI on a Windows machine? Try using SMB shares! 🔥🚒
(Screenshot from my slides for my section in
@theXSSrat
's Uncle Rat's ultimate bug bounty guide course) 🐀
0
21
71
The first
#HackTheBox
session with the Toreon product security team of 2024 has concluded. What a lovely evening! 🤟
Today, we conquered the "bizness" machine. To be fair, that privilege escalation to root took us a while as we fell deeply into various rabbit holes! 🐇
2
0
71
Finding: Password field with autocomplete enabled
@PortSwigger
says 📢
"An attacker who finds a separate application vulnerability such as cross-site scripting may be able to exploit this to retrieve a user's browser-stored credentials."
Is that true? With XSS? 🤔
6
3
66
Just followed a great training on heap exploitation by
@JinBlackx
. Thanks a lot for this amazing opportunity to learn!
4
0
65
📆 Mark your calendars for the 4th of February!
I'm hosting a CTF with Wizer ⛳
⏱ 6 hours of hacking
💰 1000$ prize pool 🤑
🕸 All web challenges
👨💻 Challenges with source code
Sign up now! 👇
1
8
63
🎓 Just received the news that I graduated with the highest distinction from
@HogeschoolPXL
in Applied Computer Science with a specialisation in AI & Robotics!
Ready for the next step of my life! 💪
16
1
62
Hey!
I'm not the best hacker ever, but I'm just having a lot of fun!
Thank you for listening!
8
0
63
Getting ready to represent Belgium at
#ECSC2022
with the
@BelRedDaemons
🔱🔱🔱
We are getting closer to the
#ECSC2022
!! It's about time that we introduce this year's amazing
#BelgianRedDaemons
team! We will start with the Team
Captain first ;).
#gettingready
#CyberSecurity
1
2
45
7
2
60
Looking for a CTF? Look no further!
🟩 The Cyber Apocalypse CTF is here🟩
✏ By
@hackthebox_eu
📆 14th - 20th May, 2022
Sign up here 👇
1
15
58
I just completed the Penetration Testing Process module by
@hackthebox_eu
🟩
If you want to become a penetration tester, do check this out. We're often very busy grinding away to get technically up to par that we forget there's more to a pentest than just the hacking.
2
3
58
Another month, another Hack The Box session! 🟩
This evening, the Toreon squad and I took on the Crafty machine from HTB! 👨💻
This box was quite something! It was based on hacking a Minecraft server. ⛏️ We found a way to pwn the box without requiring an account, luckily! 🕵️
2
2
59
🎓 Want to learn more about reversing? ↩
In my ✨ Intro To Reversing ✨ series, I take you on a journey through this mystical world
It's the second part of 🟩
@hackthebox_eu
's🟩 reversing track, hop on!
Watch it now! 👇
2
12
59
👨💻 Hacking 🍕 Pizza 👫 Amazing people 🎯 Great targets
What's not to like?
Thanks Intigriti for hosting the open port last weekend! I had a blast and can highly recommend everyone to join the next one!
1
4
58
🤓➡🦸 Pwn Zero To Hero is back!
📑 What will we be learning?
- Installing Pwntools ✅
- Automating exploits ✅
- Connecting Pwntools and GDB ✅
Check it out NOW!
4
9
57
Tell me what you don't like about bug bounty and I'll try to provide perspective from the other side.
27
5
56
I just completed the Network Enumeration with Nmap module from the Hack The Box Academy! 🎊
The Firewall and IDS/IPS prevention section was amazing. It came with 3 labs where you had to enumerate a system that had some fairly strict rules set. Those were a real challenge! 💪
0
4
54
I found my first vulnerability in an IOT device 🔥
I have some other ideas and want to dig deeper. I reported it to the vendor and asked if they would be willing to send me a another device so I don't risk bricking my own device. Fingers crossed 🤞
0
0
55
Tell me. Who's someone that everybody interested in hacking/cybersec/Infosec should follow? 🙋
Let me get started with
-
@theXSSrat
-
@InsiderPhD
-
@247CTF
Who else? 📝
14
10
55
📆 Day 1 of
#ECSC
complete ✅
The
@BelRedDaemons
- Travelled to Vienna ✈️
- Settled in at the hotel 🛏️
- Set up their hacking rig 🖥️
Tomorrow we get to the real hacking! 👨💻
Now, it's time to get to bed! 💤😴
10
3
53
I'm worried about the future of my generation.
