[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

# ![@commando_skiipz Avatar](https://lunarcrush.com/gi/w:26/cr:twitter::1088201719165698049.png) @commando_skiipz Ghost St Badmus

Ghost St Badmus posts on X about fintech, money, microsoft, youtube the most. They currently have XXXXXX followers and XX posts still getting attention that total XXXXXX engagements in the last XX hours.

### Engagements: XXXXXX [#](/creator/twitter::1088201719165698049/interactions)
![Engagements Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1088201719165698049/c:line/m:interactions.svg)

- X Week XXXXXXX +32%
- X Month XXXXXXXXX -XXXX%
- X Months XXXXXXXXX +4,938%
- X Year XXXXXXXXX +226%

### Mentions: XX [#](/creator/twitter::1088201719165698049/posts_active)
![Mentions Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1088201719165698049/c:line/m:posts_active.svg)

- X Week XX -XX%
- X Month XXX -XX%
- X Months XXX +1,113%
- X Year XXX +51%

### Followers: XXXXXX [#](/creator/twitter::1088201719165698049/followers)
![Followers Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1088201719165698049/c:line/m:followers.svg)

- X Week XXXXXX +3.20%
- X Month XXXXXX +27%
- X Months XXXXXX +72%
- X Year XXXXXX +93%

### CreatorRank: XXXXXXX [#](/creator/twitter::1088201719165698049/influencer_rank)
![CreatorRank Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1088201719165698049/c:line/m:influencer_rank.svg)

### Social Influence

**Social category influence**
[technology brands](/list/technology-brands)  XXXXX% [finance](/list/finance)  XXXXX% [stocks](/list/stocks)  #2950 [social networks](/list/social-networks)  XXXX% [countries](/list/countries)  XXXX%

**Social topic influence**
[fintech](/topic/fintech) #38, [money](/topic/money) 4.17%, [microsoft](/topic/microsoft) #49, [youtube](/topic/youtube) 4.17%, [strong](/topic/strong) #432, [alibaba and](/topic/alibaba-and) #1, [alibaba](/topic/alibaba) #40, [if you](/topic/if-you) 4.17%, [nigeria](/topic/nigeria) #690, [business](/topic/business) XXXX%

**Top accounts mentioned or mentioned by**
[@fortune71227524](/creator/undefined) [@uche_jmp](/creator/undefined) [@geezy__david](/creator/undefined) [@gabbytech01](/creator/undefined) [@godwinc55](/creator/undefined) [@saintnagat](/creator/undefined) [@commandoskiipz](/creator/undefined) [@t3chfalcon](/creator/undefined) [@adikekizitodev](/creator/undefined) [@cyb3rn3t1cs](/creator/undefined) [@jhayceecodes](/creator/undefined) [@papa_emill](/creator/undefined) [@newbmonster](/creator/undefined) [@ireteeh](/creator/undefined) [@jayhunts](/creator/undefined) [@segoslavia](/creator/undefined) [@i4gaau](/creator/undefined) [@rabiuismail03](/creator/undefined) [@h4ruk7](/creator/undefined) [@chiziaruhoma](/creator/undefined)

**Top assets mentioned**
[Microsoft Corp. (MSFT)](/topic/microsoft) [Alphabet Inc Class A (GOOGL)](/topic/$googl)
### Top Social Posts
Top posts by engagements in the last XX hours

"Dear Founders CTOs Managers and Developers I want you to read the quoted tweet and genuinely imagine this happening to your own product the one youre building or have already built. The truth is the founders of Bunni probably never took security seriously. And just like them many of you still dont because security doesnt make money right Were a small business hackers wont bother with us well deal with it later. That mindset is exactly how companies end up in situations like this. Every time I get the opportunity to speak with people in your position I emphasize one thing: invest in security"  
[X Link](https://x.com/commando_skiipz/status/1981337166899818670)  2025-10-23T12:29Z 12.8K followers, 246.7K engagements


"My body still dey shake lmao🤣🤣"  
[X Link](https://x.com/commando_skiipz/status/2000993362204119443)  2025-12-16T18:16Z 12.7K followers, XXX engagements


"I know someone who contributed to the project by hacking VulnBank and properly documenting how they did it. That same person was later referred for an opportunity at a bank and now works as a pentester at a Tier-1 bank. I hear so many stories like this and they still shock and make me genuinely happy. VulnBank was originally meant to be a very contextual way to learn API hacking nothing more. But people loved it so much that I decided to host it publicly for less technical folks as well and personally take on the monthly server and LLM API key costs"  
[X Link](https://x.com/commando_skiipz/status/2001418436627570969)  2025-12-17T22:25Z 12.7K followers, 1163 engagements


