Notes from the lab
Field notes on offensive security, AI risk, and modern defense.
Practical lessons from real engagements: adversary behavior, AI security assessments, threat-informed strategy, and what actually moves the needle for security programs.
May 9, 2026
5 AI Security Frameworks Every Leader Should Know
AI adoption is moving faster than most security programs can mature. For leaders building, integrating, or governing AI-enabled systems, it is no longer enough to understand “AI risk” at a high level. The next phase requires knowing the frameworks that help teams assess, test, and govern these systems safely.
Read article
February 7, 2025
Introducción al Pentesting Cloud con CloudGoat
Esta guía está orientada al acompañamiento del taller "Introducción al Pentesting Cloud con CloudGoat" , donde se muestran los fundamentos esenciales para realizar pruebas de seguridad en entornos cloud, utilizando AWS y herramientas como Terraform para la automatización de…
Read article
November 12, 2024
10-Day Plan for Learning Malware Development in C: Day 10 – Evasion Techniques and Feature Enhancements
Let's work on refining and improving the malware we’ve built over the past nine days. Specifically, we'll explore advanced evasion techniques that make detection by antivirus and security software more difficult, and we'll also add new features to extend the capabilities of our…
Read article
November 11, 2024
10-Day Plan for Learning Malware Development in C: Day 9 – Basic Attacker Communication (C2)
We are ready to dive into one of the critical aspects of malware functionality, communication with an attacker, often referred to as Command and Control (C2). C2 communication allows an attacker to remotely control compromised systems, issue commands, and receive stolen data. We…
Read article
November 7, 2024
10-Day Plan for Learning Malware Development in C: Day 8 – Malware Persistence and Survivability
On day 8 of our journey into malware development in C, we’re going to cover one of my favorite techniques, a critical aspect of malware behavior: persistence . Malware persistence techniques are used to ensure that a malicious program continues to execute even after the system…
Read article
November 7, 2024
10-Day Plan for Learning Malware Development in C: Day 7 – Code Obfuscation and Detection Avoidance
We got to day 7! and this time we’ll explore code obfuscation , a technique used to make code harder to detect and analyze. Obfuscation is a fundamental skill in malware development, often used to avoid detection by antivirus (AV) software. By learning how malware can be hidden,…
Read article
November 4, 2024
10-Day Plan for Learning Malware Development in C: Day 6 – Building a Basic Keylogger
Today, we’re venturing into one of the most classic yet powerful tools in security research: the keylogger . Keyloggers are programs designed to capture and record keystrokes on a computer. While often associated with malicious intent, they can be used ethically for monitoring…
Read article
October 29, 2024
10-Day Plan for Learning Malware Development in C: Day 5 – Code Injection into Running Processes
As on day 5, we’re diving into a crucial technique: process injection, where code is injected into the memory of a running process. This technique is often used by malware to evade detection and operate stealthily by "hiding" in the memory of legitimate processes. Our focus will…
Read article
October 28, 2024
10-Day Plan for Learning Malware Development in C: Day 4 – Introduction to Shellcode
Welcome to Day 4 of our journey into malware development in C. Today, we’ll explore the basics of shellcode—what it is, how it’s used to execute system commands, and how antivirus systems detect it. By the end of this post, you’ll also have built a simple program in C that uses…
Read article
October 26, 2024
10-Day Plan for Learning Malware Development in C: Day 3 – File and Operating System Manipulation in C
Day 3 of our 10-day series on learning malware development in C is here. Today, we’re diving into file manipulation and system-level operations. Understanding how to interact with files and the operating system is crucial, not just for everyday programs but also in malware…
Read article
October 23, 2024
10-Day Plan for Learning Malware Development in C: Day 2 – Understanding Process Management in C
Welcome to Day 2 of our 10-day series on learning malware development with C! Today, we’ll focus on understanding how processes work in C, which is essential for manipulating system behavior and performing actions like process injection, a key technique used in malware. My goal…