Will I be able to afford housing?
Will I be financially stable enough to bring kids into this world?
Will I be able to live my life to the fullest?
The only way to answer these questions seems inheriting money or getting lucky
🧵
7
3
55
First day of my internship @
@intigriti
: Very fun day! Got to meet the team, a LOT of reading, getting everything set up. Excited for the upcoming weeks 😊☺️🤗
2
0
52
📰 Made it into the local news:
Houthalense ‘hacker’ was één dag miljonair: “Ik had met het geld ook naar Rusland kunnen verhuizen, maar daar maak ik de wereld niet beter mee”
3
2
49
I'm currently sitting on 20 vulnerabilities in open-source code.
❌ I'm not keeping them for myself
✅ I've reported them responsibly
The maintainers just have not replied (yet 🤞)
These vulnerabilties include
📈 Libraries with 5.000.000 monthly downloads
🔴 Critical RCE
2
4
49
Today, I managed to hit 2500 subscribers. Another big milestone for me! To give something back, I'm giving away 3x 3-month
#HackTheBox
VIP subscriptions (supported by
@HackTheBox
). 🎊 🎁🎊🎉🎁✨
Check out this video for more information on how to enter!
12
23
47
There are psychopaths, sociopaths, and murderers... and then there are people who dock their inspector tools to the left🤮
7
4
47
What is the severity of this vulnerability?
1️⃣ You have a self-XSS on your user account
2️⃣ Login CSRF to log victim into your account
3️⃣ Redirect user to trigger XSS
You have an XSS, but the user is not logged in to their account anymore 🤔
17
2
45
Being a developer is a curse.
Using an app and missing the tiniest little feature?
Spends the next 2 weeks developing the entire app from scratch just to add that little feature.
2
5
46
Another lovely evening pwning
#HackTheBox
machines with the Toreon squad! On the menu this time: Surveillance! 🎥
What a fun box! Teamwork is what made us get this one cleared! 🤝
4
1
46
Currently travelling to Estonia 🇪🇪 for a training for the ICSC (International Cybersecurity Challenge). Excited to meet amazing hackers from all over Europe! ✈️🌍
1
0
43
Just had a terrible experience playing in an
@KatzcyPlayCyber
event.
If you want to bring esports to hacking:
- Do not limit players to terrible webgui VMs, set up a VPN for them to connect to from their own systems, with their own tools, ...
1/2
5
5
45
Ever wanted to reverse how a hack happened? 🧑💻
Check out my new video 👇
✅ Using Splunk to investigate logs 🔎
✅ Purple-team content 🟪
✅ Introduction to digital forensics 🕵️
✅ Solving a
#HTB
Sherlock
🆓 And more are available for free! 💰
1
8
44
The
@BelRedDaemons
are gathering to fly to Vienna for the
#ECSC2022
✈️
What, why and where? Check out the video below 👇
7
3
44
Hi! 👋
I'm sorry for not uploading the next Pwn Zero To Hero video this week! 🙄
Some annoying virus has taken ahold of me and I'm not feeling too great! 🦠
See you next week! ✌
14
0
43
If anyone is looking for a penetration tester role in Belgium (Flanders). Send me a DM! 🇧🇪
0
12
40
📆 Come meet me and your other favorite hackfluencers on the 14th of December in the
@hackthebox_eu
Cyber Santa - Hacking Watch Party!
🕵️♂️ Who?
@_JohnHammond
,
@stokfredrik
,
@NahamSec
,
@PwnFunction
,
@_superhero1
,
@TJ_Null
@0xdf_
and me!
