ACSC montly Top Performer at Amdocs

In January 2023, while I was working at Amdocs as T1 in SOC team, management decided to start recognizing montly Top Performer.

The team was integrated of about 16 people, primarily from people form India and me from Mexico.

Despite the difficulties of handeling a shift in a SOC mainly by myself, and been told that the award would be granted to the person with more amount of cases handled, best descrition in closures as well as more dedication, surprisingly I got the first montly Top Performer recognition.

‘International Day on Cybersecurity’ at UASLP

International Day on Cybersecurity in its first edition was a series of talks about different topics related to cybersecurity: prevention, good practices, laws, among others…

How to investigate on Internet

I gave a talk about how to investigate on internet using OSINT techmiques.

Giving as an example a fictitious case, in which with an unique clue (a phone number), we could reach an address. This can result in finding any person or a reference to it.

This talk was aimed to make aware the people bout the information which could be found public on internet about ourselves.

You can see the full talk clicking the following image.

It was an awesome experience and an achievement to had given in a public cybersecurity talk, as well as had trained the people to be cautious about our information on social networks and internet.

HackDef4 CFT

HackDef4 is a Capture the Flag (CTF) Challenge for schools in Mexico.

This was the first time someone from my university participate in this competence, despite not being the first HackDef edition.

I’m very proud for representing my university, also for the final results, as I didn’t have previous experience in this kind of challenges.

The competence has two stages: quals and the final with the best 10 teams.

It’s good to aclare that even though I was registered with the team P0liH4cks, I solved the challenges alone.

Quals

For this quals stage we were told that only the best 10 team will go in the final. There were 31 teams. There was a condition, there could not be 2 teams from the same school in the final, this to avoid share answers or ask for help.

In this stage we were given with 10 challenges we could try to solve with no specific order. You can see my writeup here. Sorry for the format, it was my first one.

Also you can see writeups from other teams here.

With my knoledge itself I solved 5/10 challenges which gave me 11th place, but there was some teams from the same shool in the first places. Thanks to that I got into the final.

Final

This was a more challegin stage, we had to have more hacking skills in every hacking branch, as every challenge required information from previous challenge. We were aimged to hack “HackDef republic presidential election”.

I was alone, however I tried until last second to solve the challenges given.

Finally, I got 8th place in the final scoreboard.

I know this is not the best quality image :(.

Although the score was not by far the best, this was a great experience. However I got a medal for being in the final.

This competence gave me more motivation to learn new things. Also, it could be a good idea to get a team, so we could complement knowledge each other.

HackMex 2020 CTF

HackMex, as it’s own official page says, it’s the biggest hacking event in Mexico. This competition is organized by the National Polytechnic Institute (IPN).

This is aimed to students from upper secondary, higher and postgraduate levels. There is also a category for government sectors (which as I know, it was created in 2020).

Experience

In this edition as it’s the only one I participated, was aimed to hack as many machines or solve challenges as we could:

• The machines were vulnerable and we have to find it0s vulnerabilities and get some flags hidden inside them. We had to follow hacking methodology.

• There ware different challenge categories: steganography, foresics, web…

We were given accesses to a platform in which every team could work in the same challenge or different, but we could not get team points twice, we also had individual scoreboard.

I didn’t take snapshot of my personal scoreboard, but was about 35,000 points, which were almost our total team score.

This was a very challenging and funny competence, as it was the second hacking competence I participated and we got 10th place.

After this competence I decided to search some online platforms to train myself and solve more machines as I realize this was were funny and enjoyable. Also that cybersecurity was something I want to work on, and there were a lot of things to learn.