Daniel Ordonez Arango

[ ACTIVE OPERATOR ]

Penetration tester with experience across web applications, networks and incident response.

I work across web applications, networks and systems with an offensive and defensive mindset, translating technical findings into documentation teams can actually use to improve security posture.

Get in touch View original CV Download transcript

LinkedIn GitHub

11 HTB paths completed
644 Targets compromised
Top 1% HTB ranking

[ ABOUT ]

Profile briefing

I combine offensive security testing with defensive analysis to assess and strengthen organizational resilience. My focus spans web applications, network infrastructure, and secure development practices. I deliver clear, actionable findings that bridge technical discoveries with business-level security improvements.

[ CORE DOMAINS ]

Attack surface coverage

Web Applications Networks Local Systems Defensive Analysis Secure Development Context Documentation Reporting Remediation Support

[ PROFESSIONAL EXPERIENCE ]

Real-World Impact & Career Timeline

Why this profile stands out

Offensive + Defensive Context I assess weaknesses with an attacker mindset while keeping remediation and defensive priorities in focus.

Application + Infrastructure View I work across web applications, internal networks, servers and databases, providing comprehensive security coverage.

Incident Response Context I have also mitigated and eradicated security incidents, helping restore affected services and reduce operational impact.

Builder Knowledge My development background helps connect vulnerabilities with implementation realities, making remediation more practical.

Operational history

HackerOne

Penetration Tester

Focused on offensive security testing and identifying meaningful weaknesses.
Documented findings with clear impact so they can be reviewed and prioritized.
Reinforced the reporting side of pentesting, not only discovery.

Zeroazul

Backend Developer & Security Specialist

Developed secure REST APIs using Node.js, PHP, and Python.
Integrated security testing into CI/CD pipelines.
Performed code reviews with focus on OWASP Top 10 vulnerabilities.

SOC Operations

Security Analyst

Monitored and analyzed security events using SIEM platforms.
Incident response and forensics for security breaches.
Created detection rules and playbooks for common attack patterns.

[ RESOURCES ]

Downloadable material

These resources support the information shown on this portfolio and make the profile easier to verify.

Curriculum Vitae Download the original CV in PDF format for a compact professional summary. HTB Academy Transcript Download the Hack The Box transcript as supporting training evidence.

[ PROFILES ]

Professional presence

I keep these profiles available so clients, recruiters and collaborators can review my background and public work.

[ EDUCATION / CERTIFICATIONS ]

Training stack

My training combines offensive security, defensive analysis and software development foundations, supported by a detailed HTB Academy transcript.

Paths completed 11

Targets compromised 644

HTB ranking Top 1%

Completed HTB job role paths

Web Penetration Tester Completed path focused on web recon, exploitation, APIs and professional reporting.

Penetration Tester Completed path covering methodology, enterprise assessments, exploitation and reporting.

SOC Analyst Completed path covering monitoring, SIEM, traffic analysis, DFIR-related work and reporting.

Junior Cybersecurity Analyst Completed path bridging offensive and defensive foundations for practical cybersecurity work.

External cybersecurity studies

IBMCybersecurity Analyst Professional Certificate (V2)

GoogleCybersecurity Professional Certificate V2

Development foundations

CodeCademyFull-Stack Engineer

CodeCademyComputer Sciences

Transcript-backed modules

SQL Injection Fundamentals Cross-Site Scripting (XSS) Web Service & API Attacks Active Directory Enumeration & Attacks Linux Privilege Escalation Windows Privilege Escalation Documentation & Reporting Attacking Enterprise Networks Security Monitoring & SIEM Fundamentals Threat Hunting with Elastic Investigating with Splunk Working with IDS/IPS

[ LANGUAGES ]

Communication

English
Spanish

[ TECHNICAL ARSENAL ]

Programming & Scripting

Python JavaScript Bash PowerShell SQL PHP HTML CSS

Penetration Testing Tools

Burp Suite Nmap Metasploit John the Ripper Hashcat ffuf Hydra Medusa OWASP ZAP SQLMap Impacket Splunk tcpdump Wireshark Suricata Snort Elastic Stack

Infrastructure & Platforms

Linux (Ubuntu/Kali/Parrot) Windows (7/8/10/11/Server) Docker REST APIs MySQL/PostgreSQL Git

Compliance & Methodologies

NIST Cybersecurity Framework HIPAA PCI DSS PTES

[ 644 TARGETS COMPROMISED ]

HackTheBox Lab Coverage

Compromised 644 targets across diverse attack surfaces in HackTheBox labs, demonstrating practical proficiency in:

Active Directory Attacks Kerberos exploitation, AS-REP roasting, Kerberoasting, DCSync, GPO abuse, and domain privilege escalation

Privilege Escalation Linux: SUID binaries, kernel exploits, sudo misconfigurations, cron jobs. Windows: SeImpersonate, unquoted service paths, registry manipulation

Web Application Exploitation SQL injection, XSS, CSRF, SSRF, file upload bypasses, authentication flaws, API vulnerabilities, deserialization attacks

Network & Service Exploitation SMB, RDP, SSH, FTP exploitation, port forwarding, pivoting, tunneling, and lateral movement techniques

[ CONTACT ]