Read article
October 22, 2024
10-Day Plan for Learning Malware Development in C: Day 1 - Setting Up and Mastering C Fundamentals
In this series, we’ll dive deep into malware development with a 10-day structured plan designed to give you a solid foundation in C programming and low-level concepts critical to malware creation. This plan is purely educational, and it’s crucial to approach it with an ethical…
Read article
September 27, 2024
How to Create a Custom Email Service with Amazon SES, Amazon WorkMail, and Route 53
In today’s digital age, having a professional email service linked to your domain is crucial for building brand credibility and effective communication. Amazon Web Services (AWS) offers a robust, scalable, and affordable email solution that combines Amazon Simple Email Service…
Read article
August 29, 2023
Prepare to hack : Getting your environment ready
The first step for you to start doing your pentesting activities is to have an environment as complete as possible ahead of your exercises, this will save you time and you can start building over it. In this space I will show you the extra tools I add to my Kali Linux machine…
Read article
June 14, 2023
Extracting Windows Credentials with Pypykatz
In this post we'll dive into the methods to dump SAM Database, decrypt it and attempt to obtain Windows Credentials. Whether you are a casual Windows user or an IT professional, gaining a better understanding of the SAM database can provide valuable insights into Windows inner…
Read article
June 12, 2023
Installing BloodHound on Windows
BloodHound, is a tool wide used by red teamers to interact and find attack paths within a domain. It utilizes graph theory to uncover hidden and often unintended connections in an Active Directory environment. It operates as a single-page Javascript web app, built on Linkurious…
Read article
June 9, 2023
Hacking with cURL Commands
Are you curious about how to use curl commands to hack? You've come to the right place! In this blog, we'll go over the basics of using curl to hack and work with data. We'll start with the basics of curl usage, then move on to some examples of how to use curl to access and…
Read article
April 8, 2023
Build your First Node.js Application with Docker
In our previous post we learned how to deploy a web app using k8s, now we are going to actually build the web app on Docker. Let's learn together. In this section we will deploy a static web app, for now, no forms, no APIs, just a simple informative web app. For this we need…
Read article
April 2, 2023
Deploying a Web App with Kubernetes in Kali Linux
Let me show you how easy it is to install k8s and deploy a web app in kali linux. My original idea was to jump to pentesting kubernetes right away. However when I wrote this tutorial to deploy the lab, seemed to me that it was going to be super long. So, expect pentesting…
Read article
January 31, 2023
Bypassing authentication in a NoSQL db
NoSQL databases are built without a schema and therefore are not structured, and you can query them not only using SQL language. With these databases, only a couple of objects are stored, meaning that if we get a database called students, the properties or attributes may or not…
Read article
January 17, 2023
ngrok : Web Services Exposed with ONE COMMAND
In this post I will show you how to expose web services with one command using ngrok. ngrok is a simplified API-first ingress-as-a-service that adds connectivity, security, and observability to your apps with no code changes. Here is how you can use ngrok: * Enrich requests with…
Read article
November 24, 2022
A Glimpse to AD Enumeration
One of the main steps to start on your red team attack path is to make a footprint of the domain you are about to target. Here I show you a couple of commands that you can use in power shell to start the enumeration on Active Directory and that helps me to know better the…
Read article
November 16, 2022
DNS Enumeration : A begginer's guide
The DNS is the responsible to match an IP address with its internet site name, this way we don't have to memorize all website's IPs. Example: http://www.pentest-standard.org/index.php/Main_Page resolves to 96.126.116.56 You can do a query on the domain names and know what the…
Read article
October 13, 2022
How to start in Ethical Hacking
If you want to take the passionate path of becoming an ethical hacker here are some steps that will help you start. Develop soft skills Be curious Learn how to see beyond the evident, ask yourself how an app works, what is behind a website, how do users normally behave when…
Read article