Set a reminder! 👇
4
7
40
In todays video, we're talking about turning XSS into LFI and escalating to RCE:
0
10
42
✅ Project of today finished:
Set up a VPN server at home so I can safely connect to my workstation at home using RDP. That Raspberry Pi I won in a CTF 2 years ago is finally being put to good use! 💪
2
1
40
If you are a penetration tester, and you report 👇
ℹ Password field with autocomplete enabled ℹ
What is the recommendation to the company? Set autocomplete="off"? But modern browsers ignore this directive. Is there another recommendation?
13
3
40
If your core business is helping users protect their passwords, then how is it acceptable to provide such terrible feedback on passwords🤦♂️
The green bar under "expelliarmus" suggests that this is a strong and secure password...🔒
But this password was in the 2009 RockYou leak 📉
1
1
41
@onixIT
I don't like the idea of donating to an army. Would rather spend that money on donating to help the people hit by attacks.
3
0
41
Another evening hacking session with the ethical hacking team Toreon
Pwned another amazing box on
#HackTheBox
: Codify 🟩
Great machine! We totally bypassed the intended solution for the foothold and found another solution for the final privilege escalation. Very creative!
0
0
41
Last week, the waste intermunicipal of my region Limburg was hacked. They chose not to pay the ransom, and the data of over 300.000 households was leaked 🕵️♀️
The local TV station interviewed me about this. It is in Dutch, so enjoy 😅
6
0
41
1. Signed up for a new service
2. Quick check before I enter my address to see if they handle data properly
3. Found way to disclose addresses of people
4. Find security email on website
5. Write mail
6. Ugh...
3
1
37
🎁Giveaway time!
Want to win a 1 month
@RealTryHackMe
voucher? RETWEET this tweet for a chance! The giveaway ends on the 5th of August!
This giveaway is possible thanks to
@TechMafia7
. For more giveaways, join their Discord at !
2
52
39
✅ JWKS Spoofing
✅ HTTP Response Smuggling
✅ & much more!
👇 Check out my writeup video of the SteamCoin ☁🪙 challenge for the UniCTF by
@hackthebox_eu
🟩
0
13
38
🤓➡🦸 Pwn Zero To Hero is back!
📑 What will we be learning?
- Setting up GDB and Pwndbg✅
- Dynamic analysis of a binary✅
- Cheatsheets and more ✅
Check it out NOW!
4
6
38
Little recording session to show how amazing the Toreon product security team is. More to come! 📸
0
0
37
I just completed the Footprinting module from the Hack The Box academy👣
If you want to dig deeper into footprinting FTP, SMB, NFS, DNS, SMTP, IMAP / POP3, SNMP, MySQL, MSSQL, IPMI, SSH, WinRM, WMI, or RDP give this module a go!
I love how hard the labs are! Challenging stuff!
1
5
36
⛳ Can you capture the flag?
🗓 Mark the 5th of May in your calendars!
I'm hosting a ⚡ BLITZ CTF ⚡
⏱ 6 hours of hacking
💰 1000$ prize pool 🤑
🕸 All web challenges
👨💻 Challenges with source code
Sign up now! 👇
1
9
38
Dear security team of REDACTED
Replying to my email saying
"It's not possible to leak fysical addresses of arbitrary users"
when the screen in front of me has the addresses of arbitrary users does not paint a great picture.
Kind regards
PinkDraconian
1
2
35
Got to have a short in real life chat with
@theXSSrat
! Really cool guy with some really cool animals (Didn't see a rat 🐀 🤔 😂). Hopefully after the pandemic we can grab a drink!
Today Uncle Rat met up with
@PinkDraconian
:D What a pleasent guy!! I loved talking to you sir and i hope we can meet again soon 💘💘
5
4
122
3
0
35
So, who's going to be the first to be hit by a cyberattack in 2022?
3
3
33
🏆 The
#ECSC
has concluded!
🇧🇪 We got the 8th place!
Hopefully we made all of the Belgian security experts proud with this achievement!
A big congratulations to the winning teams!
This is
@BelRedDaemons
signing off!
4
1
33