"@h4ruk7 Thanks a lot chief I did a couple of sessions on mobile app and a mobile api hacking. Check them here: I used Vulnbank mobile for both talks"  
[X Link](https://x.com/commando_skiipz/status/2001419599187677465)  2025-12-17T22:29Z 12.6K followers, XXX engagements


"@sAintNagat Lmao the guy say I dey find gig na why I dey talk these things. Funny guy😂😂"  
[X Link](https://x.com/commando_skiipz/status/2001675602093310041)  2025-12-18T15:27Z 12.6K followers, XX engagements


"@sAintNagat No mind am jare e no serious"  
[X Link](https://x.com/commando_skiipz/status/2001681598966649090)  2025-12-18T15:50Z 12.6K followers, XX engagements


"Omo I cut cap for video editors o😂 See that small email pop I cover so I do like 1hr before I figure am out. I do video chat with ChatGPT taya e no work. Na one random YouTube video from like X years ago finally teach me how to do am. My brain no fit carry video editing at all. E too hard 😭😭"  
[X Link](https://x.com/commando_skiipz/status/2002321924727206185)  2025-12-20T10:15Z 12.8K followers, 3845 engagements


"Delay is not Delilah. Alhamdulilah"  
[X Link](https://x.com/commando_skiipz/status/2000993107937055138)  2025-12-16T18:15Z 12.7K followers, 4495 engagements


"@T3chFalcon @owasp Congratulations man"  
[X Link](https://x.com/commando_skiipz/status/2001307842016313843)  2025-12-17T15:05Z 12.7K followers, XXX engagements


"@_nicholaschun Not really even if they did in the past they would have patched a long time ago. But some fintech apps make some of these mistakes"  
[X Link](https://x.com/commando_skiipz/status/2001588376177377758)  2025-12-18T09:40Z 12.7K followers, XX engagements


"@I_M_EJ Youre welcome"  
[X Link](https://x.com/commando_skiipz/status/2001643444511625429)  2025-12-18T13:19Z 12.8K followers, XX engagements


"I built an intentionally vulnerable banking application for security engineers/interns developers & QA analysts to learn practice secure code reviews and test their application security knowledge in areas such as SQLi XSS CSRF race conditions API vulnerabilities & more"  
[X Link](https://x.com/commando_skiipz/status/1889292374922109108)  2025-02-11T12:36Z 12.8K followers, 155.8K engagements


"Look around the JS files(especially those with random characters .js) you might just find the secret key IV and the encryption algorithm and mode.🤭🙂"  
[X Link](https://x.com/commando_skiipz/status/1946240353033388459)  2025-07-18T16:07Z 12.8K followers, 9962 engagements


"A company in the Middle East offered me $140k/yr & a $100k signing bonus to join them around DecJan. I passed all the interview phases and in my head I had already distributed all my belongings to my siblings only for them to cancel at the last minute for a ridiculous reason"  
[X Link](https://x.com/commando_skiipz/status/1948413420153262184)  2025-07-24T16:02Z 12.8K followers, 1.2M engagements


"A long time ago one of Americas largest payment processors suffered a breach so severe that it shook the entire financial industry and became one of the biggest data theft incidents in history. Heartland Payment Systems handled millions of credit & debit card transactions every single day. Restaurants retailers hospitals thousands of businesses relied on them to securely process payments. But in late 2008 attackers quietly broke into one of Heartlands public-facing web applications through a simple SQL Injection vulnerability. From that single entry point they planted malware deep inside"  
[X Link](https://x.com/commando_skiipz/status/1995897067684655198)  2025-12-02T16:45Z 12.8K followers, 33.9K engagements


"I just realized something: people who started learning a new skill in 2020 and stayed consistent now have X years of experience. Some of them are probably mentoring others at work already. Let this be your cue. Learn that skill youve been hesitating about. By 2030 you could be confidently saying you have X years of experience too. And if in 2020 you were XX and felt too old or too mature to start learning youre now XX without that skill. Will you wait until XX before taking your life seriously"  
[X Link](https://x.com/commando_skiipz/status/2000162597299986779)  2025-12-14T11:14Z 12.8K followers, 40.7K engagements


