I'm Daniel García Baameiro
University education
DOCTORATE - PHD (pending...)
I plan to conduct my doctoral studies by performing an analysis of current Advanced Persistent Threats, outlining their infrastructure, possible creation, maintenance, and detection.
MASTER'S DEGREE IN CYBERSECURITY
I completed my official postgraduate/master's studies through Universidad Carlos III de Madrid. During the course of the course, I was a delegate and obtained remarkable grades. As a Master's Thesis, I conducted a research that demonstrates the ability to track and identify users using only WiFi wireless networks.
As a delegate, when the course was carried out with the effects of the global pandemic, I developed a telegram channel, a bot and a discord server. In this way, through the channel and informed of the most relevant news at the same time that was informed of exams and activities to be delivered. Through the Discord server, students were allowed to have a library room with library sounds, as well as to organize themselves in groups to do their work through the written and voice channels.
COMPUTER ENGINEERING DEGREE
I did my undergraduate studies at the Complutense University of Madrid. As a Final Degree Project, I developed a control and attack cloud based on probes capable of detecting cyber-attacks and performing cyber-attacks, all remotely controlled with its encryption layer to obfuscate traffic.
During the course of my career, I helped found two student associations, both computer science and journalism, and I was president of one of them, LibreLabUCM and AEPD-UCM. I was also a member of the Big Data association SCIData. I have been a delegate in the last courses of the Degree, coordinator of departments, representative in the Department Council, member of the Student Delegation of the Faculty of Computer Science (DAFI) and representative of Computer Engineering in Spain (RITSI). I carried out many activities, such as workshops, competitions and lectures.
CYBERSECURITY CERTIFICATIONS
CSFPC - Cyber Security Foundation Professional Certificate
Expedition: January 2021
OSCP - Offensive Security Certified Professional
Expedition: July 2021
CPT - Certificate of Professional Training
Expedition: April 2020
CRTO - RED TEAM OPS
Expedition: pending...
CRTO II - RED TEAM OPS II
Expedition: pending...
EDUCATION IN LANGUAGES
NATIVE - SPANISH
TOEIC - ENGLISH B2
FRENCH - SCHOOL LEVEL
EDUCATION IN COURSES
| Logo | Entity | Title | Year | |
|---|---|---|---|---|
 |
North Atlantic Treaty Organization (NATO) | Malware and Exploits Essentials Course | 2022 | |
 |
Centro Criptológico Nacional (CCN-CERT) | II Course STIC - Mobile Communications Security | 2021 | |
 |
RootedCON | Exploit Development for Pentesters | 2020 | |
 |
Securizame | Advanced Ethical Hacking Course | 2020 | |
| Pending to write the rest... | ||||
As Penterster and Red Team
Timeline
Red Team Lead
GRUPO TRCJUNE 2022 - Present
The functions to be performed include the following:
- - Perform assessments of security products, identifying their potential vulnerabilities.
- - Creation of proofs of concept, PoC.
- - Coordination of Red Team exercises.
- - Support in the investigation of security incidents.
- - Development of ad hoc solutions, both software and hardware.
- - Analysis and hardening of networked infrastructures.
RED TEAM LEAD
SYSTEMS ENGINEERING FOR SPANISH DEFENSE (ISDEFE)MAY 2021 - Present
Among the functions to be performed are the following:
- - Coordinate and plan Red Team exercises.
- - Perform security product evaluations.
- - Creation of PoC proofs of concept.
- - Support in the investigation of security incidents.
Malware and Security Engineer
SYSTEMS ENGINEERING FOR SPANISH DEFENSE (ISDEFE)APRIL 2021 - MAY 2021
The functions to be performed are the following:
- - Web and network and wifi security audits.
- - Intrusion testing and pentesting.
- - Red Team exercises.
- - Security product evaluations.
- - Creation of proofs of concept.
- - Security recommendations based on vulnerabilities.
- - Software programming such as programs or scripts.
- - Support in the investigation of security incidents.
- - Development of malware
Ethical Hacking Technician (Red Team/Purple Team)
GRUPO SIAAPRIL 2020 - APRIL 2021
Among the functions to be performed, are the following:
- - Web and mobile security audits.
- - Intrusion testing.
- - Vulnerability identification.
