Jason kek Website!
Hello there 👋 Welcome to my website!

Projects & CTF

 

CTF HISTORY

CTF RANKING (performance)

    • DSTA CDDC

    top 30 out of 156 teams

    • GRU22

      Top 3 out of 64 teams

    top 10 out of more than 100 teams

    • HTX | Investigators Challenge

      Led my team of 3 to win the top 10 of more than 200 teams.

    • HackerOne | H@cktivitycon CTF

      Led my team of 3 to win the top 300 of 2000 teams.

    • N0H4TS | STANDCON CTF

      Led my team of 4 to win the top 3 of 60 teams.

    • GOVTECH | STACK THE FLAG CTF

      Led my team of 4 to win the top 30 of 200 teams.

Cybersecurity projects.

FTP Attack

ARP poisoning

Spear Phishing (Social engineering)

SMB attack with remote code xexcution via social engineering and DoS attack

HackerOne Bug Bounty program.

During my free time, I like to participate in bug bounty program. Recently, I found a vulnerability at a KPOP audition website that have CVE-2007-6750 and reported it via the HackerOne platform.

F Society.

Inspired by the movie MR ROBOT, Fsociety was a tool I contributed during DEFCON 28. As part of røøtz Asylum(A place where kids learn white-hat hacking to better the world) we created this simplified penetration's testing tool for kids to understand easier.

Brute-force Dictionary attack.

I learnt to execute brute-force attacks during my free time. Using Burpsuite, I used Kali Linux (attacking machine) & metasploitable (Target Machine) and Hashcat. I was able to hack into “John’s account”.

HACKTHEBOX

HACKTHEBOX is an online cybersecurity training platform that allows me to network with other ethical hackers as well as joining and practicing for CTF competitions and penetration testing.

AlienVault SIEM

I have been keeping up to date with latest Cybersecurity news and evolving threats not only by watching the news but subscribing to various SIEM Open source threat exchange platforms such as AlienVault.

SYNFlooding dos attack

Using metasploit framework, I used auxiliary/dos/tcp/synflood module to execute the synflooding attack.

Try Hack Me

Top hacker in Singapore

FTP Attack mitigation

ARP poisoning mitigation

Spear phishing mitigation ( Social engineering)

Mitigating malicious Sources

H@cktivitycon

So glad that I attended H@cktivitycon conference & CTF by HackerOne! Host and produced by NahamSec! It was amazing to network and learn from talented ethical hackers from around the world🌏

SQL enumeration.

I learn SQLMap during my free time. Using Kali Linux (attacking machine) & metasploitable (Target Machine, Web server) I was able to identify and exploit the SQL injection flaws.

Android Hacking.

I learnt Multi/handler tool during my free time and demonstrated the dangers of downloading malicious applications on android phones. Using this tool, I was able to carry out Man-In-The-Middle attacks, Reverse TCP, perform an involuntary backup, take full control of the android phone using Metasploit shellcode.

ARP Poisoning Attack.

I learnt how to execute ARP poisoning attack during my free time from youtube. Using Ettercap in Kali Linux (attacking machine) & metasploitable (Target Machine) I was able to intercept the password by spoofing the MAC address.

Research with Library books.

I have been constantly expanding my knowledge on computer penetration testing, forensics, network security and security operations not only through the internet but also borrowing books from the library.

FTP backdoor command execution

Using metasploit framework, I used exploit/unix/ftp/vsftpd_234_backdoor module and cmd/unix/interact payload to execute the FTP backdoor command execution.

ImmersiveLabs

Top 3 in my cohort in 2020

Other Projects

Startup Weekend Singapore - I was one of the mentor to recommend cybersecurity solutions to 750 participating members from 43 different countries.

Mosque Tech challenge - using micro-bit, my team and I was able to make an app that allow elderly to exercise at home by hitting on the micro-bit sensor.

Universal Drones Singapore (UDS) - Universal Drones Singapore is a non-profit group created by me and my friends to educate drone novice by providing tutoring sessions, a platform for drone enthusiast to meet and level up their skills and to educate safety regulation for aerial activities in collaboration with CAAS ( Civil Aviation Authority of Singapore).

Hackathon@SG - Together with my team of 5, we created sustainable automatic plant watering system using Arduino.

OneMaker Group (OMG) - I was one of the volunteer to teach kids how to use DJI Robomaster.

 

Sec Ops presentation

Picture of me discussing and explaining how ARP poisoning attacks are executed.

Sec Ops presentation

Vulnerability scanning for sec ops project

 

Some snapshots and photos of Cybersecurity Club & Robotics projects.

Session on how to execute google dorking and perform OSINT investigation.

Session on how to stay secure and improve privacy online.

Temi robot

A robot I made, assisting with library operations and enforcing safe distancing measures using AI and machine learning.

Face Mask detection using jupyter notebook and help from Github.

Later deployed on a robot (Temi) which assisted with library operations and enforcing safe distancing measures.

National Robotics Competition Team.

Led my team to win Top 10 out of 200 schools.

National Robotics Competition.

Led my team to win Top 10 out of 200 schools.

Some photos during IBM P-TECH  workshops.

data hackathon with Deloitte mentor volunteers.

IBM Cybersecurity workshops on SIEM and Forensics.

CSA (Cybersecurity Agency) site visit.

App dev apprentices workshop.

Motivation and Self-Management workshop.

Demonstration of how man-in-the-middle and rainbow table attacks are done.

GovTech site visit.

Certificate of Attendance.