Welcome to my website. I was getting frustrated with LinkedIn because I keep getting locked out or getting "banned". I confirmed I am not doing anything suspicious or malicious. I don't know what their reasoning is for icing me out.
I decided to create a portfolio/website. This is a static website, nothing fancy and straight to the point. Since I am not a web developer I am learning as I go along, which at the same time I will beautify this. The main objective of this portfolio/website is to showcase myself and to connect/network with individual(s) or companies.
The contents will be mostly about Cybersecurity, but I will also include none Cybersecurity contents.
Hello! I am Miguel. I am based out of British Columbia, Canada. I am Cybersecurity professional with hands-on experience with offensive and defensive. I tend to lean more into the offensive side, but at the same time I still like the defensive side. I consider myself a "jack of all trades, master of none".This resonate with anyone in the Information Technology field or in the Cybersecurity field. Whatever the tasking(s) is, I will get it done. I am also an Open-source Intelligence (OSINT) practitioner. OSINT may look simple to most people, but the thought process is what fascinate me.
Currently, I am actively seeking employment in a Cybersecurity role that would be either offensive or defensive. The job can be either full-time, part-time, or contract. Ideally, I would want the job to be local to me but I am flexible if the job is fully remote.
Below is a highlight of my resume. For my full resume contact me by email, ocean0racle@protonmail.com, and I will provide it to you.
Installed three Sony Bravia 65" Smart TV for a private client. The process wasn't difficult but the private client wasn't too comfortable of setting up the technical portion. Which was setting up the network, in this case it was WiFi, applying updates, linking up required Cloud accounts, install other streaming applications, reviewing additional configurations, and doing a final confirmation. Fortunately, I didn't have to do mount any brackets.
Even though this wasn't necessary Cybersecurity related there was an element of IT, which was setting up the network. Plus, I get to get my hands dirty and do physical work.
I built a virtualized environment that comprise of a virtual Ubuntu machine and a virtual Windows to practice various Blue Teaming TTP(tactics, techniques, procedures) such as network traffic analysis, log analysis, phishing analysis, and other methodologies.
Below are the following tools that were used.Since this lab is part of the course, it is intellectual property of TCM Security Academy. I truly respect of what TCM Security does and their contribution to the cybersecurity community. I will not post the setup guide. If you want to see the lab and set it up yourself, go sign up for the course. You will not be disappointed.This is the link to TCM Security's Academy, TCM Security Academy. Also, here is their website TCM Security main website
I built a virtualized environment that comprise of a virtual Windows Active Directory, two virtual Windows machines, and one attacker machine that is Kali Linux to practice various Penetration Testing TTP(tactics, techniques, procedures) such as LLMNR poisoning, Pass the hash/Pass the Password, token impersonation, kerberoasting, golden ticket attack, SMB relay attack, and IPv6 DNS attack.
Below are the following tools that were used on specific attacks.
Since this lab is part of the course, it is intellectual property of TCM Security Academy. I truly respect of what TCM Security does and their contribution to the cybersecurity community. I will not post the setup guide. If you want to see the lab and set it up yourself, go sign up for the course. You will not be disappointed.This is the link to TCM Security's Academy, TCM Security Academy. Also, here is their website TCM Security main website
Configured a Raspberry Pi to a wireless Penetration Test box to learn wifi attack such on WPA2-PSK. I installed Kali Linux onto the Raspberry Pi. The built-in wifi adapter is compatible, so I was able to conduct a wireless Penetration Test. I used Aircrack-ng for the wifi attack.
This is one of the setup guide I used for this project, Setup Raspberry Pi as wifi Pentest boxConfigured a ESP32-CAM to be a camera. I used two resources to complete the project; Getting started with a esp32-cam and Create a Wi-Fi Spy Camera with an ESP32-CAM. The second link which is a youtube video was for me check it out from a different perspective.
Below are the conferences I have attended. I plan to attend more. While DEFCON is the biggest and well known conference, I actually like Bsides. Bsides is small but seems to be more community driven.
