@darkslaker profile picture
Eduardo P. Sánchez @darkslaker

@bishopfox Regional Director | Gamer, computer cyber sec enthusiast | Mex4’s | @bsidescdmx | Ex- @Lyft | Ex-@Scitum_Mx | @lasalle_mx | Tweets are by my own

Joined January 2009
  • Tweets 3,007
  • Following 1,761
  • Followers 1,092
128 Photos and videos
Stay on target...
0:20
36
Bishop Fox acaba de liberar AIMap, plataforma open-source a nivel masivo para descubrir y probar sistemas de IA expuestos en Internet bfx.social/4efKe0M
38
NIST is changing CVE enrichment. You still get the vulnerabilities. You just get less context for many of them. So what does a security team do with this? Senior Managing Operator Richard Brown breaks it down: bfx.social/4sRNAe4
46
We’re launching a new open-source tool on March 31: Cirro To walk through it, we’re hosting a 2-part workshop on: • Mapping Attack Paths in Azure • Schemas and Extensible Identity Graphs Register once for both sessions: bfx.social/4dfaqZ2
1
54
strongSwan EAP-TTLS integer underflow allows unauthenticated DoS of VPN servers • Impacts 15 years of versions • Low-effort exploitation • Sometimes requires just 2 connections Upgrade to 6.0.5 or disable EAP-TTLS Details & testing tool: bfx.social/48aqwiY
55
Eduardo P. Sánchez retweeted
Bishop Fox
@bishopfox
Mar 12
Moving from Electron to frameworks like Tauri doesn’t necessarily eliminate risk, but it does change the mechanics of exploitation. New Bishop Fox research shows how XSS & permissive configuration can still lead to RCE in desktop apps. Full scoop: bfx.social/4cHVl1R
1
2
9
743
AI risk is very different from traditional software risk. For starters: No CVE-style ecosystem. Infinite input space. Major supply chain blind spots. @KrisKimmerle of @RealPage from our recent AI & Security Risk cyber leadership panel: (Full write up: bfx.social/3OyqZoo)
56
Giving AI control over infrastructure isn’t sci-fi anymore. Vinnie Liu, Nathan Case (TPO Group), and Zach Moreno on OpenClaw / MoltBot, early-stage AI tooling, and why basic security hygiene still matters especially now. From this week's Initial Access: bfx.social/3OgckOm
1:23
1
1
108
Tool Spotlight: Unredacter Pixelation ≠ redaction. Unredacter proves it.
1
132
Cloud enumeration can eat up your whole day. Spend ~60 minutes with us and we’ll fix that. Live Discord workshop with Mitchell Sperling on CloudFox - Aug 21. Aug 21 | 2pm EST | bfx.social/45L6vOc
1
153
Episode 9 Party, Lord of Mysteries , ohhh intenso
1
260
Eduardo P. Sánchez retweeted
BSides CDMX@bsidescdmx
1 Aug 2025
¡Gracias por ser parte de esta increíble edición de #BSidesCDMX ! Nos emociona seguir creciendo junto a esta comunidad 💙 🎥 Ya puedes ver las charlas en nuestro YouTube: youtube.com/@bsidescdmx?si=T… 📸 Y revivir los mejores momentos con las fotos oficiales: securitybsidescdmx.pixieset.…

Security BSides CDMX

Cyber Security Conference @ Mexico City

youtube.com
7
21
1,880
Foxes incoming at @defcon 33 this year! Can’t wait to see @hecky and @brandonkovacs doing their thing. #DEFCON33 bfx.social/4mB68g3
1
3
312
Want a peek into what our red team really uses on engagements? This breakdown hits on some of the tools we rely on to get the job done stealthily. Some familiar names, some underrated gems: bfx.social/4lyUoKv bfx.social/3FXi7Vs
1
1
88
How the Busiest People Find Joy hbr.org/2025/07/how-the-busi… , no hay que olvidarse de pasarla bien en un mundo tan ocupado

How the Busiest People Find Joy

Joy, along with achievement and meaningfulness, is one of the three keys to a satisfying life. Yet it’s the missing piece for many ambitious individuals, the authors found after examining data on how...

hbr.org
63
Tools don’t make the hacker, but they can make the job faster, stealthier, and way more effective. These are the C2s our Red Teamers reach for. Featuring open-source tools by @LittleJoeTables, Ronan Kervella, @its_a_feature_, and @Ne0nd0g. Take a look: bfx.social/404p65C
1
1
113
Really excited for this one. @brandonkovacs is discussing how red teamers are attacking and defending against deepfakes. Super relevant with how fast AI threats are evolving. Should be a great session. Come hang out on May 21! bfx.social/4ji6JB4
70
The one and only @TomNomNom’s keynoting NahamCon tomorrow! His talk "Good Vibes Only: Should You Still Learn to Code?" gets into what it really takes to grow as a hacker today. Definitely worth checking out if you’re into red teaming or bug bounties. bfx.social/43oCq5M
86
Can @rustlang outpace C in malware development? Bishop Fox consultant Nick Cerne joins @thecyberwire’s Research Saturday to explore Rust’s stealth advantages, OPSEC tradeoffs, and red team value. Listen: bfx.social/4kp0oVv
1:31
89
I saw some of my students now say grades don’t reflect learning and ask to skip evaluations. But are we mistaking evaluation for punishment? What about effort and commitment? It’s not about no evaluation — it’s about better evaluation.
1
106
Roger Schank argued that “we learn by doing,” not by memorizing for exams, learning should be experience based. Removing grades can reduce stress, but without meaningful alternatives, we risk losing accountability. 📚 rb.gy/6zyv42
46
Load more