Welcome to my website. I was getting frustrated with LinkedIn because I keep getting locked out or getting "banned". I confirmed I am not doing anything suspicious or malicious. I don't know what their reasoning is for icing me out.
I decided to create a portfolio/website. This is a static website, nothing fancy and straight to the point. Since I am not a web developer I am learning as I go along, which at the same time I will beautify this. The main objective of this portfolio/website is to showcase myself and to connect/network with individual(s) or companies.
The contents will be mostly about cybersecurity, but I will also include none cybersecurity contents.
Hello! I am Miguel. I am based out of British Columbia, Canada. I am cybersecurity professional with hands-on experience with offensive and defensive. I tend to lean more into the offensive side, but at the same time I still like the defensive side. I consider myself a "jack of all trades, master of none".This resonate with anyone in the Information Technology field or in the cybersecurity field. Whatever the tasking(s) is, I will get it done. I am also an Open-source Intelligence (OSINT) practitioner. OSINT may look simple to most people, but the thought process is what fascinate me.
Currently, I am actively seeking employment in a cybersecurity role that would be either offensive or defensive. The job can be either full-time, part-time, or contract. Ideally, I would want the job to be local to me but I am flexible if the job is fully remote.
Below is a highlight of my resume. For my full resume contact me by email, ocean0racle@protonmail.com, and I will provide it to you.
I setup a new tablet for a private client. Their tablet is old and still usable, but it was showing signs of deterioration.
Before proceeding with setting up the new tablet, I confirm with them if there any data or accounts that need to be migrated over. They said there aren't any important data or accounts that need to be migrated. I proceeded with the setup of the new tablet such applying updates, reviewing and configuring settings, installing requested applications, and setting up the client’s Cloud accounts.
The private client took the new tablet for a “test drive”. They confirmed everything is there and it is functioning accordingly.
There were two projects I did with my significant other. The first was re-establishing the digital TV box and re-establishing the NAS.
First was re-establishing the digital TV box. This digital TV box hasn’t been active for 5+ years. Powered up the digital TV box to see if it still boots up. The digital TV box booted up fine but it was claiming there is no network connection.
I logged into the ISP’s wifi modem to see if the digital TV box is seen. The digital TV box is seen in the ISP's wifi modem. After doing a few power cycle of the digital TV box, decided to factory reset it. Did the factory reset and went through the process. During the process it said that no backup file was found. My significant other phoned Support and work with them. Support did something on their side, because after the digital TV box was rebooted it was going through the “first time setup” prompts. After an hour or so, the digital TV box seems to be operational but it is restarting and freezing often. Support said the digital TV box is quite old and most likely need to be replaced. A new digital TV box has been ordered and will replace the old one.
The second one is re-establishing the NAS. The NAS hasn't been powered on for quite some time too. But before powering the NAS, it needed to be dust free because dust has accumulated in it since it was last active. The NAS was taken apart and was vacuumed. Once most of the dust were vacuumed the NAS was reassembled. My significant other reassembled the NAS and powered back up. Confirmed the NAS is working. It needed to go through maintenance which my significant other took over. Other than that, the NAS is still operational and working like brand new.
This was a fun project that I tagged along. My significant other is such a nerd with technologies. It is always nice to have something in common.
Installed three Sony Bravia 65" Smart TV for a private client. The process wasn't difficult but the private client wasn't too comfortable of setting up the technical portion. Which was setting up the network, in this case it was WiFi, applying updates, linking up required Cloud accounts, install other streaming applications, reviewing additional configurations, and doing a final confirmation. Fortunately, I didn't have to do mount any brackets.
Even though this wasn't necessary cybersecurity related there was an element of IT, which was setting up the network. Plus, I get to get my hands dirty and do physical work.
This event was in two folds. It was a fire recovery project and a service project. I was part of the service project group.
The main task was building a fence. It was a great experience because I never built a fence and I got a lot of hands-on time with tools that I normally don't get to have. The tools I used was jigsaw, circular saw, reciprocating saw, hammer, impact wrench.
This event took me out of my comfort zone and learn a new life skill.
I built a virtualized environment that comprise of a virtual Ubuntu machine and a virtual Windows to practice various Blue Teaming TTP(tactics, techniques, procedures) such as network traffic analysis, log analysis, phishing analysis, and other methodologies.
