CISO Mind Map

Mind Map: The CISO Playbook

In January, I had the opportunity to read "The CISO Playbook" from Andres Andreu. I found this book so well structured that I wanted to create a mindmap of it to be able to come back to it in an easier way than searching in the book.

March, 2025

Blue Team for the Win

Blue Team SIEM: Lab

Hmm… the Dark Side, strong it is in young minds, yes. To the Red Team, drawn they are—attack, break, exploit, they wish. But see, the balance they do not. Protect, defend, the ways of the Blue Team, forgotten they have. A path to knowledge, I offer...

March, 2025

Post-Quantum

Post-Quantum Nginx: Lab

Post-Quantum, we can read and hear a lot about it but I’ve not seen much hands-on work on it, especially hands-on work as simple as a VM you start and enjoy, available for everyone. So, I did it.

November, 2024

Lynis

Mifare 4K vs Flipper Zero and Proxmark3

I'm having fun against badge used for physical security. I wanted to use the Flipper Zero since a long-time but I needed to use Proxmark Easy to completely finish it. Have a look.

March, 2023

IT'S TOO DAMN HIGH!!1!

Use HSTS and CSP. Just. Do. It.

I am amazed by the number of website that does not implement HSTS and CSP on their webserver. So, let's dig how to configure your nginx to do it!

September, 2022

Lynis

Lynis: Linux audit and hardening

You can never say it too much: Strong security begins with strong foundations. Increase your defense posture by implementing good practices. There is no shortcut and no bypass.

March,2022

UR WEAK!

Hashcat. Lots of lolz.

It's that time fo the year again. Yep, the time to perform your Active Directory password retieval that will drive and help you for your password campaign awareness.

February, 2022

.-.. --- .-..

Data Leakage using crafted ping and Morse ping

I decided to have fun using ICMP and developed a bit of code using Python 3 to demonstrate data leakage.

January, 2022

Bad kitty

SANS National CTF Tournament 2021 - File Medium #2

Bad ass kitty is hidding the flag using steganography. Find it!

November, 2021

full metal ctf

SANS National CTF Tournament 2021 - Crypto Hard #2

I am Gunnery Sargeant Hartman, your senior drill instructor. From now on you will speak only when spoken to. And the first and last words out of your filthy sewers will be Sir. Do you maggots understand that? Welcome to CTF Crypto Hard #2.

November, 2021

binary hard ctf

SANS National CTF Tournament 2021 - Binary Hard #2

Do you speak chinese? Because I don't.

Good news is, there's no need to speak it for this SANS CTF Binary Hard #2.

November, 2021