Daniel García Baameiro

Click here to close post

HI!

I´m Daniel García Baameiro

It´s an honor to welcome you to my website 😄 Here you will find my professional portfolio with all the challenges I have faced. If you have any questions, don´t forget to contact me!

UNIVERSITY EDUCATION

DOCTORATE - PHD (pending...)

I plan to conduct my doctoral studies by performing an analysis of current Advanced Persistent Threats, outlining their infrastructure, possible creation, maintenance, and detection.

MASTER IN CYBERSECURITY

I undertook official postgraduate/master´s studies through the Carlos III University of Madrid. During the course, I was a delegate and obtained outstanding grades. As my Master´s thesis, I carried out a research project to demonstrate the ability to track and identify users using only WiFi wireless networks

I was elected delegate by my peers and created a telegram channel, a telegram bot and a discord channel with the aim of mitigating the effects of the COVID pandemic. In this way, through the channel, I informed about the most relevant news as well as exams and activities to be handed in. Through the Discord server, students were allowed to have a library room with library sounds, as well as to organise themselves in groups to do their work through the written and voice channels.

COMPUTER ENGINEERING DEGREE

I did my undergraduate studies at the Complutense University of Madrid. As my final thesis, I developed a control and attack cloud based on probes capable of detecting cyber-attacks and performing cyber-attacks, all remotely controlled with its encryption layer to obfuscate traffic.

During the course of my career, I helped found the student associations LibreLabUCM and AEPD-UCM, focusing on computer science and journalism. I was also president of LibreLabUCM. I was also a member of the Big Data association SCIData. I have been a delegate in the last years of the Degree, coordinator of departments, representative in the Department Council, member of the Student Delegation of the Faculty of Computer Science (DAFI) and representative of Computer Engineering in Spain (RITSI). I carried out many activities, such as workshops, competitions and lectures..

CYBERSECURITY CERTIFICATIONS

CSFPC - Cyber Security Foundation Professional

Expedition: January 2021

OSCP - Offensive Security Certified Professional

Expedition: July 2021

CPT - Certificate of Professional Training

Expedition: April 2020

CRTO - TEAM OPS NETWORK

Expedition: pending...

CRTO II - RED TEAM OPS II

Expedition: pending...

LANGUAGES

TRAINING COURSES

Logo	Entity	Title	Year
	North Atlantic Treaty Organization (NATO)	Malware and Exploits Essentials Course	2022
	National Cryptologic Center (CCN-CERT)	II STIC Course - Security in Mobile Communications	2021
	RootedCON	Exploit Development for Pentesters	2020
	Securizame	Advanced Ethical Hacking Course
Pending to write the rest...

AS PENTESTER AND Red Team

Schedule

Red Team Lead

GRUPO TRCJUNE 2022 - Present

Tasks I perform in my day-to-day work:

- Perform cybersecurity product assessments, identifying potential vulnerabilities.
- Creation of proofs of concept, PoC.
- Coordination of Red Team exercises.
- Support in the investigation of cybersecurity incidents.
- Development of ad hoc solutions, both software and hardware.
- Analysis and networks securization.

Red Team Lead

INGENIERÍA DE SISTEMAS PARA LA DEFENSA DE ESPAÑAMAY 2021 - Present

Tasks I perform in my day-to-day work:

- Coordination of Red Team exercises.
- Perform safety product evaluations.
- Creation of PoCs (proofs of concepts).
- Support in the investigation of cybersecurity incidents.

Security and Malware Engineer

INGENIERÍA DE SISTEMAS PARA LA DEFENSA DE ESPAÑAAPRIL 2021 - MAY 2021

Tasks I perform in my day-to-day work:

- Web, network and WiFi security audits.
- Pentesting.
- Red Team exercises.
- Security product evaluations.
- Creation of proofs of concept.
- Security recommendations based on new vulnerabilities.
- Software programming such as programs or scripts.
- Support in the investigation of security incidents.
- Malware development

Ethical Hacking Technician (Red Team/Purple Team)

GRUPO SIAAPRIL 2020 - APRIL 2021

Tasks I perform in my day-to-day work:

- Web and mobile security audits.
- Performance of Intrusion Test.
- Identification of vulnerabilities.
- Information gathering.
- Script and program development.
- Report writing.

Cybersecurity in CNA (Red Team/Pentesting)

S2 GRUPONOVEMBER 2019 - MARCH 2020

Tasks I perform in my day-to-day work:

- Conducting Web security audits.
- Vulnerability identification.
- Information gathering.
- Report writing.
- Application stress.
- Security review of WiFi environments.
- Link level attacks, parameterization, securitization of environments.
- Development of cybersecurity tools oriented to network attacks, HUMESEC, intrusion detection.

[CYBERSECURITY INTERN] CNA Cybersecurity (Red Team/Pentesting)

S2 GRUPODECEMBER 2018 - NOVEMBER 2019

Collaboration in the following tasks:

- Conducting Web security audits
- Vulnerability identification
- Information gathering
- Report writing
- Application stress
- Security review of WiFi environments
- Link level attacks, parameterization, securitization of environments.
- Development of cybersecurity tools oriented to network attacks, HUMESEC, intrusion detection.

