Miguel's Cybersecurity portfolio

Intro

Welcome to my website. I was getting frustrated with LinkedIn. It is the fourth time my LinkedIn account got locked out or "banned". I confirmed I am not doing anything that either is suspicious or malicious. I don't know what their reasoning is for icing me out.

I decided to create a portfolio/website. This is a static website, nothing fancy and straight to the point. Since I am not a web developer I am learning as I go along, which at the same time I will beautify this. The main objective of this portfolio/website is to showcase myself and to connect/network with individual(s) or companies.

The contents will be mostly about Cybersecurity, but I will also include none Cybersecurity contents.

(~$ whoami)

Hello! I am Miguel. I am based out of British Columbia, Canada. I am Cybersecurity professional with hands-on experience with offensive and defensive. I tend to lean more into the offensive side, but at the same time I still like the defensive side. I consider myself a "jack of all trades, master of none".This resonate with anyone in the Information Technology field or in the Cybersecurity field. Whatever the tasking(s) is, I will get it done. I am also an Open-source Intelligence (OSINT) practitioner. OSINT may look simple to most people, but the thought process is what fascinate me.

Currently, I am actively seeking employment in a Cybersecurity role that would be either offensive or defensive. The job can be either full-time, part-time, or contract. Ideally, I would want the job to be local to me but I am flexible if the job is fully remote.

Resume Highlights

Below is a highlight of my resume. For my full resume contact me by email, ocean0racle@protonmail.com, and I will provide it to you.

Ex-reservist in the Canadian Armed Forces as an armoured reconnaissance soldier.
Worked 10 years in an MSP as a Security Analyst. Which I started from a Helpdesk/Technical Analyst role.
Continuous participation of bug bounty hunting on platforms such as Hackerone and Intigriti, and vulnerability disclosure programs.
On-going practice of offensive and defensive skills on various resources such as Vulnhub, Let's Defend, Rootme, Overthewire.

Projects

October 2025: Smart TVs installation

Installed three Sony Bravia 65" Smart TV for a prviate client. The process wasn't difficult but the private client wasn't too comfortable of setting up the technical portion. Which was setting up the network, in this case it was WiFi, applying updates, linking up required Cloud accounts, install other streaming applications, reviewing additional configurations, and doing a final confirmation. Fortunately, I didn't have to do mount any brackets.

Even though this wasn't necessary Cybersecurity related there was an element of IT, which was setting up the network. Plus, I get to get my hands dirty and do physical work.

April 2025: Practical SOC Analyst (PSAA) lab

I built a virtualized environment that comprise of a virtual Ubuntu machine and a virtual Windows to practice various Blue Teaming TTP(tactics, techniques, procedures) such as network traffic analysis, log analysis, phishing analysis, and other methodologies.

Below are the following tools that were used.

Wireshark
TCP Dump
Snort
Splunk
LimaCharlie

Since this lab is part of the course, it is intellectual property of TCM Security Academy. I truly respect of what TCM Security does and their contribution to the cybersecurity community. I will not post the setup guide. If you want to see the lab and set it up yourself, go sign up for the course. You will not be disappointed.This is the link to TCM Security's Academy, TCM Security Academy. Also, here is their website TCM Security main website

April 2024: Practical Network Penetration Tester (PNPT) lab

I built a virtualized environment that comprise of a virtual Windows Active Directory, two virtual Windows machines, and one attacker machine that is Kali Linux to practice various Penetration Testing TTP(tactics, techniques, procedures) such as LLMNR poisoning, Pass the hash/Pass the Password, token impersonation, kerberoasting, golden ticket attack, SMB relay attack, and IPv6 DNS attack.

Below are the following tools that were used on specific attacks.

Nmap
Metasploit
Impacket
OpenVAS Community
Mimikatz

April 2024: Raspberry Pi wireless Penetration Test box

Configured a Raspberry Pi to a wireless Penetration Test box to learn wifi attack such on WPA2-PSK. I installed Kali Linux onto the Raspberry Pi. The built-in wifi adapter is compatible, so I was able to conduct a wireless Penetration Test. I used Aircrack-ng for the wifi attack.

This is one of the setup guide I used for this project, Setup Raspberry Pi as wifi Pentest box

March 2023: ESP32-CAM

Configured a ESP32-CAM to be a camera. I used two resources to complete the project; Getting started with a esp32-cam and Create a Wi-Fi Spy Camera with an ESP32-CAM. The second link which is a youtube video was for me check it out from a different perspective.