- - Information gathering.
- - Development of scripts and programs.
- - Report writing.
Cibersecurity in CNA (Red Team/Pentesting)
S2 GRUPONOVIEMBRE 2019 - MARZO 2020
Collaboration in the following tasks: conducting Web security audits, vulnerability identification, information gathering, report writing, application stress. Security review of WFi environments, network protocols, link level attacks, parameterization, securitization of environments. Development of cybersecurity tools, oriented to network attacks, HUMESEC, intrusion detection.
[BECARIO] Ciberseguridad en CNA (Red Team/Pentesting)
S2 GRUPODICIEMBRE 2018 - NOVIEMBRE 2019
Collaboration in the following tasks: conducting Web security audits, vulnerability identification, information gathering, report writing, application stress. Security review of WFi environments, network protocols, link level attacks, parameterization, securitization of environments. Development of cybersecurity tools, oriented to network attacks, HUMESEC, intrusion detection.
AS Trainer and Professor
Timeline
Offensive Security Trainer
International Graduate SchoolMAY 2021 - Present
Teaching more than twelve editions of the Offensive Security course providing training in Python, malware development, exploit creation, web hacking, wifi hacking, powershell, privilege escalation, pivoting, enumeration, -among others-.
Trainer for "Practical hardware training for pentesting and red team"
CodeRed - ECCOUNCILSEPTEMBER 2021 - JANUARY 2022
Trainer for "practical hardware training for pentesting and red team" course for CodeRed, EC-COUNCIL's training platform. Within the course, the student was provided with the ability to perform penetration tests on hardware devices and to create devices that would be useful in a Red Team campaign.
[INTERNSHIP] Professor of Programming Fundamentals
UNIVERSITY COMPLUTENSE OF MADRIDOCTOBER 2017 - JANUARY 2018
Academic mentoring of the subject Fundamentals of Programming (FP) of the Faculty of Computer Science of the UNIVERSITY COMPLUTENSE OF MADRID, whose objective is to support the student's studies in order to obtain high grades and to encourage the use of tutorials by the students.
With Public Institutions
WMany small people, in small places, doing small things, can change the world"
As a Spanish citizen, I have always considered it my duty to contribute my bit to society in terms of cybersecurity, and what better way than through the public sector by actively collaborating with state security forces and corps, such as the Joint Cyberspace Command (MCCE), the Civil Guard, the National Institute of Cybersecurity (INCIBE) and the Ministry of Defense. My collaboration covers assistance in terms of cyber-attacks, participation in international exercises, contribution in national events, training delivery and collaboration in their specific cybersecurity programs. My goal is to contribute to the strengthening of national security in the digital domain and to promote a strong and resilient cybersecurity in our country.
CESTIC
CESTIC (Centro de Estudios en Seguridad y Tecnologías de la Información y las Comunicaciones) is an institution dedicated to research, training and development in the field of computer security and information and communication technologies. Its objective is to promote innovation and knowledge transfer in these areas.
Civil Guard
It is a public security corps of military nature in Spain, responsible for maintaining order and ensuring public safety. Within its competencies, the Guardia Civil also has units specialized in the fight against cybercrime and the protection of security in cyberspace.
MCCE
The Joint Cyber Space Command (MCCE in spanish) is a Spanish military unit in charge of coordinating and directing cyber defense operations at the national level, protecting the country's networks and critical infrastructures and collaborating with other agencies to improve cyber security.
INCIBE
The National Institute of Cybersecurity (INCIBE in spanish), is an entity under the Ministry of Economic Affairs and Digital Transformation of Spain, responsible for promoting and strengthening cybersecurity at the national level. It offers advice, training and resources to protect citizens, companies and institutions against cyber risks.
Ministry of Defense
It is the government department in charge of defense and security policy in Spain. This ministry coordinates the Armed Forces, cyber defense policies and collaborates with international organizations in the promotion of global security and stability.
Being Broadcaster, writer and developer
Radio broadcaster
I am a person who loves to talk about cybersecurity, computer science and science. During my time at university, I have been able to share my passion for communication through the Podcast El zoo de Schrödinger (ZooUCM) of InforadioUCM. Thanks to Jose, host of the program, I had the opportunity to interact with the university community, developing communication skills and oral expression, talking about science topics always oriented to computer science and cybersecurity.
