Inveterate Pentester
I’m a guy from Spain who is 18 years old and I’ve been studying cybersecurity since I was 10 years old. I started studying a lot of Pentesting Web when I was 14 years old. Today I’m focused in the branch of Red-Team, actually studying the last year of a Higher Grade called ASIR (Administration of Computer Systems and Networks). I started this project at the age of 16 (2022).
My Way of Beign.
I’m curious, hard worker, enthusiast, self-taught, a person with a lot of attitude and I will learn all what i need to learn.
My first steps in the Pentesting Web.
When I decide to start in the Pentesting Web I was 14 years old (2020), in the beggining I started to learn the different types of existing vulnerabilites (XSS, SQLI, RCE, RFI, LFI etc…).
After 2 Month’s of starting to study a lot, I discover my first vulnerability in a public company of my country. That was a DoS attack, the company in that moment was using a CMS that actually I don’t remember.
So I Discover that if you go into a endpoint and start sending a few requests with a long header, it can drop the entire system. That was reported and shared to the company affected, and a couple of days after my advice the vulnerability was fixed.
After my first exploit, that was only the beggining.
My Current Skills.
Actually I have too many acknowledgment about Pentesting, not only the Web, also I started to learn Pentesting on Active Directory Environment and VPN Network Pentest & Pivoting. Also I’ve been learning about Ransomware Attacks(Techniques & Methodology) & Initial Access Brokers and how they gain access into the VPN of different high revenue corps.
What happen with HacktheBox?
Well If you see my hackthebox profile, you can notice that I haven’t played hack the box for 2 years because on the moment I suffered of a Burn Out. I love hacking and HackTheBox is a great platform for sure, but you need to much time to expend there, and a motivation, my motivation was to learn a lot of Pentesting Web. But after pwn +120 machines , they all start to become repetitive & unrealistic.
My motivations.
My motivation to work in the future is to work in the field of cybersecurity, be able to help implement good security measures of services who requires good security configuration like VPN’S (Fortinet,Dana-na,Cisco Anyconnect, etc…) and also implement good security measures inside the internal net like SIEM, SOC, IDS. Or also be able to be in the explotation area, trying to find web or net vulnerabilities.
New Content on the Blog
I have some ideas for the blog, and I actually preparing advanced documentation about security & hacking.
My Profile
These are my social networks