AS Professor

Schedule

Offensive Security Professor

International Graduate SchoolMAY 2021 - Present

Teaching of more than twelve editions of the "Offensive Security" course, providing training in:

- Python, powershell and bash code development
- Theoretical concepts of Pentesting and Red Team
- Pivoting
- Enumeration
- Development of malware and exploits
- Privilege escalations on Windows and GNU/Linux
- Web Hacking and WiFi Hacking

Hacking With Python Professor

International Graduate SchoolSEPTEMBER 2021

Temporary substitution of the "Hacking with Python" teacher providing training in:

- Python code development.
- Theoretical concepts of Pentesting and Red Team.
- Active enumeration.
- Passive enumeration.

Professor of the course "Practical hardware training for Pentesting and Red Team".

CodeRed - ECCOUNCILSEPTEMBER 2021 - JANUARY 2022

Professor of the course "Practical hardware training for pentesting and red team" for CodeRed, EC-COUNCIL´s training platform. Within the course, the student was provided with the ability to perform penetration tests on hardware devices and to create devices that would be useful in a Red Team campaign.

[SCHOLARSHIP] Professor of Programming Fundamentals

FURNACE OF MADRIDOCTOBER 2017 - JUNE 2018

Academic mentoring of the subject Fundamentals of Programming (FP) of the Faculty of Computer Science of the Complutense University of Madrid, whose objective is to provide support in the study, seeking that the student can obtain high grades.

With Public Institutions

"Lots of little people, in little places, doing little things, can change the world"

As a Spanish citizen, I have always considered it my duty to contribute my bit to society in terms of cybersecurity, and what better way than through the public sector by actively collaborating with state security forces and corps, such as the Joint Cyberspace Command (MCCE), the Civil Guard, the National Institute of Cybersecurity (INCIBE) and the Ministry of Defense. My collaboration covers assistance in terms of cyber-attacks, participation in international exercises, contribution in national events, training delivery and collaboration in their specific cybersecurity programs. My goal is to contribute to the strengthening of national security in the digital domain and to promote a strong and resilient cybersecurity in our country.

INCIBE

The National Institute of Cybersecurity, an entity under the Spanish Ministry of Economic Affairs and Digital Transformation, is responsible for promoting and strengthening cybersecurity at the national level. It provides advice, training and resources to protect citizens, companies and institutions against cyber risks.

Guardia Civil

It is a public security corps of a military nature in Spain, responsible for maintaining order and guaranteeing public safety. Within its competences, the Guardia Civil also has units specialised in the fight against cybercrime and the protection of security in cyberspace.

MCCE

The Joint Cyber Space Command is a Spanish military unit in charge of coordinating and directing cyber defence operations at the national level, protecting the country´s networks and critical infrastructures and collaborating with other agencies to improve cyber security.

National Police

The National Police is an armed institute of a civilian type, with a hierarchical structure whose mission is to protect the free exercise of rights and liberties and to guarantee citizen security, with a scope of action throughout the national territory of Spain.

CESTIC

CESTIC (Centro de Estudios en Seguridad y Tecnologías de la Información y las Comunicaciones) is an institution dedicated to research, training and development in the field of computer security and information and communication technologies. Its aim is to promote innovation and knowledge transfer in these areas.

Ministry of Defense

It is the government department in charge of defence and security policy in Spain. This ministry coordinates the Armed Forces, cyber defence policies and collaborates with international organisations in the promotion of global security and stability.

with other entities

Radio broadcaster

I am a person who loves to talk about cybersecurity, computer science and science. During my time at university, I have been able to share my passion for communication through the Podcast El zoo de Schrödinger (ZooUCM) of InforadioUCM. Thanks to Jose, presenter of the program, I had the opportunity to interact with the university community, developing communication skills and oral expression, talking about science topics always oriented to computer science and cybersecurity.

Imagen 2

Imagen 2

Writer

I am passionate about cybersecurity and am always looking for ways to share my knowledge with others. I had the opportunity to publish two articles in Hacking9 Magazine, a magazine specialised in the field of cybersecurity. Through my writing, I was able to connect with other professionals and enthusiasts, sharing valuable ideas, techniques and strategies:

strong>"Nmap: The Perfect Tool" for Vol.16 No.08 of Hakin9`s IT Security Magazine entitled "Best Hacking Techniques". The objective of the article is to introduce an inexperienced person to enumeration and scanning using the nmap tool from a low-level perspective of the protocols. At the same time, it is intended that knowledgeable people who are even looking to pursue certifications such as OSCP can incorporate key scans into their cybersecurity arsenal.

"Build your own brute force tool" for Vol.16 No.12 of Hakin9`s IT Security Magazine entitled "Brute Forcing and Supply Chan Attacks". The aim of the article is to provide a manual for the creation of brute force tools through the bash scripting language available natively in GNU/Linux distributions.