I attended a technical talk at a local DEFCON(DC) group that I am part of. The technical talk was about OSINT by Ritu. It was quite an informative session which I enjoyed. I have seen Ritu presented before and I like the contents that Ritu discusses about. OSINT is one of the many sub categories of Cybersecurity that I like.
This is Ritu’s website, Ritu Gill - OSINT. I am sure Ritu might have other websites, but this is the website I am aware of. Have a look at it, learn and get curious.
My job hunt is quite discouraging. I am getting responses/call back and interviews from companies I applied to. Some of the interviews I felt like I bombed it, while other interviews I felt confident I did quite well. For the companies I felt like I did well in the interview, I get ghosted. Perhaps it is my lack of knowledge or I give “bad vibes”, but the part of getting ghosted is demoralizing. But luckily for me since I was in the Military, I have learned to embrace the pain, misery, ambiguity, and chaos.
Venting aside I am going to continue my job hunt. For others out there I hope your job hunt is way more successful than mine.
There are many great free Cybersecurity learning videos in Youtube, but there are three Youtube channels I followed from the early days till now. The three Youtube channels are TCM Security, John Hammond, and HackerSploit. Below are the link to their respective Youtube channels.
Another topic in Cybersecurity I enjoy is privacy. I am not over the top but I am somewhat close. There is a DEFCON talk about privacy on Youtube, DEF CON 33 - Private, Private, Private Access Everywhere. This talk is really informative and applicable. You will need to pause some segments of the video to write down the resources the presenter mentions.
Below are additional resources on privacy.
On October 20, 2025 Amazon AWS went down which affected a good majority of online services and companies that rely on Amazon AWS. The culprit was DNS. DNS is crucial component in the IT world. Essentially, it is what connects everything to each other. This is a synopsis from Amazon of what happened, AWS outage
On October 29, 2025 Microsoft went down which affected everyone worldwide. The culprit was DNS. This is an external link about the Microsoft outage, Microsoft outage
As you can see DNS is a critical component that should be handled with extreme care. I understand mistakes happen, but this is not the first time it has happened. How can we make sure this never happens? Double, triple, etc check the DNS change before you apply or commit. Easier said than done, but you just need to take ownership. No excuses. But what do I know, I am just another cog in the machine.
I volunteered for a Cybersecurity event called SiberX: Operation Defend the North (Vancouver). This conference is new to me in a sense that it isn't the typical technical/hacking conference. The conference is a tabletop exercise. In my previous job when I was a IT Security Analyst, I participated in a tabletop exercise. So, a tabletop exercise wasn't new to me.
My role as a volunteer I was part of the command centre, which I oversee the tabletop exercise that was broadcast live on the internet and I also oversee the chat room. It was quite a unique experience for me. I enjoyed it. I would volunteer again for the next one.
Here is the website, SiberX,for more information about the event and the organizer.
On October 14, 2025 Microsoft has ended supporting Windows 10. But there is somewhat of a good news. Microsoft has the Extended Security Updates (ESU) program. This option is to continue getting security updates from Microsoft till October 13, 2026. This is the official link from Microsoft, Microsoft Extended Security Update Program. In the end of the day Microsoft is forcing you to either upgrade your computer or buy a new computer.
There is another option that is better in my own opinion. This option is free, it is secure, not invasive of privacy, and has a supportive community. It is Linux. Yes, there are many Linux distrubtions (linux distro) out there but there are three that is quite user friendly. Below are those three Linux distro.
Since it is the obligatory Cybersecurity awareness month, thought this blog would be appropriate. If you search Cybersecurity you might be put off by the fact it looks complex, difficult to learn and understand, and looks like none technical individuals will not understand it. In my opinion Cybersecurity can be easily learned and understood by anyone.
There are an abundance of information out there about which Cybersecurity tips is the best. Below are my tips I believe that are practical and applicable to the everday individuals.
Keeping up with Cybersecurity news can be overwhelming as there are a lot resources to look at. For me personally there are two resource that is my go to.
This is my first entry. My website/portfolio is live. I will be updating and beautify this as I learn.