Hello I am Arsalan. Offensive Security Engineer, I blog about Cyber security, CTF writeup, Programming, Blockchain and more about tech. born and raised in indonesia, currently living in indonesia

Posts   About

About me

• Name : tripoloski / tripoloski1337 (M. Arsalan Diponegoro)
• Age : 23
• Education : Bachelor degree in Information System from University of Gunadarma (2017-2021)

Achievement

• 2023 3rd Champion Cyber Jawara 2023 general category (Team Probset)
• 2022 Finalist NUCTF by Nahdlatul Ulama & Narasi.tv (Team Manual Tapir)
• 2022 Finalist Fostifest CTF by UMS
• 2022 Finalist Slashroot CTF by stikom
• 2021 2nd Gemastik CTF kategori Keamanan Siber by PUSPRESNAS, KEMENDIKBUD DIKTI, TELKOM UNIVERSITY
• 2021 Finalist CSCCTF 2021 by Cyber Security Community Binus (Team Tampan dan berani)
2021 Finalist Hacktoday IPB by Institut Pertanian Bogor (Team Shheeeezzhhhhhh)
• 2021 Finalist WreckIT CTF 2021 by Senat Korps Taruna Politeknik Siber dan Sandi Negara dan Program Studi Rekayasa Keamanan Siber Politeknik Siber dan Sandi Negara (Team Pejuang buka rekening)
• 2021 Finalist FINDIT CTF by Electrical and Information Engineering Universitas Gajah Mada (Team HEYYEYAAEYAAAEYAEYAA)
• 2021 Finalist JOINTS CTF by Universitas Gajah Mada (Team BigBrainGurls)
• 2021 Finalist ARA CTF by Institut Teknologi Sepuluh Nopember (Team TNT)
• 2020 2nd CSC CTF by Bina Nusantara University (Team TNT)
• 2020 Finalist, redmask 2020 CTF by CSIRT.ID (Team TnT)
• 2020 Finalist, HOLOGY 3.0 CTF by Universitas Brawijaya (Team glut0r)
• 2020 MetaCTF CyberGames 19th student category (Team CCUG)
• 2020 Finalist, Cyber Jawara 2020 (Team glut0r)
• 2020 b01lers CTF bootcamp 11th (Team CCUG)
• 2020 Finalist, Hacktoday CTF IPB (Team glut0r)
• 2020 DEEP CTF 9th (Team CCUG)
• 2020 virseccon CTF 17th (Team securisecctf)
• 2020 CHRIST (Deemed to be University) CTF 9th (Team CCUG)
• 2019 Finalist, HOLOGY 2.0 CTF (Team glut0r)
• 2019 Finalist, Slashroot CTF 4.0 (Team glut0r)
• 2019 Finalist, HackToday CTF IPB (Team glut0r)
• 2019 HackCon 10th (Team securisecctf)
• 2019 Facebook CTF 48th (Team securisecctf)
• 2019 WPICTF 6th (Team securisecctf)
• 2018 Finalist, Indonesia Cyber Competition (IDCC) CTF (solo)
• 2018 GCC Amikom HackFest 8th (Team Panitianya)
• 2018 Finalist, Slashroot CTF 3.0 CyberSecurity Competition (Team gundar_cysec)
• 2018 1st place, Himti Hackfest Universitas Gunadarma (CTF) (solo)

Bug Hunting

• 2022 Hall of fame BogaApp
• 2022 Hall of fame Rekeningku
• 2022 Hall of fame XL Axiata
• 2022 Hall of fame Moka
• 2021 Hall of fame https://www.dana.id
• 2021 Hall of fame https://www.chatwork.com/
• 2021 Acknowledge http://pegipegi.com
• 2018 Acknowledge by indonesian private bank (Found several security hole on their website)

Security Research/Publication

• CVE 2023-25047, WordPress RSVPMarker Plugin <= 9.9.3 is vulnerable to SQL Injection allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 9.9.4.
• CVE 2023-27616, WordPress RSVPMarker Plugin <= 10.6.6 is vulnerable to Cross Site Scripting (XSS) This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 10.6.7.
• CVE 2023-27617, On progress publishing

Project

• My github link : tripoloski1337
• Pwn learning module : learn to pwn
• Covid-hack : Covid-hack
• A simple Information System : Information System for eyewear shop
• Problem Setter of Hackfest Gunadarma CTF 2020: Challenge Repo

Talk

• 2021 SS TNI, Workshop Instructor covering Binary Exploitation
• 2021 BEM FIKTI Universitas Gunadarma, Workshop Instructor covering Binary Exploitation at FIKTI CODING
• 2021 BEM FIKTI Universitas Gunadarma, Guest Speaker talking about Gemastik Competition
• 2021 Google Developer Student Club Universitas Bhayangkara, Guest speaker talking about introduction to CTF for CyberSecurity Industry

CTF Organizer

• 2021 Technofair CTF (Challenge Author): Pwn Challenge (arm32, aarch64)
• 2021 Hackfest 0x04 CTF (Challenge Author): Pwn Challenge
• 2021 Hackfest 0x03 CTF (Challenge Author): Pwn Challenge , Reversing Challenge
• 2020 Hackfest 0x03 CTF (Challenge Author): Pwn Challenge , Reversing Challenge
• 2019 Hackfest 0x02 CTF (Challenge Author): Pwn Challenge , Reversing Challenge
• 2019 Himti Hackfest CTF (Challenge Author): Pwn Challenge , Reversing Challenge

Working experience

• 2020.02 - 2021.06 indodax.comCyber Security Researcher
• 2021.06 - 2023.08 indodax.com Redteam Security
• 2023.08 - Now AIA Singapore Senior Information Security Engineer

Contact me

• Email : arsalan.dp@gmail.com