Imagen 2

Developer

I love contributing to the open source community and have had the opportunity to contribute to GNU/Linux distributions such as Parrot Security and Debian. Working with other passionate developers, we have improved and enriched these platforms to make them more secure and accessible to all. I have also contributed to projects focused on cybersecurity and education, helping to create tools and resources that allow others to learn and grow in this field. This experience has given me the satisfaction of making a difference in the open source world and in the cybersecurity community. In turn, I have also given talks and participated in events that have allowed me to help others contribute to Free Software.

Debian Git

Parrot Security Git

CYBER SECURITY and TECHNOLOGY EVENTS

BEING CO-FOUNDER and ORGANIZER

Cybersecurity event named Buffer Hack

BufferHack is an initiative driven by students belonging to LibreLabUCM, the non-profit student hacker association of the Complutense University of Madrid, which is dedicated to promoting free software, free culture and cybersecurity. This totally free event offers 9 hours of cybersecurity content presented by leading professionals in the sector, including Yago Hansen, David Marugán, Guille Hartek, Josep Moreno, Alejandra Ventura, Pedro Javier, among many others.

The event took place on 7 May 2019 at the Faculty of Computer Science of the Complutense University of Madrid, and ran from 11am to 8pm. The importance of BufferHack lies in its focus on promoting cybersecurity, a field of growing relevance in today´s digital world. It also provides a platform for students and professionals to share knowledge and experiences, thus fostering a strong and engaged community around cybersecurity.

As the organiser of BufferHack, my role was instrumental in the planning and execution of this event. I handled a variety of responsibilities, including design, planning the schedule, seeking funding, selecting speakers, organising accommodation and booking venues. My contribution to BufferHack helped make this event a success and strengthen the cybersecurity community at the Complutense University of Madrid and beyond.

Cybersecurity event named CryptoParty Madrid

CryptoParty is a global grassroots effort that seeks to introduce the fundamentals of practical cryptography, such as the Tor anonymity network, I2P, Freenet, key signing parties, disk encryption and virtual private networks, to the general public. Conceived in 2012 by Australian journalist Asher Wolf, this self-organising movement´s primary goal is to hold free public workshops to train people in the use of these digital security tools.

CryptoParty Madrid emerged as an instance of the international event, in 2016 by students from the Complutense University of Madrid. Since its first edition in 2016, this free public initiative has stood out for its commitment to promoting the right to privacy and security online. It is organised with the aim of empowering people, regardless of their level of technical skills, to protect their privacy in the digital age. Through interactive workshops, talks and recreational activities, attendees have the opportunity to learn how to use essential encryption and computer security tools from experts in the field.

The event provides a safe and friendly platform for everyone, regardless of age, gender or computer literacy, to immerse themselves in the world of cyber security. In a world where our lives are increasingly interconnected and digitised, online privacy and security are of paramount importance. Each edition of CryptoParty Madrid, from 2016 to 2018, has been a resounding success, attracting a diverse and curious audience. Activities range from technical workshops to more general talks, covering topics such as anonymity on the Internet, cryptography, and the use of proxies and VPNs to protect online privacy. The result is a stimulating and friendly learning environment that ensures attendees acquire valuable skills to safely surf the net, protect their privacy and strengthen their freedom in the digital age.

BEING COLABORATOR

World Party Event by (Hack Madrid)

The WorldParty2k22 is a worldwide distributed event organised by the HackMadrid collective, being the first of its kind. This event follows in the wake of others such as Linux.Party->2018, Tech.Party->2019, WorldParty2020 and WorldParty2k21, which have fostered the creation of local hacking communities around the world. Communities organise in-person events in their locality, such as the one held by HackMadrid in Madrid, as well as streamed activities

WorldParty2k22´s mission is to promote the dissemination of knowledge, critical and scientific thinking, and experimentation through projects based on free software and hardware, with a focus on the public and social good.

During the event, I had the opportunity to volunteer, helping in the organisation of the event and coordinating the members of LibreLabUCM. It was an enriching experience that allowed me to be at the epicentre of promoting free software and hardware, open education and the creation of a global network of hacking communities.

WorldParty2k22 was not only a hacking event, but also a meeting space for people with a wide variety of interests and skills, uniting the global hacking community in a joint effort to advance our collective understanding and potential for public and social good.

OUTRAGE SCIENCE WEEK

Outraged Science Week is an event organised by more than 14 associations of public universities and research centres in Madrid, with the aim of highlighting the importance of scientific research and reclaiming its value for society. For three weeks, talks, debates and activities are held on science and its current situation, with a focus on high-level scientific dissemination and the promotion of current work and research of public interest. The event also seeks to highlight the need for science for a better future, offering a dissemination of science that is free from economic interests, with an ecological, inclusive and egalitarian approach.

Among the associations organising this event are various student associations from Madrid´s public universities, including the Technical University of Madrid, Complutense University of Madrid, the Autonomous University of Madrid and Carlos III University of Madrid.

For two editions of Outraged Science Week, I had the privilege through LibreLabUCM to be an integral part of the organising team. My role involved coordination between various associations and universities, ensuring that the programming of activities and the management of spaces were carried out efficiently and effectively. Organising this event was an enriching experience that gave me a deep understanding of the importance of scientific research and the need for its dissemination.

