Damien van der Linden

And last week I encountered a mix of Device Code Phishing and ClickFix (or well, ConsentFix rather). Full blog: https://t.co/ZWjoeYiOcr

🎮 NEW BLOG: Breaking into Cybersecurity: A Real Guide from Someone Who Took the Scenic Route A personal blog about how I got into cybersecurity, and how you can too! (Spoiler: I mainly played World of Warcraft) https://t.co/DnMjnEPEKC

Something different today, how about a short CTF-styled KQL challenge? Would love to do these on a larger scale, testing the waters here! https://t.co/C9Fv4DVyFm

This is my first blog that surpassed 1k views and skyrocketed my blog. Thanks everyone for reading and using my query! There will be a few confirmed new IOCs added, so make sure to rerun the query later today!

Appreciated!✊

Scored another 'I hacked the Dutch government' t-shirt! Bug bounty programs can be daunting and harsh as it's usually cleared of low-hanging fruit. I always like to step back to a VDP every now and then. Motivates me again!

The thing I find often with courses, is that it's a showcase of multiple tools that you can fire on your targets that every other hacker on the program will have done already. And it feels useless, I can use a tool, I need to learn on where to dive deeper, where to move on etc.

Since about 2 weeks, I've rediscovered my love for bug bounty hunting. Over the last 2 weeks I have managed to submit 3 valid bugs on VDPs! Yet I feel like I still have a lot to learn when it comes to OWASP Top 10.. Course recommendations are very welcome!

I keep on finding the stuff I'm comfortable hunting. Like overprivileged API keys, simple IDOR and information disclosures. It's time to learn to deal with WAF, bypass auth, dust off my XSS knowledge and dive deeper into API hacking.

With my currently limited and still developing malware analysis skills, I have followed some breadcrumbs of a C2 connection alert. Leading to a SOCGholish infected website, that distributes Lumma malware. Join me on my journey! Feedback is very welcome! https://t.co/QVKhFn7RYt

New post! Unmasking Phishing Hidden in Google Links With KQL, step-by-step query breakdown. https://t.co/kaTvef12YY