APR 2026 Course completed: Hacking the Final Frontier - Offensive Security in Space Systems and Satellites · Black Hat latest activity
TA0043 Recon T1593 · about
TA0042 Rsrc Dev T1587 · skills
TA0001 Init. Access T1566 · early career
TA0004 Priv. Esc. T1078 · challenges
TA0002 Execution T1059 · projects
TA0003 Persistence T1547 · interests
TA0007 Discovery T1082 · education
TA0010 Exfiltration T1041 · contact
lateral movement detected · access pattern flagged defender: xavi bages
xavisec@portfolio:~$ cat profile.json session active · scroll to explore
security engineer (almost ;)

BSc Computer Science with AI. 4 years in the industry - SOC operations, cloud security, OSINT investigations. Interested in both the technical and the business side of security.

experience github linkedin contact
career roadmap
2016 - 2021
First steps
IT at 16 · OSINT · fraud detection · ransomware response
done
2021 - 2023
Deloitte
SOC · cloud security · WAF · security consulting
done
2024 - 2026
Back to basics
BSc CS + AI · technical and academic foundations
done
now
Security engineer
OSCP prep · bug bounty · open to collaborate / roles
active
someday
Goose farmer
backup plan
maybe
// public profile · xavisec · threat intel awareness
recon ● active
$ theHarvester -d xavisec -b linkedin,github,shodan
[*] querying linkedin...
[+] profile: linkedin.com/in/xavibages
[+] background: cybersecurity consulting
[+] region: Europe
$ github: user:xavisec
[+] github.com/xavisec · repos: BigDataProgrammingProject
[+] stack: React · Node.js · cloud security
$ site:credly.com "xavi bages"
[+] certifications: eJPT · AWS Security Specialty
$ certificates.blackhat.com "xavi bages"
[+] specialist training: offensive security · space systems
→ subject profile built · see centre panel
public profile · xavisec ● profile complete
// public_profile.json
locationEurope-based · open to relocate
threat levelassessed
certsAWS Security · eJPT · Black Hat
next certOSCP (preparing)
exposureintentional · this is a portfolio
// professional background intentionally summarised
// contact available through public professional channels
threat intel · profile correlated ● monitoring
RULE osint_dork_on_identity · severity: MEDIUM
09:12:01 [INFO] crawler: linkedin.com/in/xavibages scraped
09:12:03 [INFO] crawler: github.com/xavisec enumerated
09:12:08 [WARN] dork: site:credly.com "xavi bages" · 2 hits
09:12:11 [WARN] dork: certificates.blackhat.com pattern matched
09:12:14 [WARN] passive recon · 4 sources correlated in 13s
09:12:15 [CRIT] public profile correlation complete · src=you
09:12:15 [INFO] renderer: spacing tokens loaded · check :root · unknown encoding
ALERT · public profile enumerated
public information aggregated · professional exposure by design
09:12:16 [OK] subject aware · exposure intentional
09:12:16 [OK] this is a portfolio · you found it
CIA triad Confidentiality Integrity Availability
GDPR awareness data minimisation breach notification right to erasure privacy by design
frameworks MITRE ATT&CK NIST CSF ISO 27001 SPARTA
security is not only technical · it needs to be understood at every level of the business
// 01 - about
TA0043 · Reconnaissance T1593 · open-source research · professional profile

Hybrid InfoSec profile

Hands-on security experience, infrastructure knowledge and academic work in AI - oriented toward applying intelligent systems to real security problems.

[ security_ops ]

Security Operations

SOC environments, threat detection, security monitoring, reporting automation and operational improvement in regulated, high-demand contexts.

[ adversary_thinking ]

Adversary Mindset

Vulnerability identification, privilege escalation, penetration testing methodology and understanding system internals from an attacker's perspective.

[ ai_for_security ]

AI for Security

Hands-on study of LLMs, agents and transformer architectures alongside academic work on ML for cybersecurity datasets. Final dissertation on LiDAR spoofing in cyber-physical systems.

// 02 - skills
TA0042 · Resource Development T1587 · capabilities acquired · tools, certs, languages, cloud - the attacker's arsenal

Technical skills

Practical coverage across cybersecurity, infrastructure, scripting, cloud security and AI-supported analysis.

key: red team offensive / adversarial blue team defensive / detection AI machine learning / AI-driven
blue teamred team

[ security tools ]

Demisto Imperva Radware Palo Alto CrowdStrike Microsoft Defender Splunk Qualys Burp Suite nmap Symantec DLP radare2 ···
blue team

[ cloud & infrastructure ]

AWS Azure Active Directory TCP/IP Network Protocols API Automation WAF SIEM
AI

[ programming & AI ]

Python Security Automation Machine Learning LLMs & Agents Transformers Jupyter React Node.js

[ certifications & languages ]

eJPT AWS Security Specialty OSCP (preparing) Catalan - native Spanish - native English - fluent German - A1.1 · Goethe-Institut München Arabic - studied A1
// 03 - experience
TA0001 · Initial Access T1566 · initial foothold · T1078 · access expanded over time

Experience

Cybersecurity consulting, OSINT investigations, logistics automation and web development.