In addition to the coordination responsibilities, I also contributed to the design of the event´s posters. This task allowed me to explore my creativity and add a personal touch to the visual identity of Outraged Science Week, helping to promote and give visibility to the initiative. Despite the challenges, I am proud to have been involved in the organisation of an event that not only highlights the importance of science for society, but also advocates for an inclusive, egalitarian and ecological vision of science.

BIOEMPLEO Event

Bioemployment Week, organised by the Faculty of Biology of the Complutense University of Madrid, is an event for students interested in this area. This actively student-organised event aims to bring together conferences, complementary training courses and visits from different agents of potential professionalisation of biologists, providing a forum for interaction to improve future opportunities for graduates. Open to the participation of all interested parties, Bioemployment Week is a showcase of the multiple opportunities and possibilities open to the professionalisation of biologists, as well as presenting new complementary tools that can help them in their future career.

Beyond its role as a meeting and learning point, Bioemployment Week is important for its role as a link between institutions, organisations, companies, entrepreneurs and students, establishing a forum for the exchange of ideas that seeks mutual benefit for all participants. In addition, this event is promoted and covered by various media, which provides greater visibility not only to the event itself, but also to the participating institutions, organisations and companies, thus broadening the possibilities considered by future biologists when considering their career path and professional development. In this way, BioEmployment Week becomes a vital platform for interaction, visibility and expansion of opportunities in the field of biology.

ASSOCIATIONS and GROUPS

BEING COFOUNDER and ORGANIZER

Association LibreLabUCM

History

LibreLabUCM is an association of students of the Faculty of Computer Science of the Complutense University of Madrid. It was born with the vocation to use and promote free software and learn with it both inside and outside the university. But they are not only interested in free software, they are also interested in free hardware, free technologies, free culture, open or free knowledge, and everything related to them.

Its creation came about after a lecture given by Richard Stallman at the Faculty of Computer Science of the Complutense University of Madrid. The students, after it, passed a list to see people interested in the creation of a Free Software association. During its first year, which coincides with my first year of my degree, the topic of cybersecurity was included and culminated with the realization of more than 40 workshops on this topic and the creation of the first Hacking group of the Complutense University of Madrid.

Objectives

The objective of LibreLabUCM is to serve as a meeting place for students, professors and other people interested in free technologies and everything that may arise from them. Among the activities they carry out are the development of free software projects, the realization of courses of various technologies, the maintenance of a server to provide services both inside and outside the association, and the dissemination of courses, job offers, or any other information that has to do with the interests of the associates. Although they are a very young association, they are open to new proposals and any new idea is always welcome.

Hacking Group

The Hacking Group of the Complutense University of Madrid, known as FDIst, was conceived as an initiative of Álvaro, Pablo and Daniel through LibreLabUCM. The main goal of the group was to reach out to those with the same concerns who could not find their cybersecurity corner at the university. They wanted to establish an accessible resource for those students who shared their passion for cybersecurity.

Initially, the group was called LLUst, which is short for "LibreLabUCM Security Team." However, over time and with the desire to expand and reach out to more students in the faculty, the group changed its name to FDIst. This change was the result of an internal vote among LibreLabUCM members and was intended to encompass the entire faculty.

FDIst has stood out for the organization of numerous workshops, covering a wide range of topics within the cybersecurity field. In addition, the group has carried out significant audit work in collaboration with CERN as part of a Whitehack program. This collaboration began after the group, supported by a professor and LibreLabUCM, started auditing the Complutense University of Madrid using Whitehack techniques.

FDIst has stood out for the organization of numerous workshops, covering a wide range of topics within the cybersecurity field. In addition, the group has carried out significant audit work in collaboration with CERN as part of a Whitehack program. This collaboration began after the group, supported by a professor and LibreLabUCM, started auditing the Complutense University of Madrid using Whitehack techniques.

AEPD Student Association

The Association of Sports Journalism Students (AEPD) of the Complutense University of Madrid was created with the intention of counteracting the negative thoughts that tend to arise among students of Journalism, especially those interested in Sports Journalism. The AEPD was founded with the aim of promoting learning among young people and bringing them closer to the professional world.

Since its creation, the association has grown to more than two hundred members, many of whom have gained internships in the media, and has appointed Vicente del Bosque, former Spain national soccer coach and former Real Madrid manager, as its ambassador.

One of the main objectives was the fight against job insecurity, focusing on the problem of unpaid internships. Under the slogan "we don´t want precarious interns," the association has worked to change this situation and ensure that students get the experience and fair remuneration they deserve for their work. The association was not registered in the year of the proposal, but was continued by president Eduardo Cornago.

BEING A STUDENT REPRESENTATIVE

Student representative at a national level

RITSI Association

RITSI (Reunión de Estudiantes de Ingenierías Técnicas y Superiores en Informática) is a statewide association founded in 1992 that aims to coordinate and represent the entire student body of Computer Engineering through its delegations or councils. One of its main goals is to fight for the equalization of the professions of Computer Engineering with the rest of engineering, and to defend the rights and interests of the students of these disciplines.