Author
I am passionate about cybersecurity and always looking for ways to share my knowledge with others. I had the opportunity to publish two articles in Hacking9 Magazine, a magazine specialized in the field of cybersecurity. Through my writings, I was able to connect with other professionals and enthusiasts, sharing valuable ideas, techniques and strategies:
- "Nmap: The Perfect Tool" for Vol.16 No.08 of Hakin9's IT Security Magazine entitled "Best Hacking Techniques". The objective of the article is to introduce an inexperienced person to enumeration and scanning using the nmap tool from a low-level perspective of the protocols. At the same time, it is intended that knowledgeable people who are even looking to pursue certifications such as OSCP can incorporate key scans into their cybersecurity arsenal.
- "Build your own brute force tool" for Vol.16 No.12 of Hakin9's IT Security Magazine entitled "Brute Forcing and Supply Chan Attacks". The aim of the article is to provide a manual for the creation of brute force tools through the bash scripting language available natively in GNU/Linux distributions.
Developer
I love contributing to the free software community and have had the opportunity to contribute to GNU/Linux distributions such as Parrot Security and Debian. Working with other passionate developers, we have improved and enriched these platforms to make them more secure and accessible to everyone. I have also contributed to projects focused on cybersecurity and education, helping to create tools and resources that allow others to learn and grow in this field. This experience has given me the satisfaction of making a difference in the open source world and in the cybersecurity community. In turn, I have also given presentations and participated in events that have allowed me to help others contribute to Free Software.
Creating, Organizing y Collaborating
CryptoParty Madrid
Co-founder and organizer
FDI Security Team
Co-founder and organizer
LibreLabUCM
Former president and co-founder
AEPD - UCM
Co-founder and vice-president
Bioempleo
Contributor
Cibercooperantes
Former member
IV y V Semana de la Ciencia Indignada
Organizer
Delegación de Alumnos
Coordinator and department representative
ZOO de Schrödinger
Radio Contributor
Buffer Hack
Co-founder and Organizer
RITSI
Representative of the Computer Engineering Department of the UNIVERSITY COMPLUTENSE OF MADRID
Media appearances
I have always liked to bring cybersecurity to common people, and I have had the opportunity to participate in several media interviews, both in print and broadcast media.
My purpose in these interventions has always been to inform and raise public awareness about the importance of cybersecurity in our society today, sharing my knowledge and experiences in the field. These interviews have been an excellent platform to reach a wide audience and promote the adoption of responsible and effective cybersecurity practices.
NATIONAL AND INTERNATIONAL CONFERENCES
National conferences (Spain)
If there is one thing I am passionate about, it is being able to share my knowledge and experiences with others. I have had the honor of being a speaker on several occasions nationwide, where I have given presentations at universities, companies, cybersecurity events and non-profit associations, reaching a diverse and enthusiastic audience.
(Valencia)
CyberCamp, INCIBE
Hardware and software tools for Red Team and Blue Team in WiFi networks
(Madrid)
Science Week
Cybersecurity Workshop at the Faculty of Informatics.
(Alicante)
Campus of Alicante
Git, GitHub & GitLab workshop
In each presentation, I strive to convey my passion for cybersecurity and the importance of education in this field, inspiring students and professionals to deepen their knowledge and skills. These experiences have allowed me to connect with people from diverse backgrounds and enrich my professional career while contributing to the growth of the cybersecurity community in Spain.
Conferences at Educational Level
When I entered the university, there was no cybersecurity course until the third year. That is why I got together with several colleagues and we began to move the subject of cybersecurity at the university through a multitude of presentations. Most of my presentations have been thanks to the Complutense University of Madrid, where I have participated in events such as AULA, the Science Week, the Computer Science Week, ... Reaching an audience of both students and anyone who would like to attend without the need to be a university environment.
In the second year of the Degree in Computer Engineering and, thanks in large part to the Vice-Dean of Innovation Pablo, I was able to take my first steps in the world of lectures. Together with Álvaro, I gave my first two lectures during the second Computer Science Week, in what was called the first Cybersecurity Cycle of the Faculty of Computer Science of the Complutense University of Madrid. Personally, this encouraged me to continue, giving only at university level alonemore than 40 papers.