Cybersecurity · Singapore

Ashton Ang.

I like learning about systems and tools.

About

I'm a cybersecurity student at the Institute of Technical Education in Singapore, and I learn by building. I care more about understanding the system/tool rather than just using it for the sake of using it.

Focus
Network security, log analysis, automation
Working in
Python · Shell · SQL
Credentials
Fortinet FCF · Google Cybersecurity · Splunk Core
In progress
TryHackMe SOC Level 1
Looking for
A cybersecurity internship
Selected work All projects
Offensive security

Hack The Box: Oopsie

My first full Hack The Box machine, taken from a guest cookie to a shell on the box.

I chained four simple web vulnerabilities together to gain access into a system. An IDOR flaw that got me the administrator's account ID, editing browser cookies to trick the site, uploading and executing a reverse shell PHP script, and found a reused database password.

  • Hack The Box
  • Web exploitation
  • Burp Suite
  • Reverse shell
  • Linux
Networking

Subnet Scanner

A command line tool that finds live hosts on a network and checks which common ports they have open.

You give it a subnet in CIDR notation. It pings every address to find live hosts, then opens short lived TCP connections to common ports like SSH, HTTP, HTTPS, SMB, and RDP on each host that answered, and prints a table of hosts and their open ports. It runs on a thread pool, so a full subnet finishes in seconds instead of minutes, and it stays on the Python standard library. Building it made me separate the two questions a scan really asks: is this host alive, and is something listening behind that port.

  • Python
  • Networking
  • Port scanning
  • Threading

Building something, hiring, or just curious?

Get in touch