Blog

October 15, 2025

On October 14, 2025 Microsoft has ended supporting Windows 10. But there is somewhat of a good news. Microsoft has the Extended Security Updates (ESU) program. This option is to continue getting security updates from Microsoft till October 13, 2026. This is the official link from Microsoft, Microsoft Extended Security Update Program. In the end of the day Microsoft is forcing you to either upgrade your computer or buy a new computer.

There is another option that is better in my own opinion. This option is free, it is secure, not invasive of privacy, and has a supportive community. It is Linux. Yes, there are many Linux distrubtions (linux distro) out there but there are three that is quite user friendly. Below are those three Linux distro.

Ubuntu
Linux Mint
MX Linux

Part of the installation process is you will to download the ISO image of the Linux distro, create a bootable USB flash drive, and boot your computer from the USB flash drive. Here is a link on the process of creating a bootable USB flash drive, Create bootable USB flash drive

Ubuntu is the most well-known and used Linux distro. Yes, it may look intimidating but you will be able to use it with ease in no time and be proficient at it. This is the link to Ubuntu,Ubuntu download. When you go the website, choose Ubuntu 24.04.3 LTS.

The next Linux distro is Linux Mint and MX Linux. These two Linux distro are Windows like, meaning the look and feel is like a Windows environment. But a caveat for MX Linux is, that it is hardware dependent. Below are the two Linux distro.

I personally use Linux (Ubuntu) as my Operating System. I enjoy using it. But in the end of the day, it is your own decision of which Operation System you decide to use.

October 12, 2025

Since it is the obligatory Cybersecurity awareness month, thought this blog would be appropriate. If you search Cybersecurity you might be put off by the fact it looks complex, difficult to learn and understand, and looks like none technical individuals will not understand it. In my opinion Cybersecurity can be easily learned and understood by anyone.

There are an abundance of information out there about which Cybersecurity tips is the best. Below are my tips I believe that are practical and applicable to the everday individuals.

Use strong, unique passwords for each account. Use passphrase as possible, for example Oven-road10-Moonshine. Consider using a reputable password manager to securely store your passwords for example Keepass and Bitwarden.

Enable multifactor authentication (MFA) wherever possible. If possible use a hardware MFA such as Yubikeys. If you are going to use Yubikey get two, because the second Yubikey will be the backup in case the first Yubikey either gets lost, stolen, or destroyed. Website to Yubikey Yubikey

Regularly back up important data offline or on secure cloud services. Encrypt backups for added safety in case of ransomware attacks or device loss.

Be extremely cautious of downloading and installing software onto your computer, going to unknown websites, or going to websites that may seem or feel legitimate.

Keep software, applications, operating systems, and devices up to date with the latest security patches and update.

Be extremely cautious of suspicious emails, texts, and links. Look for signs like misspellings, urgent requests, and unfamiliar sender addresses to avoid phishing scams.

Be mindful of privacy settings on social media and limit sharing of personal information like address, full birth date, and travel plans.

Use antivirus and anti-malware software and keep it updated to recognize and protect against threats. There are many personal antivirus to choose from. For me personally I use Malwarebytes, the freemium version.

Avoid using public WiFi networks for sensitive transactions unless connected through a VPN. As much as possible use your home’s Wifi network or be hard wired (LAN connected).

Secure WiFi routers by changing default passwords and enabling WPA2 or WPA3 encryption.

Segerate your IoT devices(Alexa, Echo, wifi security camera, smart devices, etc) in a different network. An article about how to segerate your IoT devices, Segerate your IoT devices

Turn off Bluetooth and WiFi when not in use to minimize exposure to attacks.

If you feel my suggestions doesn't match with you, you are free to explore other options and other tips. That is the beauty of Cybersecurity, it is not one size fits all, you can customize it to whatever is your liking or your needs.

While Cybersecurity awareness month is in only October, technically Cybersecurity should be always continuous. I understand it may be daunting but make it a habit. One day it will be like muscle memory to you.Stay safe out there and always be vigilant.

October 9, 2025

Keeping up with Cybersecurity news can be overwhelming as there are a lot resources to look at. For me personally there are two resource that is my go to.

For the more general overview news I go to reddit r/cybersecurity.

If you search in google such as "cybersecurity news 2025" or somewhere along those lines, you will get many more resources.

October 8, 2025

This is my first entry. My website/portfolio is live. I will be updating and beautify this as I learn.

Cybersecurity portfolio/personal website