Practice Lead, Research
Carlos Perez has been active in the security community since 1999 working for the Government of Puerto Rico helping secure networks and performing internal pentests. He later joined Compaq/HP where he worked as a Senior Solution Architect for the Security and Networking consulting practices covering 33 countries in Central America, South America, and the Caribbean helping customer design and to implement security solutions that helped customers meet their business needs in a secure way. Carlos also worked as the Director of Reverse Engineering at Tenable, Inc., where he was in charge of all remote code execution checks and finding zero-day vulnerabilities on products tested.
Education & Certifications
Microsoft MVP, MCSE, MCDBA, CompTia Network +, A+, Linux + an Security +
Carlos has been active in the security community presenting at conferences like DEFCON, DerbyCon, Hack3rCon, BSides and many others. He has contributed to and created many Open Source projects such as Metasploit, DNSRecon, Posh-SSH, and many others. He has been awarded the Microsoft MVP award for Data Center Management in the specialties of Enterprise Security and PowerShell for the last 4 years.
Recent Blog Posts
On March 10, 2020, during its monthly Patch Tuesday, Microsoft published the advisory ADV200005 for a critical Remote Code Execution (RCE) vulnerability on Server Message Block (SMB) 3.1.1. Microsoft released the advisory after Cisco Talos accidentally published details on the same day. Both Cisco Talos and Fortinet released advisories for the vulnerabilities on their pages...
Today we are excited to announce the launch of the TrustedSec Sysmon Community Guide. This guide is intended to be a one-stop shop for all things Sysmon. Our goal for the project is to help empower defenders with the information they need to leverage this great tool and to help the infosec community spread the...
Current Problem When working in an unknown network, some of the most important pieces of information to have are appraisals of current assets and information contained on them. This is important for any security professional, from tester to defender. Given the prevalence of Active Directory (AD) in most Windows environments, gaining a clear inventory of...
Recorded June 19, 2019 at 1 P.M. EST Situational awareness is key when one lands access on a target system as part of an attack simulation. Knowing what controls are present and which are likely present allows performance of a...
Learn the basics of post-exploitation from advanced infosec professionals Join Carlos Perez (@darkoperator) as he shares some of the post-exploitation methodology used by TrustedSec security consultants performed during actual attack simulations. Each of the four individual webinars will focus on...