Wen Bin 

@[email protected]
31 Followers
0 Following
41 Posts
Penetration Tester | Bug Bounty Hunter. 
#bugbounty #bugbountytips #hacking #infosec #cybersecurity
YouTube Channelhttps://youtube.com/@kongwenbin
LinkedInhttps://linkedin.com/in/kongwenbin
Twitter / Xhttps://twitter.com/kongwenbin
Personal Bloghttps://kongwenbin.com
Threadshttps://threads.net/@kongwenbin_
Instagramhttps://instagram.com/kongwenbin_
Wen Bin May 8

TISC 2026 by CSIT wrapped last week. Five finals challenges, five completely different rabbit holes.

Favourite was a hardware one. Spent hours convinced my approach was broken. Quick chat with an organiser revealed the truth: NO ONE HOLDS THE ADMIN DEVICE. It was on a pole up front. I was pressing my button every time a different organiser walked past my desk like an NPC. Walked over, pressed it, boom, solved.

Sometimes the bug is not in your code. It is in your assumptions about the room.

#TISC2026 #Cybersecurity #SGCyber #CSIT #CTF #DEFCON #InfoSec #DEFCONSG #TISC #EthicalHacking

Wen Bin Apr 28

Reflecting on Day 1 of the HTX CTF Finals here in Singapore.

I didn't win, but the technical takeaway was clear: Precision is a force multiplier.

By focusing on a high hit rate rather than just speed, I held 5th place for a good portion of the day. It’s a great reminder that in our field, being precise is a technical skill in itself.

Looking forward to the Day 2 challenges tomorrow!

#CTF #Cybersecurity #AISecurity #IoTSecurity #DEFCON #HTXsg #DEFCONSG #EthicalHacking #CaptureTheFlag #PublicSafety #HTXctf

Wen Bin Apr 22

Qualified for TISC CTF 2026 πŸŽ‰ DEF CON Singapore finals next week πŸ‡ΈπŸ‡¬

The last 2 challenges were brutal. I kept reminding myself there was still time and still angles I hadn't tried. Pushed through - and captured that 4th flag just hours before the clock ran out πŸ€

Five domains: cryptography, binary exploitation, signal analysis, protocol parsing, reverse engineering. Brilliantly designed πŸͺ

Built everything I needed from the community - writeups, tutorials, Reddit and Discord. That shared knowledge is everything πŸ™

Every challenge has a solution. Keep going πŸ”₯

#CyberSecurity #CTF #DEFCON #InfoSec #DEFCONSG #TISC #EthicalHacking

Wen Bin Apr 10

Qualified for HTX CTF Finals at DEF CON Singapore πŸ‡ΈπŸ‡¬ - 13th in the online round, 65/74 solved. πŸ”₯

Both tracks were AI Security and IoT Exploitation. Neither is my daily work. Meant learning how prompt-driven systems break, how MQTT/CoAP expose attack surface, and how one forgotten device pivots into everything else.

All under the clock. ⏱️ Finals end of April. πŸ’ͺ

#CTF #Infosec #AISecurity #IoTSecurity #DEFCON #HTXsg #DEFCONSG #EthicalHacking #CaptureTheFlag #PublicSafety

Wen Bin Mar 30

Received a heads-up that my GovTech Injection badge is expiring soon - a good reminder to share this before it does!

This badge was issued for successfully identifying an Injection vulnerability in a Singapore Government bug bounty program. Shoutout to @govtechsg GovTech Singapore for going the extra mile with a custom badge collection for contributors - it's a thoughtful gesture that makes the recognition feel more personal than just an email acknowledgement. 😊

Glad to have contributed to securing Singapore's digital infrastructure, even in a small way. πŸ’ͺ

https://www.credly.com/badges/2bdfefed-ecb7-4e37-afd3-5c553ae88d3f

#BugBounty #EthicalHacking #CyberSecurity #GBBP

Wen Bin Mar 13

πŸ‘‹ Here's a quick infographic that sums up my Hack The Box - Redeemer walkthrough (Redis enumeration).

πŸ‘‰ Watch the full step-by-step video: https://youtu.be/81JN1vy1HGY

#HackTheBox #Redis #EthicalHacking #CyberSecurity #PenTesting #CTF #Infosec #htb

Wen Bin Mar 9

πŸ‘‹ Here's a quick infographic that sums up my Hack The Box - Dancing walkthrough (SMB enumeration).

πŸ‘‰ Watch the full step-by-step video: https://youtu.be/CpaBWeq9JU8

#HackTheBox #SMB #EthicalHacking #CyberSecurity #PenTesting #CTF #Infosec #htb

Wen Bin Feb 10

New HTB walkthrough: REDEEMER (Tier 0) - Redis fundamentals for beginners.