Below are the following tools that were used.Since this lab is part of the course, it is intellectual property of TCM Security Academy. I truly respect of what TCM Security does and their contribution to the cybersecurity community. I will not post the setup guide. If you want to see the lab and set it up yourself, go sign up for the course. You will not be disappointed.This is the link to TCM Security's Academy, TCM Security Academy. Also, here is their website TCM Security main website
This was a training event and a service project. This is the first event I attended and get to meet the team.
I didn’t participate in the main training event, but I was heavily involved in the service project. The service project involved fire mitigation and vegetative debris removal. I used various tools in the service project tasking but the most interesting tool I used was the log splitter.
I built a virtualized environment that comprise of a virtual Windows Active Directory, two virtual Windows machines, and one attacker machine that is Kali Linux to practice various Penetration Testing TTP(tactics, techniques, procedures) such as LLMNR poisoning, Pass the hash/Pass the Password, token impersonation, kerberoasting, golden ticket attack, SMB relay attack, and IPv6 DNS attack.
Below are the following tools that were used on specific attacks.
Since this lab is part of the course, it is intellectual property of TCM Security Academy. I truly respect of what TCM Security does and their contribution to the cybersecurity community. I will not post the setup guide. If you want to see the lab and set it up yourself, go sign up for the course. You will not be disappointed.This is the link to TCM Security's Academy, TCM Security Academy. Also, here is their website TCM Security main website
Configured a Raspberry Pi to a wireless Penetration Test box to learn wifi attack against WPA2-PSK. I installed Kali Linux onto the Raspberry Pi. The built-in wifi adapter is compatible, so I was able to conduct a wireless Penetration Test. I used Aircrack-ng for the wifi attack.
This is one of the setup guide I used for this project, Setup Raspberry Pi as wifi Pentest boxConfigured a ESP32-CAM to be a camera. I used two resources to complete the project; Getting started with a esp32-cam and Create a Wi-Fi Spy Camera with an ESP32-CAM. The second link which is a youtube video was for me check it out from a different perspective.
Below are the conferences I have attended. I plan to attend more. While DEFCON is the biggest and well known conference, I actually like Bsides. Bsides is small but seems to be more community driven.
Microsoft handed over Bitlocker Keys to a government agency. Here is the article of it, Microsoft Reportedly Turned Over BitLocker Encryption Keys to the FBI. BitLocker is a Windows security feature that protects your data by encrypting your drives. This encryption ensures that if someone tries to access a disk offline, they won’t be able to read any of its content if they do not have the Bitlocker Key.
Even though this was a legitimate case a government agency was working on and they got a warrant, this should get you thinking about trusting your data and any highly sensitive PII (personally identified information) to well known tech companies, or other trusted/verified authorities. Yes, it sounds like a contradiction, but you still have the right, as an individual, to freely think, act, and decide what is best for you.
If you plan to use Microsoft’s BitLocker and want to manage your own BitLocker key, you can choose one of the following options: “Save to a USB flash drive,” “Save to a file,” or “Print the recovery key.”
I made another attempt of creating a LinkedIn account, but unfortunately my LinkedIn account got locked out/banned. As usual the reasoning was vague and useless. I am extremely disappointed with LinkedIn. I know that I am not doing anything that is either malicious like or suspicious like behaviours. I know that if you want to unlock your LinkedIn account you will need to use the Persona service, but you will compromise your privacy. Also, it is impossible to contact support as you need to log into your LinkedIn account in order to open a case.
I will continue to use this website/portfolio as an alternative to LinkedIn or find LinkedIn-like platforms. Not unless if someone from LinkedIn contacts me and provide me a legitimate reason on why I keep getting locked out/banned.
For anyone in the cybersecurity community you have learned that Heath Adams aka The Cyber Mentor has left his own company. This is Heath’s LinkedIn post, Heath’s departure from TCM
It is truly sad but Heath has definitely left a great legacy for the cybersecurity community. Whatever he does and wherever he ends up at next, I hope he has many successes. I will also still refer to him as TCM (The Cyber Mentor)
My Christmas break was nice and relaxing for me. Did the usual thing such as spending time with families.
Something new for me was that I went to parties that various cybersecurity groups attended. It was my first time attending them. Met a lot of people and made good connections. Hope I can attend the next one.
I am still on the job hunt. Hopefully, things start to pick back up.
I hope your Christmas break was good, feeling recharged, and ready to make it a great year.
It is the annual cybersecurity event that TryHackMe does for the whole month of December. The event is called Advent of Cyber, TryHackMe Advent of Cyber 2025. Since I am unemployed and actively looking for employment, doing this event is a continuation of self improvement and showing that I am not stopping. Not only are you learning but you will have a chance to win prizes too.