One of RITSI´s significant collaborations was with LibreLabUCM, a non-profit association of the Faculty of Computer Science of the Complutense University of Madrid. Together, they created a platform of computer security challenges called "TRINITY", which covers different fields, such as Basic, GNU/Linux, Web Hacking, Steganography, Cryptography, Reversing, Anonymity, Programming, Misc, among others.

TThe role of student representatives is essential to ensure that student interests are taken into account in discussions and decisions at the state level and at all educational levels. I was part of RITSI´s student leadership as a representative of the Computer Engineering program at the Complutense University of Madrid. Student representatives work to ensure that the concerns and needs of students are heard and addressed, actively promoting the equalization of the Computer Engineering and Computer Engineering professions with the rest of engineering. This student representation is one of the most important functions of RITSI, which strives to defend the rights and interests of Computer Engineering students.

UNIVERSITY LEVEL

UNIVERSITY COMPLUTENSE OF MADRID

The Complutense University of Madrid provided me with the opportunity to take on various leadership and representation roles. During my last courses in the Computer Engineering degree, I had the honor of serving as a delegate, a position that allowed me to represent my fellow students and work for them. I also took on the responsibility of being a department coordinator and representative on the Department Council, which allowed me to have significant insight into the direction of my academic department.

In addition, I had the opportunity to be part of the Faculty of Informatics Alumni Delegation (DAFI). This position allowed me to collaborate closely with other computer science students and participate in decision making that affected our faculty. At the national level, I had the privilege of being the representative of Computer Engineering in Spain through the Computer Engineering Student Representatives Network (RITSI), where I was able to use my voice and experience to serve computer science students across the country.

Not only did I take on leadership and representation roles, but I also became actively involved in organizing and running events. I participated in events such as AULA, a major educational event, and contributed in the organization of Welcome Day for new students. Always present was my commitment to the university community and my desire to make the university a welcoming, pleasant and useful place for all students.

Finally, I was involved in the creation of two student associations, LibreLabUCM and AEPD-UCM, and I had the honor of being the president of one of them. These associations provided a space for students to come together and work on projects and activities related to computer science and journalism.

UNIVERSITY CARLOS III OF MADRID

I completed my Master´s degree in Cybersecurity at the Carlos III University of Madrid, an experience that not only enriched my academic knowledge, but also my leadership and community management skills. I was elected delegate of my course, which gave me the opportunity to serve as a representative of my fellow students. This role allowed me to learn how to listen and address the needs of others effectively.

During my time as a delegate, I created a Telegram channel that became the main focus of information for all students in the course. Every day, the channel provided important updates and notifications, from exam dates and practicals to news and updates about COVID-19. It was also a place for encouragement and motivation, regularly sharing videos and encouraging messages to keep my fellow students spirits up.

In response to the challenges presented by the pandemic, I set up a Discord server to facilitate group study and maintain connection among students. The server included several study rooms and even a library noise room for those who missed that environment. This initiative proved to be a valuable resource during these difficult times, allowing students to keep up with their studies and feel part of a community even from a distance.

In addition, I had the privilege of giving a presentation on cybersecurity under the title "Red Team: a hardware edition" during one of our seminars. This experience allowed me to share my passion and knowledge in the field of cybersecurity with my peers, and also reinforced my ability to communicate complex concepts clearly and effectively.

Media coverage

I have always liked to bring cybersecurity to ordinary people, and I have had the opportunity to participate in several media interviews, both in print and broadcast media. My goal in these interventions has always been to inform and raise public awareness about the importance of cybersecurity in our society today, sharing my knowledge and experiences in the field. These interviews have been an excellent platform to reach a wide audience and promote the adoption of responsible and effective cyber security practices.

Imagen 1

Imagen 1

Imagen 1

Imagen 1

Imagen 1

Imagen 1

Imagen 1

NATIONAL AND INTERNATIONAL CONFERENCES

International Conferences

In 2022 and 2023 I made my leap to the international scene, reaching international institutions in countries such as Slovenia or Estonia, sharing different perspectives and ways of approaching the current cybersecurity landscape

This was one of several international forums where I had the honour to be a speaker. My goal has always been the same: to share, learn and collaborate to strengthen our collective understanding and improve the global cybersecurity landscape.

At the same time, I have participated in international conferences on cybersecurity through online platforms open to the public. Examples include online events such as Tapas&Hack or lectures given for the International Graduate School.

The cybersecurity talk under the name "𝗟𝗮 𝗴𝘂𝗲𝗿𝗿𝗮 𝗲𝗻 𝗲𝗹 𝗰𝗶𝗯𝗲𝗿𝗲𝘀𝗽𝗮𝗰𝗶𝗼, 𝗲𝗹 𝗾𝘂𝗶𝗻𝘁𝗼 𝗱𝗼𝗺𝗶𝗻𝗶𝗼" has become Top 1 of the most viewed on the International Graduate School´s YouTube channel.

