Welcome to my blog!

I’m hexkaster, an Offensive Security Consultant and Pentester who spends most of his time breaking into systems so companies can fix them before someone with worse intentions does.

What I Do

Over the past few years I’ve worked on web applications, APIs, networks, and large corporate environments, always looking for the cracks that could turn into real issues. My day-to-day covers red team operations, pentesting, and threat intelligence across Latin America.

Outside of client work, I dive into security research and new attack techniques. I enjoy putting ideas into practice, writing about them, and turning advanced offensive security concepts into something others can actually use. I’ve also organized CTFs and trainings, since teaching is one of the best ways to sharpen skills.

I hold certifications like OSCP, OSEP, and CRTO+, but more than the paper, I value the real-world exploitation, chained attacks, and problem-solving that come with the job.

Why This Blog?

I started this space to share writeups, research, and experiments from my journey in offensive security. You’ll find anything from breakdowns of vulnerabilities, attack chains, and payload tricks, to thoughts on the state of security in our region.

My goal is to keep it practical, useful, and approachable for anyone interested in offensive security—whether you’re starting out or already deep in the field.

Additional Information

• Follow me on X (Twitter) for updates and random thoughts.

Thanks for dropping by, and I hope you find something here that sharpens your skills or sparks a new idea.