My name is Iván Santos Malpica (aka HackCommander). I am a mathematician, computer engineer and I work as a cybersecurity consultant.
These are my titles:
- Mathematical Engineering by the Universidad Complutense de Madrid.
- Computer Engineer by the Universidad Nacional de Educación a Distancia (UNED).
- eJPT (eLearnSecurity Junior Penetration Tester) by eLearnSecurity.
Creator of the following tools:
- PHP-info-cookie-stealer (This is a payload generator designed in Bash to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation.)
I have made the following contributions:
- Personal blog about science and technology.
- Talk called Pentesting: CTFs as a learning medium at Bluetab Company.
- Pull request to HackTricks to add a method to bypass the HttpOnly during an XSS exploit using the PHP info page.
Attendee at the following cybersecurity events:
- RootedCON 2022 (Madrid)
- Osintomático 2022 (Madrid)
- RootedCON 2023 (Madrid)
- Osintomático 2023 (Madrid)