About me

Paulino Calderon (@calderpwn on Twitter) is the co-founder of Websec, a company offering information security consulting services based in Mexico (https://websec.mx/) and Canada (https://websec.ca/). When he is not traveling to a security conference or conducting on-site consulting for Fortune 500 companies, he spends peaceful days in Cozumel, a beautiful island in the Caribbean, working on remote projects, learning new technologies, developing new tools, or simply enjoying the beach.

Paulino’s contributions are used by millions of professionals in the cybersecurity industry. In 2011, Paulino joined the Nmap team during the Google Summer of Code to work on the project as an NSE developer. He focused on improving the web scanning capabilities and vulnerability detection in Nmap in past years. Additionally, he has been a Google Summer of Code mentor for students in 2015, 2017 (Nmap), and 2019 (OWASP IoT Goat). He collaborates with the OWASP organization by occasional committing to projects like the OWASP Mobile Security Testing Guide, OWASP JuiceShop, and OWASP IoTGoat. He is also the chapter leader of the OWASP Riviera Maya and organizer of events like OWASP LATAM Tour Mexico and 8.8 Mexico.

He has published Nmap: Network Exploration and Security Auditing Cookbook (Now on its 2nd edition) and Mastering the Nmap Scripting Engine, covering practical tasks with Nmap and NSE development in depth. His latest publication Practical IoT Hacking will be published in Dec 2020 with NoStarchPress. He loves attending information security conferences, and has given talks and participated in workshops in over 50 events in countries like China, Germany, Canada, United States, Mexico, Colombia, Peru, Bolivia, Chile, El Salvador, Honduras, and Curacao.

CV [May/31/2018]
My CV.

I’ve had the opportunity to speak and/or give workshops at the following conferences (Private conferences not listed here):

    • Reunión de Comunidad Underground de México (@ CPMX, México city)
    • Bugcon 2012 (Workshop) (@ Instituto Politécnico Nacional, México city)
    • 2ndo Congreso Internacional de Vanguardia Tecnológica (@ Universidad Anáhuac Mayab, Mérida)
    • GuadalajaraCON (@ Universidad de Gualadajara, Guadalajara)
    • Startup Weekend Mérida (@ Universidad Anáhuac Mayab, Mérida)
    • 7a semana de la seguridad informática (@ FES Aragón UNAM, México city)
    • EC Council Global Partners Conference (@ Sheraton Maria Isabel, México city)
    • HackerHalted USA 2012 (@ Intercontinental hotel, Miami, FL) [Oct 31, 2012]
    • XI Congreso de Ingeniería “La Ingeniería Aplicada a la Seguridad y Desarrollo Nacionales” (@ Escuela Militar de Ingenieros, México city)[Nov 2012]
    •  Día Internacional de Seguridad en Cómputo (@ Universidad Autónoma del Estado de México, Toluca)[Nov 2012]
    • Security Zone 2012 (@ Medellín, Colombia) [Dec 6, 2012]
    • BugCON 2013 (@ Instituto Politécnico Nacional, México city) [Feb 2013]
    • BSides Vancouver [March 1, 2013]
    • GuadalajaraCON (@ Universidad de Gualadajara, Guadalajara) [March 2013]
    • Congreso Proxy 2013 (Hermosillo, MX)
    • 4to Congreso Nacional de Hacking Etico y Computo Forense (Bogota, CO)
    • CITIS 2014 (Mazatlan, MX)
    • Campus Party Mexico (Guadalajara, MX)
    • Soluciones Inteligentes (@ Instituto Tecnológico de Toluca)
    • Google Summer of Code Mentor Summit 2015 [SF, US]
    • DragonJARCON 2015 [Manizales, CO]
    • OWASP LATAM Tour 2016 Capítulo Perú [Lima, PE]
    • OWASP LATAM Tour 2016 Capítulo Bolivia [Santa Cruz, BO]
    • CITIS 2016 [Mazatlán, MX]
    • Campus Party Guadalajara 2016 [Guadalajara, MX]
    • Blackhat USA Arsenal 2016 [Las Vegas, US]
    • DEFCON 24 [Las Vegas, US]
    • Congreso Internacional de seguridad UANL [Monterrey, MX]
    • Cyber Security Summit Imperva [Mexico city, MX]
    • Cyber security versus Cyber Crime by ISACA Chapter Curacao [Curacao]
    • Bugcon 2016 [Mexico, city]
    • OWASP LATAM Tour 2017 Riviera Maya [Cancun, MX]
    • Google I/O Extended 2017 [Cancun, MX]
    • Smart city & Hacking (@ UNID) [Cozumel, MX]
    • DragonJAR Security Conference 2017 [Bogotá, CO]
    • 8.8 [La Paz, BO]
    • 8.8 Lucky [Santiago, CL]
    • Expo Cyber Security Summit [Tegucigalpa, Honduras]
    • OWASP LATAM TOUR 2018 México [Cancun, México]
    • OWASP LATAM TOUR 2018 El Salvador [El Salvador]
    • DEFCON China [Beijing, China]
    • DurivaCON [Mexico City]
    • Congreso Internacional de la Seguridad de la Información [Universidad Autónoma de Nuevo Leon, MTY, MX]
    • DragonJARCON 2018 [Bogota, Colombia]
    • 8.8 Perú [Lima, Perú]
    • 8.8 Bolivia [La paz, Bolivia]
    • FIADI [Panamá]
    • FIT [Guatemala, Guatemala]
    • CIDSI 2019 [Sucre, Bolivia]
    • 8.8 México [CDMX, México]
    • Panel automatización Checkmarx: Mitos y realidades [Virtual]
    • Foro Ciberseguridad Kingston [Virtual]
    • Hackday Paraguay 2020 [Virtual]
    • CCOSS 2020 [Virtual]

5 thoughts to “About me”

  1. hola, vi tu conferencia en Campus Party 7 y me gustaría tener la presentación, ya que se me hizo muy interesante, crees que podrías publicarla en la pagina?

  2. Hi Paulino,
    I am trying to implement Rainmap as with a port scanner tool that I am building. Is there a way to save or retrieve previous scan results on the rainmap GUI ?
    Right now, it appears to me that the person who gets the email of the scan results, is the only person with the results. Is there a page on the Rainmap GUI where the results get saved and can be viewed by anyone that has permissions?

Leave a Reply

Your email address will not be published. Required fields are marked *