Welcome to our new blog series, Meet 1337! Each month, we will shine a light on one of the genius minds within our awesome network of hackers!
Today, we would like to introduce you to Ramon! Ramon is a pentester who spends his free time exploring CVD/RD and Bug Bounty programs.
Please tell us a bit about yourself. Who are you?
I’m Ramon, 25 years old, and live in Groningen. From a young age, I’ve been interested in hacking and exploiting. I’m super glad I got the opportunity to make a living out of my hobby 🙂
How much time do you spend on hacking?
Probably a little more than I should. I work full-time as a pentester for Achmea, and in my free hours, I like to work on CVD/RD and Bug Bounty programs.
When did you start hacking?
As a kid, I always tried to hack, which (even to my surprise) sometimes worked out. I started looking into CVD/RD and Bug Bounty during my IT studies to make some money. Since then, it has become a lot more serious.
Could you share some challenges you faced while hacking or in this industry?
Writing good and clear reports… I used to forget that not everyone is too tech-savvy.
What was your most interesting/crazy hack?
I think the most insane hack I’ve done was at the Dutch government. I accessed a database critical to the Netherlands’ security.
Could you share some surprising stories or fun facts that occurred to you during your career?
When I just started my career, I did a pentest, which just ticked all the boxes. I was hacking a financial application that was full of vulnerabilities. By combining these vulnerabilities, it was possible to break into the company’s cloud provider account and access the internal data of that company and its other customers. As this was one of my first pentests, it was very educational and a lot of fun 😉
What are your favorite tools/resources/content/people to learn from and which you could recommend to others?
I’ve learned a lot from hacking Hack the Box machines. The PortSwigger Academy is also a great resource for learning about various vulnerabilities and how to exploit them.
Why do you hack with Zerocopter?
Because Zerocopter has a lot of local Dutch customers that I interact with in my daily life, the hacking events in which Zerocopter has helped lately and because they have an awesome and supportive team.
What is your favorite swag that you ever got?
Probably my NCSC 2022 & 2023 Wall of Fame sweaters 😎, or the white “lousy” t-shirt. Haven’t seen it anywhere else:
What is, in your opinion, the best conference to go to?
I’ve only been to one: HackerHotel. It was a great experience!
What would you like to learn in the future?
I’d like to gain more experience in Red Teaming and physical penetration testing.
Is there anything you want to tell your readers?
(Try to) stick to the scope listed in the safe harbor. Once, I almost got in trouble for attacking an underlying system that was not in the scope of the pentest.
We hope you enjoyed the interview and got to know Ramon better! Stay tuned for the upcoming one in June to meet more awesome hackers from our network!