"A few years ago a small and promising startup built a product meant for children. CloudPets created internet-connected teddy bears that allowed parents and kids to exchange voice messages. A child talks to the bear. The message is sent to the cloud. A parent listens and replies from a mobile app. Cute idea. High trust. Extremely sensitive data. To make this work CloudPets stored: - Childrens voice recordings - Parent accounts and emails - Profile photos and messages All of it lived in their cloud backend. At some point in late 2016 attackers discovered something alarming. CloudPets production"  
[X Link](https://x.com/commando_skiipz/status/2001199160716841080)  2025-12-17T07:53Z 12.8K followers, 15.2K engagements


"Saying MongoDB database is like saying JWT token sounds weird🤣🤣"  
[X Link](https://x.com/commando_skiipz/status/2001205761582526752)  2025-12-17T08:20Z 12.8K followers, XXX engagements


"@basscotte_ Your clients should never talk to MongoDB directly. They talk to your API. Then you should restrict MongoDB to your backend server IPs or a private VPC/peering connection"  
[X Link](https://x.com/commando_skiipz/status/2001256387415081255)  2025-12-17T11:41Z 12.8K followers, XXX engagements


"Brooooo I really appreciate you doing this man. To be honest I said I wouldnt talk about the award anymore because of a few disrespectful remarks of how I wasnt deserving of the award and other ridiculous things that were shared with me on WhatsApp including from some people who ironically learned with VulnBank. I knew I partly brought that insult on myself the moment I started jokingly asking people to vote and that was the reason behind the post I made the other day. That said there are over 3000 users on VulnBank as we speak and thats after the fifth time I wiped the Docker container."  
[X Link](https://x.com/commando_skiipz/status/2001417002267881806)  2025-12-17T22:19Z 12.8K followers, 10.5K engagements


"This is a standard practice for almost all Tier-1 banking applications in Nigeria and for some fintech applications Ive previously performed pentests on. Client-side encryption isnt a total waste or a waste of compute as some people have claimed but rather a measure to protect against API tampering or API request/response manipulation between the client and the server when implemented properly. Even with HTTPS attackers can capture a decrypted version of web or mobile API data in transit because the browser and the server establish a level of trust during the TLS handshake. Attackers can"  
[X Link](https://x.com/commando_skiipz/status/2001537852769767661)  2025-12-18T06:19Z 12.8K followers, 212.4K engagements


"HTTPS WILL NOT PROTECT YOUR APPLICATION. BYE"  
[X Link](https://x.com/commando_skiipz/status/2001632916527604091)  2025-12-18T12:37Z 12.8K followers, 24.7K engagements


"CTO sir please hire me sir🥹🧎🏾"  
[X Link](https://x.com/commando_skiipz/status/2001638062531710981)  2025-12-18T12:57Z 12.8K followers, 2224 engagements


"@chiziaruhoma The best solution is to thoroughly validate user supplied data and not expect any type of encryption to save you. Encryption should only be a extra layer to make things harder for malicious people"  
[X Link](https://x.com/commando_skiipz/status/2001668550503665829)  2025-12-18T14:59Z 12.8K followers, 2917 engagements


"You see this SSRF attack yeah Big companies with strong engineering teams like Capital One GitHub Microsoft Alibaba and others have all suffered from it in the past. Once an attacker successfully exploits SSRF they can pivot from the application into the underlying infrastructure using credentials (keys tokens metadata secrets etc.) that the server is tricked into returning. From there cloud-level access becomes possible depending on the permissions of the exposed credentials. If your environment is poorly isolated this can escalate into full infrastructure compromise. This is how real"  
[X Link](https://x.com/commando_skiipz/status/2002260949139411175)  2025-12-20T06:13Z 12.8K followers, 50.2K engagements


"I explained Server Side Request Forgery here and showed the audience how attackers test applications for Blind and Inband SSRF types"  
[X Link](https://x.com/commando_skiipz/status/2002262236266430605)  2025-12-20T06:18Z 12.8K followers, 2337 engagements


"@JhayceeCodes 😂😂😂 its usually easy for me to just screen record and call it a day. I wish MacBooks default screen recorders allow voice recording it would have been better. But Ill try adding a sound track or something 😭"  
[X Link](https://x.com/commando_skiipz/status/2002323473784353010)  2025-12-20T10:21Z 12.8K followers, XXX engagements


"Youre welcome 🫡"  
[X Link](https://x.com/commando_skiipz/status/2002360323102113876)  2025-12-20T12:47Z 12.8K followers, XXX engagements


"@thenetwork_lad Lmaoooooo"  
[X Link](https://x.com/commando_skiipz/status/2002372809184415810)  2025-12-20T13:37Z 12.8K followers, XX engagements