Redis is everywhere! Caching, session stores, job queues – and when it is exposed or misconfigured, it can leak sensitive data. I just published a beginner-focused walkthrough that covers:

πŸ”Ή How sensitive data can be stored directly in memory
πŸ”Ή What Redis is and common use cases
πŸ”Ή Why you shouldn't expose Redis without authentication
πŸ”Ή How to identify Redis with Nmap (port 6379)
πŸ”Ή How to connect with "redis-cli", enumerate keys and databases
πŸ”Ή Why "KEYS *" is fine for CTFs but use "SCAN" in production

This is part of my ongoing Hack The Box Starting Point – Step-by-Step Walkthrough for Beginners series, where the goal is to help newcomers build strong fundamentals in ethical hacking.

πŸŽ₯ Watch the HTB Redeemer walkthrough here:

β–Ά https://www.youtube.com/watch?v=81JN1vy1HGY

πŸ“‚ Full playlist:

β–Ά https://www.youtube.com/playlist?list=PL2mncq0mb-6iZ6ngDmwGEywmxnCYwO2s_

If you are transitioning into cybersecurity, bug bounty, or pentesting - this series is built for you.

Happy learning and keep hacking ethically πŸ”

#CyberSecurity #EthicalHacking #HackTheBox #PenetrationTesting #Learning #TechEducation #BeginnerHacking #HTBStartingPoint #Nmap #KaliLinux #redis

Hack The Box REDEEMER Walkthrough | Learning Redis for Beginners (Step-by-Step)

YouTube
Wen Bin Feb 3

πŸ’‘ Understanding core network protocols is fundamental for any aspiring cyber security professional. One of the most common that you will encounter is SMB (Server Message Block).

In my latest video, I provide a detailed, beginner friendly walkthrough of the "DANCING" machine from Hack The Box, focusing entirely on SMB enumeration and access πŸš€

You will learn:
πŸ”Ή What SMB (Server Message Block) is and how it works
πŸ”Ή Common SMB ports (139 & 445) and why they matter
πŸ”Ή How to use Nmap for targeted service enumeration such as SMB services
πŸ”Ή How to enumerate SMB shares using smbclient
πŸ”Ή Understanding anonymous / misconfigured shares
πŸ”Ή Downloading files from SMB shares and capturing the flag

This is a perfect starting point for anyone new to ethical hacking.

πŸŽ₯ Watch the HTB DANCING walkthrough here:

https://www.youtube.com/watch?v=CpaBWeq9JU8

πŸ“‚ Full playlist:

https://www.youtube.com/playlist?list=PL2mncq0mb-6iZ6ngDmwGEywmxnCYwO2s_

If you are transitioning into cybersecurity, bug bounty, or pentesting - this series is built for you.

Happy learning and keep hacking ethically πŸ”

#CyberSecurity #EthicalHacking #HackTheBox #PenetrationTesting #Learning #TechEducation #BeginnerHacking #HTBStartingPoint #Nmap #KaliLinux #SMB

Hack The Box DANCING Walkthrough | Learning SMB for Beginners (Step-by-Step)

YouTube
Wen Bin Jan 27

Just published a new beginner-friendly walkthrough for Hack The Box Starting Point - FAWN (Tier 0).

This machine is an excellent introduction to FTP (File Transfer Protocol) and helps beginners understand:
πŸ”Ή How FTP works
πŸ”Ή Why FTP is insecure by design
πŸ”Ή What are the secure alternatives of FTP
πŸ”Ή How attackers enumerate services using Nmap
πŸ”Ή How anonymous FTP login works
πŸ”Ή What is the man command
πŸ”Ή How to retrieve files and capture the flag

Instead of rushing through commands, this walkthrough explains the concepts behind every step, which is something I wish I had when I first started learning ethical hacking.

If you are new to penetration testing or is an aspiring ethical hacker, Hack The Box Starting Point is a fantastic learning platform.

πŸŽ₯ Watch the FAWN walkthrough here:

https://www.youtube.com/watch?v=SLFJOEq5w6Y

πŸ“‚ Full playlist:

https://www.youtube.com/watch?v=OqxPRwP8t_s&list=PL2mncq0mb-6iZ6ngDmwGEywmxnCYwO2s_

If you are transitioning into cybersecurity, bug bounty, or pentesting - this series is built for you.

Happy learning and keep hacking ethically πŸ”

#CyberSecurity #EthicalHacking #HackTheBox #PenetrationTesting #Learning #TechEducation #BeginnerHacking #HTBStartingPoint #Nmap #KaliLinux #FTP

Hack The Box FAWN Walkthrough | Ethical Hacking for Beginners (Step-by-Step)

YouTube