OCT 2021
NOV 2023
Deloitte
Junior Analyst - Senior Consultant
Infrastructure Protection · Barcelona
blue team
  • Worked within a Security Operations Center (SOC) in a banking environment, supporting threat detection in a highly regulated and high-demand context, while contributing recommendations to improve security operations.
  • Led the implementation and management of cloud-based security services across multiple sectors, including healthcare, banking, sports, and insurance, with a strong focus on Web Application Firewall (WAF) technologies, ensuring protection against web threats and alignment with compliance requirements.
  • Conducted security assessments across endpoints and Active Directory environments, identifying vulnerabilities and providing recommendations to support remediation and risk reduction.
  • Contributed to broader technical security initiatives, supporting the CISO function and strengthening overall security posture and operational resilience.
MAR 2019
MAR 2021
Indaga O'Callaghan
Cybersecurity Analyst
OSINT · Barcelona
blue team

OSINT investigations for fraud detection, alongside reactive support for ransomware victims.

  • Conducted 20+ OSINT investigations, generating actionable intelligence to support fraud detection and risk assessment.
  • Provided response guidance and resources to ransomware victims to assist with recovery and raise awareness.
  • Created and managed RansomwareWorld, a Telegram support group that grew to over 800 users, bringing together affected individuals and cybersecurity professionals.
  • Delivered ransomware awareness and recovery workshops.
  • Basic static and dynamic analysis of test ransomware samples using tools such as radare2.
SEP 2019
NOV 2019
Noatum
Junior Project Manager (Internship)
Port of Barcelona
AI

Contributed to the award-winning "Autocontrol" logistics automation system for vehicle identification and tracking in port operations.

  • Implemented computer vision cameras to automatically read VIN codes, removing manual data entry.
  • Integrated active RFID tracking with WhereLAN III antennas for real-time vehicle geolocation in port infrastructure.
  • Projected to reach break-even within a few years and deliver significant cost reductions over 10 years. Recognised in the 2019 IMEB Report by the Barcelona City Council and featured in the Spanish press.
MAY 2017
OCT 2017
CAEC
Frontend Developer (Internship)
Barcelona

Developed two websites using Drupal CMS. Early exposure to frontend development and content management systems.

// 04b - challenges
TA0004 · Privilege Escalation T1078 · gaining access to systems that weren't meant to be accessed · ongoing practice

CTF & challenges

Ongoing skill practice through CTF platforms, weekly challenges and vulnerability research.

ONGOING_01
red team

HackTheBox

CTF platform. Focused on OSINT challenges.

OSINTCTFHackTheBox
ONGOING_02
profile ↗
red team

Bug Bounty - YesWeHack

Active participation in bug bounty programmes on YesWeHack. Two vulnerabilities reported and currently awaiting triage.

Bug BountyVulnerability ResearchWeb Security
CERT_01
red team

OSCP - preparing

Offensive Security Certified Professional. Active preparation - lab practice, techniques, methodology.

⟳ in progress
Penetration TestingOffensive SecurityOSCP
// 04 - projects
TA0002 · Execution T1059 · payloads deployed · dissertations, platforms, satellites, bugs - things that ran

Projects & achievements

Academic, technical and community work across AI security, data science, conservation technology and vulnerability research.

COURSE_01
certificate ↗ post ↗
red team

Offensive Security in Space Systems - Black Hat

Hands-on course using a real open-source satellite hardware platform (Flatsat) designed to be vulnerable by default. Conducted offensive operations against a live space environment using SDR, antennas and ground station software - working directly with CCSDS and AX.25 protocols to exploit weaknesses in radio links, firmware and ground station software.

Also worked with the pwnsat team's attack-flow framework, which combines MITRE and SPARTA to model and visualise attack flows against space systems - developing representations of incident scenarios and tooling to display them.

Our group uncovered additional vulnerabilities not covered in the training by independently testing the antenna.

Black Hat · Apr 2026
Space SecuritySDRCCSDS AX.25RF Exploitation MITRE / SPARTAAttack Flow
DISSERTATION_01
⟳ final result pending
AIred team

LiDAR Spoofing in Cooperative Perception Systems - Dissertation

Final-year dissertation investigating the vulnerability of cooperative perception systems in autonomous vehicles against spoofing attacks. Explores how malicious inputs can manipulate the perceived environment, focusing on how model architecture, fusion strategy and configuration affect robustness under adversarial conditions.

