kongwenbin
π Hello, my name is Wen Bin!
I hold a Master in Computing (Infocomm Security) from the National University of Singapore (NUS) and have been working in the cyber security industry in Singapore for many years! I hold the following professional security certifications:
π Offensive Security Certified Professional (OSCP)
π Certified Ethical Hacker (CEH)
π CREST Registered Penetration Tester (CRT Pen)
I was also publicly listed in the π Hall of Fame of over 100 companies. I hope to share some of my experiences and bug bounty tips with you!
β
*Donβt forget to LIKE π and SUBSCRIBE π for more beginner-friendly content!*
π¬ Follow me on Social Media π¬
linkedin.com/in/kongwenbin
twitter.com/kongwenbin
linktr.ee/kongwenbin
π Check out my blog π
kongwenbin.com
β οΈ Disclaimer β οΈ
Unauthorized hacking is illegal! Always seek permission to conduct any security testing. In my hacking videos, I set up the targets within my home lab, so they are all legal π
kongwenbin
With just two days to National Day, I had an unexpected moment of reflection π€
While cleaning out my display cabinet, I stumbled upon this bug-shaped trophy ππ - a unique and meaningful reminder of a time when I had the opportunity to contribute directly to our nation's digital defense π‘οΈ
It brought back vivid memories of intense (and fun) bug hunting sessions. There were no big rewards, but what I gained was far more valuable: lasting friendships, unforgettable experiences, and a deep sense of purpose β¨
I can't tag anyone who served alongside me back in the days for obvious reasons - but I am proud to see how we have all continued the mission in our own ways, still doing our part to help Singapore stay strong, secure, and forward looking πͺ
This cute trophy? Just a little bonus π
Happy National Day, Singapore ππΈπ¬
Here's to keeping our little red dot safe - online and beyond π₯
4 months ago | [YT] | 5
View 0 replies
kongwenbin
π¨ Want to host your own WireGuard VPN on a VPS like DigitalOcean?
I just dropped a full step-by-step beginner tutorial β perfect for bug bounty hunters, privacy enthusiasts, or anyone who wants a faster, cheaper, and more secure VPN setup.
In this guide, I show you how to:
β Create your VPS
β Install WireGuard + configure server & client
β Enable IP forwarding, firewall, and auto start
β Connect from your Mac using config file or Phone using QR code
π₯ Watch now: https://youtu.be/p2a7wdvtnwg
Let me know in the comments if you tried it out!
5 months ago | [YT] | 1
View 0 replies
kongwenbin
π Hey everyone! π Super excited to share that the entire OverTheWire Bandit Wargame Series (all 6 videos) now has accurate, manually created English subtitles! I personally typed and aligned them to ensure everything is spot-on (no YouTube auto-gen here!).
To enable them, just go to your video settings: γ Settings > Subtitles/CC > English γ
Watch the FULL PLAYLIST (6 videos covering all 32 stages):
π: www.youtube.com/playlist?list...
Hope this helps you learn even better! Let me know in the comments if they make a difference for you! π
5 months ago | [YT] | 2
View 6 replies
kongwenbin
New video up! If you've ever downloaded a VulnHub machine that came only with a .vmdk file β and had no idea what to do next β this is for you.
I walked through how to launch that machine in VMware Workstation, step-by-step.
Watch here π https://youtu.be/m9-NT903Evo
6 months ago | [YT] | 2
View 0 replies
kongwenbin
Want to run Kali Linux without the full VM overhead?
I just posted a full walkthrough on how to run Kali in Docker, create a custom image, and even set up file sharing with your host machine. It's beginner-friendly and great for using it to following any step-by-step tutorials too.
π₯ Watch here: https://youtu.be/JmF628xGk1A
6 months ago | [YT] | 1
View 0 replies
kongwenbin
π¨ Want to start learning ethical web hacking for FREE?
π― In this video, I break down 3 websites that offer hands-on labs, structured paths, and gamified learning - perfect for beginners in web application penetration testing and bug bounty!
π Hereβs who made the list:
β PortSwigger Web Security Academy
Learn real-world web vulnerabilities with interactive labs
β TryHackMe
Gamified challenges + guided learning paths
β Hack The Box
Academy modules, practice labs & certifications β all linked together
But I didnβt stop at listing them.
π‘ I shared my professional take on:
1οΈβ£ Their unique strengths
2οΈβ£ What makes each platform great for beginners
3οΈβ£ And where they could improve to become even better
This isn't just another list β they are insights from an active bug bounty hunter from Singapore πΈπ¬π
π Timestamps and useful links in the video description
π Comment your favorite FREE hacking resources β let's share and help each other grow!
#BugBounty #BugBountyTips #CyberSecurity #EthicalHacking #TryHackMe #HackTheBox #PortSwigger
6 months ago | [YT] | 1
View 0 replies
kongwenbin
Here's an UPDATE for this video: **Bug Bounty: How I gained over 1000 REPUTATION on HackerOne in 3 Months**
π https://www.youtube.com/watch?v=o4R-M...
At 04:52, I mentioned that when your report was closed as "duplicate", the only way to estimate how long ago was the "original report" submitted was to see the ID of the "original report". If its report ID is very far away from your report ID, or if you have some old reports with similar report ID as the "original report", you will be able to derive with a highly probable estimation of when was the original report submitted. That way, you can know whether the program has been fixing bugs actively. Otherwise, very likely your next report will also be a "duplicate".
NOW, you don't have to use this method anymore. HackerOne has a new feature whereby if your report was closed as a "duplicate", they will directly provide you with the report title and report submission date.
I have included a screenshot for your reference as well.
6 months ago | [YT] | 5
View 0 replies
kongwenbin
π FINALLY, the last (6th) video of the *OverTheWire Bandit Step-by-step Walkthrough series (with explanations)* just went LIVE!! π₯π₯π₯
π Please check it out if you are interested yeah! I have added the video in this post π
OR if you want to watch the FULL PLAYLIST (6 videos covering all 32 stages):
π www.youtube.com/playlist?list...
6 months ago | [YT] | 2
View 0 replies
kongwenbin
π‘ One of the life hack that is very important to learn is to make use of resources provided to us. In the case of YouTube, there is this "CC" button (usually bottom of the video) which allows subtitles to be added to the video you are watching. I am sharing this because I noticed not many people use this feature π€
π If it says "English (auto-generated)", they are REALLY generated by YouTube platform. There is no human intervention (no one vets it) and while they are great, they are sometimes not so accurate, especially when it comes to an Asian's pronunciation of words or things like someone's Chinese name. π
βΆοΈ Whenever available, select "English" or any options that does not have the "(auto-generated)" tag. βοΈ
π Yes, any of such options are subtitles that have been MANUALLY WRITTEN/UPDATED by the video owner, so they are usually more accurate βοΈ
7 months ago | [YT] | 3
View 2 replies
kongwenbin
A little late but I am happy to share that I finished the year of 2024 in first place among Singapore βͺ@HackerOneTVβ¬ HackerOne researchers πΈπ¬
Big thanks to everyone who believe in me and keep me motivated in my bug bounty journey! π«°
It has been a hectic year, very challenging programs and was invited to my first live hacking event π₯ hope can post more content this year!
#bugbounty #hackerone #TogetherWeHitHarder #security #bughunting
10 months ago | [YT] | 11
View 6 replies
Load more