National Conferences (Spain)

If there is one thing I am passionate about, it is being able to share my knowledge and experiences with others. I have had the honour of being a speaker on several occasions at a national level, where I have given presentations at universities, companies, cybersecurity events and non-profit associations, reaching a diverse and enthusiastic audience.

(Valencia)

CyberCamp, INCIBE

Hardware and software tools for Red Team and Blue Team in WiFi networks

(Madrid)

Science Week

Cybersecurity Workshop at the Faculty of Informatics.

(Alicante)

Alicante Campus

Git, GitHub & GitLab workshop

In each lecture, I strive to convey my passion for cybersecurity and the importance of education in this field, inspiring students and professionals to deepen their knowledge and skills. These experiences have allowed me to connect with people from diverse backgrounds and enrich my professional career while contributing to the growth of the cybersecurity community in Spain.

Educational conferences

When I entered university, there was no subject on cybersecurity until the third year. That´s why I got together with several fellow students and we started to promote the subject of cybersecurity at the university through a multitude of lectures. Most of my presentations have been thanks to the Complutense University of Madrid, where I have participated in events such as AULA, Science Week, Computer Science Week, ... Reaching an audience of both students and anyone who would like to attend without having to be a university student.

COLLEGES

Example: Protection of minors on the Internet, Cybercooperants program.

Institutes

Example: Portuguese School, Initial Cybersecurity Workshop.

UNIVERSITIES

Example: Anonymity on the Web, Computer Week

In the second year of the degree in Computer Engineering and, thanks in large part to the Vice-Dean of Innovation Pablo, I was able to take my first steps in the world of lectures. Together with Álvaro, I gave my first two talks during the second Computer Science Week, in what was called the first Cybersecurity Cycle of the Faculty of Computer Science of the Complutense University of Madrid. Personally, this encouraged me to continue, giving more than 40 conferences at university level.

BLOG ALEJANDRIA

Bienvenidos a Alejandría, mi espacio personal para compartir conocimientos de hacking y ciberseguridad. Al igual que la antigua biblioteca de Alejandría fue un faro de conocimiento en el mundo antiguo, mi objetivo es que este blog se convierta en un punto de referencia para todos aquellos que deseen saciar sus ansias por aprender más y más.

¡Es hora de comenzar juntos este viaje hacia el complejo horizonte de la ciberseguridad!

Imagen 1

By, daniel
26 Jun, 2023

Introducción a MITRE ATT&CK y D3FEND

Introducción a MITRE ATT&CK y D3FEND: Herramientas contra las Amenazas Persistentes Avanzadas. ¿Las conocías?

Introducción a MITRE ATT&CK y D3FEND

Herramientas contra las Amenazas Persistentes Avanzadas

En la era digital actual, los avances tecnológicos han propiciado un terreno fértil para la proliferación de amenazas en la ciberseguridad. En este contexto de incertidumbre y vulnerabilidad, comprender las estrategias y tácticas de los ciberdelincuentes es fundamental para mantener la seguridad de nuestras redes e información. Aquí es donde los marcos de conocimiento MITRE ATT&CK y MITRE D3FEND juegan un papel crucial. Estos sofisticados conjuntos de herramientas, desarrollados por la organización sin ánimo de lucro MITRE, permiten a los profesionales de la ciberseguridad desentrañar y contrarrestar eficazmente las amenazas cibernéticas. En este artículo, emprenderemos una exploración en profundidad de estos modelos, prestando especial atención a las Amenazas Persistentes Avanzadas (APTs).

¿Qué son MITRE ATT&CK y D3FEND?

En la constante batalla por mantener la seguridad en el ciberespacio, los marcos MITRE ATT&CK y D3FEND emergen como poderosas guías para la navegación. Se trata de valiosos recursos que describen de manera detallada los comportamientos, tácticas, técnicas y procedimientos (TTPs) que los adversarios utilizan en sus ataques. Su objetivo principal es proporcionar a los defensores una visión clara y estructurada de cómo los ciberdelincuentes operan y qué estrategias se pueden emplear para neutralizar sus ataques.

MITRE ATT&CK

El marco MITRE ATT&CK destaca por su enfoque detallado y sistemático en la descripción del comportamiento adversario. Imagina un inmenso tablero de ajedrez, donde las filas representan las tácticas (los objetivos estratégicos de un atacante), y las columnas representan las técnicas (los métodos utilizados para alcanzar estos objetivos). ATT&CK no es solo una taxonomía, sino un mapa vivo que detalla las estrategias de ataque utilizadas por los adversarios, proporcionando un invaluable punto de vista para comprender la dinámica de las amenazas cibernéticas y desarrollar estrategias de defensa adecuadas.

Red Team

Los Red Teams utilizan el marco de MITRE ATT&CK para simular los ataques de manera más realista y completa posible. Al tener acceso a una matriz de tácticas y técnicas, pueden adoptar las estrategias de los adversarios y evaluar cómo sus defensas responderían en caso de un ataque real.

