0CTF is a Chinese Capture The Flag, organized by Team 0ops, this edition was performed in the middle of March-2017. I have posted two really detailed write-ups. Explaining step-by-step two challenges: Simple SQLi a tricky SQL injection with WAF protection, and Py, a challenge that consists in a python's precompiled file generated with permuted byte-codes.

Cyber Thread Intelligence Report published on Sep-2016 at Blueliv about the results from a technical investigation into the distribution and impact of banking Trojan Vawtrak v2 and the behavior of the cybercriminal groups behind it. Our Threat Intelligence Research Labs team used advanced search and pattern correlation algorithms to perform big data analysis in-house at Blueliv.

Articles published on Blueliv blog. There are a number of papers on how Tinba-DGA (Tiny Banker with Domain Generation Algorithm) works once it infects a system: web injects, hooks... But what about examining it infects the Explorer process without being detected? See the first two stages of the infection process step-by-step, published in 07-Jun-2016 and 22-Jul-2016 in the Blueliv blog.

Cyber Thread Intelligence Report published on May-2015 at Blueliv about the findings of the research of the malware Dyre and Drixed, between July-2014 and April-2015, which are ones of the most relevant emerging trojants, focusing mainly on our discoveries of the netwrok protocol and the study of its behavior.

Article published on Blueliv in 29-May-2014 related with the Pony Trojan. It presented different kinds of panels found in the wild using the same Gate resource and infection payload, but with some differences in the panel, like pay per use service or different reports' storage approach.

As part of the hiring process for Blueliv, they requested me to analyze the ZeuS Botnet panel in order to find vulnerabilities and exploit them. Of course they didn't tell me that it was a ZeuS panel. This post presents the results I sent in 10-Feb-2014, including a vulnerability and a detailed description about how to exploit it, because of some agreements no exploit source code is provided

Article published on SBD in 22-Nov-2013 related with the previously published advisory - see below in the list -. This article, written in conjunction with Luis Delgado, describes why this behavior exists and also different tests performed to identify the limitation in the exploitation of the security issue.

WhatsApp advisory published in 14-Nov-2013 about an internal side effect - as they said - that may provoke, among others, a DoS against the application and information disclosure as well, everything without any kind of human interaction with the device. Already solved in version 2.11.134.

First PreQuals organized by NcN starting in 27-Sep-2013 with three levels. Classified teams are invited to participate the CTF organized in conjunction with Facebook. This paper describes one of the processes to follow in order to pass the level1, the most interesting IMHO. There is also a mirror of the whole PreQuals environment and levels.

This interview was used in the catalan newspaper Ara, in the sunday's suplement on 23-Jun-2013. in an article about the DeepWeb. The author used it more as information resource, not actually as interview.

Published advisory. Vulnerabilities discovered in a product while working in Internet Security Auditors. Reported: SQL Injection, XSS and Design Failure. Published on 2011.

This paper describes the design and implementation of the new automatic platform service offered by Internet Security Auditors It is designed to analyze Internet domains in order to detect possible infections that could affect the user’s system while browsing the web. The current system has some shortcomings and this paper presents a new version which provides significant improvements such as optimal management, with a renewed design in the management of the information and processes. It also gives the system a centralised error handling, with a real-time alarm delivery, and results in grouping and pooling. 2009.

This article written in spanish for the company Internet Security Auditors describes some security functionalities available on Linux distribution. It was written on 2007 but published on 2011.

Published articles in a spanish magazine from Megamultimedia company focused on the IT world and IT security related issues.

Published articles during 2004 in the spanish Disidents Hack Team eZines.