Talks

I’ve traveled half the world giving talks. Many talks.

About cybersecurity. About hacking. About development. About APIs. About Docker. About whatever’s needed.

Plus, I founded RootedCON, one of the most important cybersecurity conferences in Spain. So I’ve seen quite a few good talks. And some not so good.

I’m passionate about sharing knowledge. And I love it when people leave one of my talks saying “wow, I can apply this tomorrow at work”.

Here are some of my most notable talks.

SEE ALL ON SLIDESHARE
RootedCON
2025

Censorship, privacy and the fine art of disappearing without trace

RootedCON Madrid, Spain March 2025

Privacy techniques, censorship, anonymity and robust cryptography. With Dr. Alfonso Muñoz

Navaja Negra
2024

Doing fun things with databases

Navaja Negra Albacete, Spain October 2024

Unconventional ways to exploit databases: beyond deleting data or stealing information

RootedCON
2024

AWS, with its lambdas and its little things

RootedCON Madrid, Spain March 2024

Real AWS Lambda examples. Good, bad and terrible practices. With César Gallego

Navaja Negra
2023

Protect your Python... because if it's as bad as it sounds, better nobody sees it

Navaja Negra Albacete, Spain October 2023

Techniques to protect Python code: from basic methods to creating custom Python interpreters

Navaja Negra
2023

Protecting Python Source Code

Navaja Negra Albacete, Spain October 2023

Techniques to protect Python source code when publishing it: from the simplest to compiling your own Python interpreter

PyConES
2022

Asyncio in production: what nobody tells you

PyConES Granada, Spain October 2022

Everything I've learned using Python Asyncio in production processing millions of events per day: the good, the bad and the ugly

RSA Conference
2022

Spreading Application Security Ownership Across the Entire Organization

RSA Conference San Francisco, USA June 2022

How to distribute application security responsibility across the entire organization, beyond the security team

RootedCON
2020

From the Heaven to Hell in the CI/CD

RootedCON Madrid, Spain March 2020

Critical vulnerabilities in CI/CD pipelines and how attackers can compromise your entire development and deployment process

RootedCON
2018

Crawlino: The New Level of Crawling Systems

RootedCON Madrid, Spain March 2018

High-performance distributed crawling system for reconnaissance and analysis of web applications at scale

🎤
RootedCON
2017

Docker Might Not Be Your Friend - Trojanizing Docker Images

RootedCON Madrid, Spain March 2017

How to trojanize Docker images like a pro and why your container registry might be your worst enemy

OWASP Madrid
2016

I Meetup OWASP Madrid

OWASP Madrid Madrid, Spain June 2016

Technical talk at the first OWASP Madrid chapter meetup about web application security

RootedCON
2016

Broker & MQ Injection

RootedCON Madrid, Spain March 2016

Introduction of the Broker Injection concept and presentation of Enteletaor, a tool to inject, extract and modify information from Brokers like Redis, RabbitMQ or ZeroMQ

Cybercamp
2015

Python, Hacking and Sec-tools from the Trenches

Cybercamp Valencia, Spain December 2015

Technical workshop on developing security tools with Python: from basic scripts to professional tools

Codemotion
2015

Your DevOp Gives Me Work: I'm a Security Auditor

Codemotion Madrid, Spain November 2015

How DevOps are creating new attack vectors and vulnerabilities that security auditors have to fix