Investigates the potential of introducing controlled activations within feature maps to improve resilience against spoofing attacks and contribute to safer autonomous driving systems.

// in short: convinced a self-driving car it saw something that wasn't there · for academic purposes · probably
Coventry University · Expected First Class
Autonomous VehiclesCooperative Perception LiDAR SpoofingCyber-Physical Security AI SecurityAdversarial Robustness
PROJECT_04
⟳ final result pending
AIblue team

Chasing Web Based Attacks in IoT Systems

Investigates whether stronger web defences can be supported through automated data analysis techniques associated with AI. Evaluates which artificial neural network algorithm performs best in a binary classification task, distinguishing malicious web-based attacks from benign traffic in industrial IoT environments.

Uses the DataSense: CIC IIoT Dataset 2025 from the Canadian Institute for Cybersecurity, combining sensor and network data from industrial IoT devices.

Coventry University · Expected First Class
IoT SecurityWeb Attacks Neural NetworksMachine Learning Binary ClassificationCIC IIoT 2025
PROJECT_01
github ↗
blue team

Komodo Hub - Conservation Web Platform

Full-stack web application using React (frontend) and Node.js (backend), contributing across the full development lifecycle. Implemented secure authentication and route protection using Amazon Cognito, with responsive UIs built in Material UI and PrimeReact.

Rotated across Scrum roles (Product Owner, Scrum Master, Developer). Created internal security guidelines documentation and researched Indonesia's Personal Data Protection (PDP) Law for compliance awareness.

ReactNode.jsAmazon Cognito Material UIAWSScrum Security GuidelinesPDP Law
PROJECT_02
github ↗
AI

Big Data - Travel Behaviour Analysis

Analysis of Bureau of Transportation Statistics datasets to explore trip patterns and distance ranges, including linear and polynomial regression modelling with parallel analyses.

PythonJupyter Notebook RegressionData Analysis
PROJECT_03
demo ↗
AI

Autocontrol - Metròpolis FPLab

1st place among 154 teams. Automated vehicle identification for port logistics using computer vision (VIN reading) and RFID tracking. Projected to reach break-even within a few years and deliver significant cost reductions over 10 years. Recognised in the 2019 IMEB Report by Barcelona City Council and featured in the Spanish press.

1st place · 154 teams
Computer VisionRFIDAutomation
COMMUNITY_01
telegram ↗
blue team

RansomwareWorld

Telegram community created to support ransomware victims and facilitate information sharing among infosec professionals. Focus on individuals and SMEs.

CommunityRansomware Response Threat IntelSME Security
// 05 - interests & other activities
TA0003 · Persistence T1547 · staying active · languages, markets, space, sport - maintaining presence beyond the job

Beyond the job

Fields and activities outside core work that shape how I think.

[ finance ]

Investing & Financial Markets

Top 10 independent entry in the UK Investment Competition 2025.

[ languages ]

Languages & International Contexts

Native Catalan and Spanish, fluent English. Studied German (A1.1, Goethe-Institut München) and Arabic (A1). Studied and worked across international environments - UK, Spain, Turkey, Indonesia, Egypt, Nigeria and India.

[ sports ]

Team Sports

Participation in team sports as a regular practice - competitive mindset, communication and resilience under pressure.

[ self-development ]

Continuous Learning

Preparing for OSCP. Can talk business - prefer to break things.

// 06 - education
TA0007 · Discovery T1082 · system info gathered · degrees, diplomas, institutions - mapping the environment

Education

Computer science, AI, cybersecurity management, network systems and business.

[ background_investment · 2024 - 2026 ] stepped back from industry to strengthen academic and technical foundations - combining technical depth with strategic perspective
2024 - May 2026 · Expected First Class Honours (70%+)

BSc Computer Science with Artificial Intelligence

Coventry University, UK. First year credits recognised from previous qualifications. Final results pending.

2024 · Strategic complement

Business Administration and Management

London South Bank University. Four-month programme covering organisational management, business strategy and technology from a non-technical perspective.

2020 - 2021 · 80%

Master's Diploma in Cybersecurity Management

Universitat Politècnica de Catalunya.

2018 - 2020 · 93.1%

Vocational Training - Advanced Diploma

Computer Network Systems Management · Escola Pàlcam.

2016 - 2018 · 85.2%

Vocational Training - Intermediate Diploma

Microcomputer Systems and Networks · Escola Pàlcam.

// 07 - contact · TA0010 · exfiltration

Let's connect.

Open to roles across the spectrum - blue team, red team, security engineering, cloud, AI security. Based in Europe-based, open to relocate. Reach out.

linkedin initiate contact ↗
protonmail xavisec [at] protonmail [dot] com
github ↗