MITRE D3FEND

Mientras que ATT&CK proporciona una visión profunda del 'qué' en la ecuación de la ciberseguridad, D3FEND se ocupa del 'cómo'. D3FEND es un marco de trabajo que codifica una base de conocimiento de contramedidas de ciberseguridad, más específicamente, un grafo de conocimiento. Este grafo contiene tipos y relaciones semánticamente rigurosos que definen tanto los conceptos clave en el dominio de contramedidas de ciberseguridad como las relaciones necesarias para vincular estos conceptos entre sí. Cada uno de los conceptos y relaciones se basa en referencias particulares en la literatura de ciberseguridad.

El objetivo de D3FEND es satisfacer la necesidad recurrente de un modelo que pueda especificar con precisión los componentes y capacidades de las contramedidas de ciberseguridad. Es necesario que los profesionales conozcan no solo qué amenazas pretende abordar una capacidad, sino específicamente cómo se abordan esas amenazas desde una perspectiva de ingeniería y en qué circunstancias funcionaría la solución. Este conocimiento es esencial para estimar la aplicabilidad operacional, identificar fortalezas y debilidades y desarrollar soluciones empresariales que comprendan múltiples capacidades.

Blue Team

Los Blue Teams pueden aprovechar MITRE D3FEND para establecer defensas robustas y prepararse para responder a incidentes de seguridad. El marco D3FEND proporciona un amplio conocimiento que permite a los Blue Teams preparar respuestas adecuadas y desarrollar una postura defensiva más fuerte. Además, el grafo de conocimiento de D3FEND admite consultas que pueden mapear inferencialmente las contramedidas de ciberseguridad a tácticas, técnicas y procedimientos ofensivos, lo que puede ser de gran utilidad para los Blue Teams.

Amenazas Persistentes Avanzadas (APT)

En el vasto tablero de la ciberseguridad, las APTs son equivalentes a los Grandes Maestros del ajedrez. Representan ataques orquestados por actores estatales o grupos altamente organizados, que se caracterizan por su sofisticación, persistencia y objetivos a largo plazo. Las APTs suelen tener un objetivo específico, como la extracción de información confidencial o el sabotaje de infraestructuras críticas. Estos actores suelen invertir grandes cantidades de tiempo y recursos para alcanzar sus objetivos, haciendo uso de técnicas avanzadas y personalizadas.

APT-28 y TTPs

Un ejemplo de una APT es APT-28, también conocida como Fancy Bear. Este grupo está asociado con el gobierno ruso y es conocido por su sofisticación. En el marco de ATT&CK, se detallan varias técnicas utilizadas por APT-28, como spear phishing, explotación de software y robo de credenciales. Se trata de una APT muy completa, de recomendada investigación.

Conclusión

En el escenario cibernético actual, entender la amenaza es el primer paso para contrarrestarla. Herramientas como MITRE ATT&CK y D3FEND, con su comprensión detallada de los TTPs de los adversarios, nos proporcionan ese conocimiento esencial. Frente a las APTs, estas herramientas pueden convertirse en nuestras mejores armas. Comprender su funcionamiento y saber cómo aplicarlas en nuestra estrategia defensiva es un paso más hacia un entorno digital más seguro.

Referencias

https://www.mitre.org/
https://attack.mitre.org/
https://www.mitre.org/research/technology-transfer/mitre-attack-d3fend
https://www.fireeye.com/current-threats/what-is-an-advanced-persistent-threat.html
https://www.redcanary.com/blog/how-red-teams-use-attack/
https://shield.mitre.org/
https://www.csoonline.com/article/3330697/what-is-mitre-s-att-ck-framework-what-red-teams-need-to-know.html
https://us.norton.com/internetsecurity-emerging-threats-what-are-advanced-persistent-threats.html
https://www.crowdstrike.com/blog/who-is-fancy-bear/
https://attack.mitre.org/groups/G0007/

