About

My Journey in Software Development and Security

Over the past 17 years, I have immersed myself in the dynamic world of software development, starting from web development and since 11 years ago into Secure Software Development Lifecycle in Telefonica R+D, with a special focus on security architecture and engineering for the last 8 years when I switched to an operations blue team in Qustodio. My experience encompasses diverse roles, ranging from development to operational positions and security engineering. I hold a BTL1 Certification and I have experience with several security controls, specially Splunk and Crowdstrike.

Since 6 years ago, at AttackIQ, my focus has shifted to offensive security, honing my skills in simulating and automating threat actor scenarios under the MITRE framework. During this time, I’ve become adept at detecting and mitigating security threats using robust security controls. Still involved in SSDL since we are part of the scenario development and also involved in defensive mesures since we are on top of threat intelligence and mitigations for our customers.

Currently, at Avara/AAVE Labs as Senior Cyber Security Engineer where I operate the SOC (this time with Crowdstrile and Sumo Logic) and perform audits and pentests to web3 applications in the company. I hold a CW3H Certification and I have experience with several exploits and attacks. As well as Certified Smart Contract Auditor.

As a Senior member of the team I am engaged in mentoring team-mates and doing presentations for complex security developments, as well as security best practices. My journey continues, fueled by a passion for innovation, problem-solving, and a commitment to making the digital world more secure.

Skills

I have worked with other technologies as well, but appearance in this list means I extensibly worked with it:

• Programming languages: Python, NodeJS and Solidity
• Low-level programming: Assembly x86-64, C, Golang and Rust
• Exploitation and Reverse Engineering (Immunity Debugger/Mona, XDBG, Ghidra)
• Smart Contract Exploit development and Auditing (Certified Web3 Hacker and Certified Smart Contract Auditor)
• Cryptography: understanding of Discrete Logarithm Problem, Factorization Problem and most common primitives: SHA1, AES, RSA, ECC, Diffie-Hellman scheme for TLS. As well as Post-Quantum Cryptography such as ML-KEM based on module lattice problem.
• SIEM: Automation, Alerting, Visualization and Report generation (Splunk and Sumo Logic).
• Data Analysis (Python): Jupyter Notebooks, Pandas, Numpy, Matplotlib, TensorFlow.
• RAG Implementation: with local LLMs such as llama2-uncensored and private knowledge vector embeddings.
• Knowledge of Linux, its structure and how to perform a penetration test.
• Knowledge of Windows, WinAPI, Active Directory and how to perform a penetration test.
• CAP theorem and distributed systems patterns: Saga, Command and Query Responsibility Segregation, Replicated Load-Balanced Services, Sharding.
• Containerization and distribution: Docker and Kubernetes
• Cloud Computing: Knowledge of common services of the three main cloud providers (AWS, Azure and GCP) regarding Compute, Network, Storage and Security, with expert level in AWS. Also worked with Openstack.
• How to perform penetration tests for Cloud infrastructure.
• Low-level knowledge protocols: TCP/IP, TLS, HTTP, HTTPS, WebSocket, SPICE virtualization protocol.

Here are some of the projects that I have been doing for fun and profit:

• Golang Assembly Function
• Rust Assembly Function
• Golang Memory Injection
• Python Exploits (Buffer Overflows)
• Golang Fast Blind SQL Injection
• Rust Fast Blind SQL Injection

Also you can check the writeups of the boxes in: [HTB Boxes]