Another Advent of Cyber is by SANS, SANS Advent of Cyber 2025. SANS always produces quality contents. Give this a try too.
Whatever Advent of Cyber event you choose, I hope it inspires you, you learn something new, or you simply want to keep yourself busy during the Christmas holiday.
I attended a technical talk at a local DEFCON (DC) group. The technical talk was about OSINT by Ritu. It was quite an informative session which I enjoyed. I have seen Ritu presented before and I like the contents that Ritu discusses about. OSINT is one of the many sub categories of cybersecurity that I like.
This is Ritu’s website, Ritu Gill - OSINT. I am sure Ritu might have other websites, but this is the website I am aware of. Have a look at it, learn and get curious.
My job hunt is quite discouraging. I am getting responses/call back and interviews from companies I applied to. Some of the interviews I felt like I bombed it, while other interviews I felt confident I did quite well. For the companies I felt like I did well in the interview, I get ghosted. Perhaps it is my lack of knowledge or I give “bad vibes”, but the part of getting ghosted is demoralizing. But luckily for me since I was in the Military, I have learned to embrace the pain, misery, ambiguity, and chaos.
Venting aside I am going to continue my job hunt. For others out there I hope your job hunt is way more successful than mine.
There are many great free cybersecurity learning videos in Youtube, but there are three Youtube channels I followed from the early days till now. The three Youtube channels are TCM Security, John Hammond, and HackerSploit. Below are the link to their respective Youtube channels.
Another topic in cybersecurity I enjoy is privacy. I am not over the top but I am somewhat close. There is a DEFCON talk about privacy on Youtube, DEF CON 33 - Private, Private, Private Access Everywhere. This talk is really informative and applicable. You will need to pause some segments of the video to write down the resources the presenter mentions.
Below are additional resources on privacy.
On October 20, 2025 Amazon AWS went down which affected a good majority of online services and companies that rely on Amazon AWS. The culprit was DNS. DNS is crucial component in the IT world. Essentially, it is what connects everything to each other. This is a synopsis from Amazon of what happened, AWS outage
On October 29, 2025 Microsoft went down which affected everyone worldwide. The culprit was DNS. This is an external link about the Microsoft outage, Microsoft outage
As you can see DNS is a critical component that should be handled with extreme care. I understand mistakes happen, but this is not the first time it has happened. How can we make sure this never happens? Double, triple, etc check the DNS change before you apply or commit. Easier said than done, but you just need to take ownership. No excuses. But what do I know, I am just another cog in the machine.
I volunteered for a cybersecurity event called SiberX: Operation Defend the North (Vancouver). This conference is new to me in a sense that it isn't the typical technical/hacking conference. The conference is a tabletop exercise. In my previous job when I was a IT Security Analyst, I participated in a tabletop exercise. So, a tabletop exercise wasn't new to me.
My role as a volunteer I was part of the command centre, which I oversee the tabletop exercise that was broadcast live on the internet and I also oversee the chat room. It was quite a unique experience for me. I enjoyed it. I would volunteer again for the next one.
Here is the website, SiberX,for more information about the event and the organizer.
On October 14, 2025 Microsoft has ended supporting Windows 10. But there is somewhat of a good news. Microsoft has the Extended Security Updates (ESU) program. This option is to continue getting security updates from Microsoft till October 13, 2026. This is the official link from Microsoft, Microsoft Extended Security Update Program. In the end of the day Microsoft is forcing you to either upgrade your computer or buy a new computer.
There is another option that is better in my own opinion. This option is free, it is secure, not invasive of privacy, and has a supportive community. It is Linux. Yes, there are many Linux distrubtions (linux distro) out there but there are three that is quite user friendly. Below are those three Linux distro.
Since it is the obligatory cybersecurity awareness month, thought this blog would be appropriate. If you search cybersecurity you might be put off by the fact it looks complex, difficult to learn and understand, and looks like none technical individuals will not understand it. In my opinion cybersecurity can be easily learned and understood by anyone.
There are an abundance of information out there about which cybersecurity tips is the best. Below are my tips I believe that are practical and applicable to the everday individuals.
Keeping up with cybersecurity news can be overwhelming as there are a lot resources to look at. For me personally there are two resource that is my go to.
This is my first entry. My website/portfolio is live. I will be updating and beautify this as I learn.