About me

Paulino Calderon (@calderpwn on Twitter) is the cofounder of Websec, a company offering information security consulting services based in Mexico and Canada. When he is not traveling to a security conference or conducting on-site consulting for Fortune 500 companies, he spends peaceful days in Cozumel, a beautiful small island in the Caribbean, learning new technologies, conducting big data experiments, developing new tools, and finding bugs in software.

Paulino is active in the open source community, and his contributions are used by millions of people in the information security industry. In 2011, Paulino joined the Nmap team during the Google Summer of Code to work on the project as an NSE developer. He focused on improving the web scanning capabilities of Nmap, and he has kept contributing to the project since then. In addition, he has been a mentor for students who focused on vulnerability detection during the Google Summer of Code 2015 and 2017. He is also a project leader and Google Summer of Code 2019 mentor of OWASP IoTGoat, a project about a deliberately insecure firmware to teach users about the most common vulnerabilities typically found in IoT devices.

He has published Nmap: Network Exploration and Security Auditing Cookbook (Now on its 2nd edition) and Mastering the Nmap Scripting Engine, covering practical tasks with Nmap and NSE development in depth. He loves attending information security conferences, and he has given talks and participated in workshops in dozens of events (+45) in China, Germany, Canada, United States, Mexico, Colombia, Peru, Bolivia, Chile, Panama, El Salvador, Honduras, and Curacao.

CV [May/31/2018]
My CV.


I’ve had the opportunity to speak and/or give workshops at the following conferences (Private conferences not listed here):

    • Reunión de Comunidad Underground de México (@ CPMX, México city)
    • Bugcon 2012 (Workshop) (@ Instituto Politécnico Nacional, México city)
    • 2ndo Congreso Internacional de Vanguardia Tecnológica (@ Universidad Anáhuac Mayab, Mérida)
    • GuadalajaraCON (@ Universidad de Gualadajara, Guadalajara)
    • Startup Weekend Mérida (@ Universidad Anáhuac Mayab, Mérida)
    • 7a semana de la seguridad informática (@ FES Aragón UNAM, México city)
    • EC Council Global Partners Conference (@ Sheraton Maria Isabel, México city)
    • HackerHalted USA 2012 (@ Intercontinental hotel, Miami, FL) [Oct 31, 2012]
    • XI Congreso de Ingeniería “La Ingeniería Aplicada a la Seguridad y Desarrollo Nacionales” (@ Escuela Militar de Ingenieros, México city)[Nov 2012]
    •  Día Internacional de Seguridad en Cómputo (@ Universidad Autónoma del Estado de México, Toluca)[Nov 2012]
    • Security Zone 2012 (@ Medellín, Colombia) [Dec 6, 2012]
    • BugCON 2013 (@ Instituto Politécnico Nacional, México city) [Feb 2013]
    • BSides Vancouver [March 1, 2013]
    • GuadalajaraCON (@ Universidad de Gualadajara, Guadalajara) [March 2013]
    • Congreso Proxy 2013 (Hermosillo, MX)
    • 4to Congreso Nacional de Hacking Etico y Computo Forense (Bogota, CO)
    • CITIS 2014 (Mazatlan, MX)
    • Campus Party Mexico (Guadalajara, MX)
    • Soluciones Inteligentes (@ Instituto Tecnológico de Toluca)
    • Google Summer of Code Mentor Summit 2015 [SF, US]
    • DragonJARCON 2015 [Manizales, CO]
    • OWASP LATAM Tour 2016 Capítulo Perú [Lima, PE]
    • OWASP LATAM Tour 2016 Capítulo Bolivia [Santa Cruz, BO]
    • CITIS 2016 [Mazatlán, MX]
    • Campus Party Guadalajara 2016 [Guadalajara, MX]
    • Blackhat USA Arsenal 2016 [Las Vegas, US]
    • DEFCON 24 [Las Vegas, US]
    • Congreso Internacional de seguridad UANL [Monterrey, MX]
    • Cyber Security Summit Imperva [Mexico city, MX]
    • Cyber security versus Cyber Crime by ISACA Chapter Curacao [Curacao]
    • Bugcon 2016 [Mexico, city]
    • OWASP LATAM Tour 2017 Riviera Maya [Cancun, MX]
    • Google I/O Extended 2017 [Cancun, MX]
    • Smart city & Hacking (@ UNID) [Cozumel, MX]
    • DragonJAR Security Conference 2017 [Bogotá, CO]
    • 8.8 [La Paz, BO]
    • 8.8 Lucky [Santiago, CL]
    • Expo Cyber Security Summit [Tegucigalpa, Honduras]
    • OWASP LATAM TOUR 2018 México [Cancun, México]
    • OWASP LATAM TOUR 2018 El Salvador [El Salvador]
    • DEFCON China [Beijing, China]
    • DurivaCON [Mexico City]
    • Congreso Internacional de la Seguridad de la Información [Universidad Autónoma de Nuevo Leon, MTY, MX]
    • DragonJARCON 2018 [Bogota, Colombia]
    • 8.8 Perú [Lima, Perú]
    • 8.8 Bolivia [La paz, Bolivia]
    • FIADI [Panamá]
    • 8.8 México [CDMX, México]
    • FIT [Guatemala, Guatemala]

5 thoughts to “About me”

  1. hola, vi tu conferencia en Campus Party 7 y me gustaría tener la presentación, ya que se me hizo muy interesante, crees que podrías publicarla en la pagina?

  2. Hi Paulino,

    I am trying to implement Rainmap as with a port scanner tool that I am building. Is there a way to save or retrieve previous scan results on the rainmap GUI ?
    Right now, it appears to me that the person who gets the email of the scan results, is the only person with the results. Is there a page on the Rainmap GUI where the results get saved and can be viewed by anyone that has permissions?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.