WALL OF

COURSES

NEWS

EVENTS

OSCP

CRTO

CRTP

CERTIFICATIONS
[OSCP]	OSCP Cheat Sheet Commands, Payloads and Resources for the Offensive Security Certified Professional Certification. Since this little project get's more and more attention, I decided to update it as often as possible to focus more helpful and absolutely necessary commands for the exam. Feel free to submit a pull request or reach out to me on Twitter for suggestions. https://github.com/0xsyr0/OSCP	11/06/2023
[OSCP]	Preparación para el OSCP Penetration Testing with Kali Linux (PWK) course and Offensive Security Certified Professional (OSCP) Cheat Sheet https://gist.github.com/s4vitar/b88fefd5d9fbbdcc5f30729f7e06826e	09/06/2023
[OSCP]	Awesome OSCP A curated list of awesome OSCP resources https://github.com/0x4D31/awesome-OSCP	07/04/2023
[CRTO]	Red Team Certification Comprehensive Notes & Cheat Sheet for Top-Notch Red Team Certifications: https://github.com/0xn1k5/Red-Teaming	13/02/2023
[CRTP]	GitHub - 0xStarlight/CRTP-Notes: This repository contains my notes while preparing for the CRTP (Certified Red Team Pentesting) exam. These notes were a valuable resource during my study sessions, helping me reinforce critical concepts and improve my understanding of various red teaming and penetration testing topics. https://github.com/0xStarlight/CRTP-Notes	06/06/2023
[CRTO]	CRTO Cobalt Strike is threat emulation software. Red teams and penetration testers use Cobalt Strike to demonstrate the risk of a breach and evaluate mature security programs. Cobalt Strike exploits network vulnerabilities, launches spear phishing campaigns, hosts web drive-by attacks, and generates malware infected files from a powerful graphical user interface that encourages collaboration and reports all activity. https://github.com/h3ll0clar1c3/CRTO/tree/main	17/04/2022
[CRTO]	CRTO - Red Team Operator \| Detailed Review If you are into Red Teaming or planning to take a dive into it, then you must have heard about the Certified Red Team Operator (CRTO) Course and Certification by Zero Point Security. https://www.organicsecurity.in/2022/12/CRTO-red-team-operator-detailed-review.html	03/12/2022
[CRTO]	CRTO Repo's objective: to gather all the info that we´d found useful and interesting for the CRTO. We also collect material from other resources (websites, courses, blogs, git repos, books, etc). https://github.com/hackerzhat/CRTO	12/09/2022
[OSCP]	OSCP Preparation Material For you to begin, I have divided the OSCP Preparation in three phases i.e. Pre-Enrolment, Post-Enrolment and Examination. Hope this helps!! https://github.com/RihaMaheshwari/OSCP-Preparation-Material	20/06/2020

[Baameiro] Hacking Links and News

In this telegram channel I automatically redirect information about different cybersecurity categories. Feel free to join!

OPEN EXTERNAL LINK

CYBERSECURITY
CONGRESSES

CERTIFICATIONS
CHEAT SHEET

PENDING

PAST EDITIONS

CYBERSECURITY CONFERENCES
	HackON Fecha Inicio: 16/02/2023 Fecha Fin: 16/02/2023 Lugar: Madrid, Comunidad de Madrid URL: https://hackon.es/	0€
	HackRon Fecha Inicio: 17/02/2023 Fecha Fin: 17/02/2023 Lugar: Tenerife, Canarias URL: https://hackron.com/	N/A
	H-CON Hackplayers Conference Fecha Inicio: 24/02/2023 Fecha Fin: 25/02/2023 Lugar: Madrid, Comunidad de Madrid URL: https://www.h-c0n.com/p/home.html	15€
	Mundo Hacker Day Fecha Inicio: 20/04/2023 Fecha Fin: 20/04/2023 Lugar: Madrid, Comunidad de Madrid URL: https://mundohackerday.com/	15€
	ViCON Fecha Inicio: 28/04/2023 Fecha Fin: 29/04/2023 Lugar: Vigo, Galicia URL: https://vicon.gal/	N/A
	Hack-én Fecha Inicio: 05/05/2023 Fecha Fin: 07/05/2023 Lugar: Linares (Jaen), Andalucía URL: https://hack-en.org/	N/A
	Osintomático Fecha Inicio: 12/05/2023 Fecha Fin: 13/05/2023 Lugar: Madrid, Comunidad de Madrid URL: https://2023.osintomatico.com/	N/A
	C1b3rWall Fecha Inicio: 20/06/2023 Fecha Fin: 22/06/2023 Lugar: Avila, Castilla y León URL: https://c1b3rwall.policia.es/congreso	0€
	Euskal Hack Fecha Inicio: 23/06/2023 Fecha Fin: 24/06/2023 Lugar: Donostia, Euskadi URL: https://securitycongress.euskalhack.org/	70€ - 95€
	RootedCON Fecha Inicio: 15/09/2023 Fecha Fin: 16/09/2023 Lugar: Valencia, Comunidad de Valencia URL: https://www.rootedcon.com/inicio/	55€
	Navaja Negra Fecha Inicio: 05/10/2023 Fecha Fin: 07/10/2023 Lugar: Albacete, Castilla la Mancha URL: https://www.navajanegra.com/2023/	40€ - 75€
	Bit Up Alicante Fecha Inicio: 28/10/2023 Fecha Fin: 28/10/2023 Lugar: Alicante, Comunidad de Valencia URL: https://bitupalicante.com/index.html	0€
	AsturCON Tech Fecha Inicio: 10/11/2023 Fecha Fin: 11/11/2023 Lugar: Oviedo, Asturias URL: https://asturcon.tech/	0€
	SecAdmin Fecha Inicio: 24/11/2023 Fecha Fin: 25/11/2023 Lugar: Sevilla, Andalucia URL: https://www.secadmin.es	40€ - 70€
	XVI Jornadas STIC CCN-CERT Fecha Inicio: 29/11/2023 Fecha Fin: 01/12/2023 Lugar: Madrid, Comunidad de Madrid URL: https://www.ccn-cert.cni.es/xviijornadas-programa.html	0€
	UAD 360 Fecha Inicio: 16/06/2024 Fecha Fin: 17/06/2024 Lugar: Malaga, Andalucia URL: https://uad360.es/	N/A

Contact me!

PGP key

Download CV

Form disabled