Joseph Carson:
Hello everyone. Welcome back to another episode of the 401 Access Denied podcast. I'm the host of the podcast, Joe Carson, Chief Security Scientist and Advisory CISO at Delinea, and I'm really pleased to be here. I'm joining you from Tallinn, Estonia where I'm back in my lab. I joined the research and I'm actually joined with one of my favorite people in the industry because this person has been on the show several times before and I'm welcoming them back. So Carlos, welcome back to the podcast. Can you give the audience a little bit of background, who you are, what you do, and some fun things about yourself?
Carlos Polop:
Sure. Well thank you for inviting me again. It's always great to have a chat with you. I always have a fun time in this podcast. So my name is Carlos. I'm currently working as Principal Team Lead in Halborn dedicated to pen testing of any kind of off-chain assets. And this is because Halborn is a company dedicated to web-free companies. So we'll do event testing of browser extensions, Android, iOS applications, web, cloud environments, infrastructure, anything that can be pen tested at the end. I'm also the main writer in HackTricks and I have created several tools such as the PEASS suite, which is some nice and funny scripts to try to find previous collision vulnerabilities in different operating systems. And yeah, I'm also, more in the past I used to be very active in the CTF and so on, but yeah, I used to try to play whenever I have the chance.
Joseph Carson:
Likewise. That's the challenge I have right now is my CTF time is... It's almost to zero at the moment, so I'm hoping to get the time to get back into it. And I mean, the main topic today is going to be going into your journey with HackTricks because for me it's one of the most valuable resources. If you're in security, it is a resource that you always have available and go to quite frequently, especially when you're trying to understand certain vulnerabilities or certain exploitation techniques and really tend to look at from a hardware perspective.
But before we get into HackTricks, I want to go take you back in a bit of your previous experience on you did your first talk at DEF CON last year, which is one of the things that we all have in our to-do list that we all want, certain conferences we want to talk about. So before we get into going into the journey with HackTricks, how was the DEF CON talk? How did it go and what was the feedback?
Carlos Polop:
It was a really nice experience. I have to say that we filled the room, so that was great.
Joseph Carson:
Absolutely. I mean, I was in the audience and that room was packed. And it was a big room as well. It was one of the main halls, so it was fantastic.
Carlos Polop:
Yeah, yeah, yeah, it was in the main track, one of the main track of DEF CON. And it was fun because one of the organizers come to us and say, "Hey guys, you filled the room." And we were like, "Of course, man. What were you expecting?"
Joseph Carson:
Because you have such a reputation also. You've got... When you're going to do a live demo, you get people's attention, and that's definitely one of the things is that people like, "Okay, this going to be a lot of fun. I'm going to come and see how this goes."
Carlos Polop:
Yeah, we have a lot of scary live demos. I can tell you that.
Joseph Carson:
And that was one of the things we were talking before we kicked off was that when you're doing those live demos is you try it so many times and you go back and forward and you're resetting it, try it again. You're like, "Okay, now I'm in a different place. I'm on a different network. Maybe I'll try it again just to make sure it works." And how many times did you retry that demo before you did it live?
Carlos Polop:
Oh man, several times. Several times. Just the day before, potentially three times each demo, and I have every comment just for copy-pasting it to make sure I wouldn't have any mistake because I have had mistakes in the past in some other live conferences and debugging in front of hundreds of people is not a nice experience.
Joseph Carson:
It's not a nice experience. But one of the things I mentioned is that sometimes when you're doing that, and it does happen, it shows the audience the thought process, what you're thinking about, you're going... And I think sometimes even the audience, they appreciate it. Even when it does go wrong, they'll be like, "This person's really taking a risk. They're doing it live." And they respect that. And if it does go wrong, then it really opens up... People start thinking about, "Oh, this is the thought process that the speaker's having. They're going through this debugging track." And it really also adds value to the audience as well because it also gives them that extra experience and knowledge to see something live.
Carlos Polop:
Yeah, that's also very true. That's also very true. But you don't want to be in that position.
Joseph Carson:
You don't want... For the speaker, it's difficult. For the audience, there's value. That's the thing is I guess I'm a perfectionist When I'm up on stage. Things for me have to go perfect. As I mentioned earlier, I've had talks where the battery went flat, I've had toasters take out electricity, and whatever you're dealt with, you just have to continue. You got to get the audience... I definitely applaud you. I was in the audience and I thought it was actually for me. I went to quite a few talks during DEF CON and it was one of my favorites. So definitely it was you both... It was your peer who was doing the background research. I can't remember his name. It was-
Carlos Polop:
I presented with Diego.
Joseph Carson:
Yeah, that's correct. And it was fantastic. And you actually did a really good... When you're presenting with two people, you did a really good back and forward between, so it was really well done.
Carlos Polop:
Just for the audience, if anyone is interested in hearing it, it is in YouTube already so you can search-
Joseph Carson:
Go ahead. Sorry. Go ahead. Go ahead.
Carlos Polop:
So it is called Exploring Linux Memory Manipulation for Stealth and Evasion. The names are what is from DEF CON 31 and the presenters are Carlos and Diego. And yeah, it's about how we can use mainly process mainly in Linux in order to load other binaries in memory and bypass several defenses related to traditional Linux defenses and also new Distroless defenses. I think it was pretty interesting, that type of stuff.
Joseph Carson:
It was fantastic. It was fantastic. I'll make sure it's in the show notes for the audience. We'll put in the links to that so it'll be easier for them to be able to find it as well.
So let's get into the main theme is that... So where did HackTricks all start? What was the starting point? Because I think I take a lot of notes and my notes are just sometimes just horrible. They're all over the place. I'm trying to organize it and trying to make it better. But for you, where did the journey start? When did HackTricks become the idea?
Carlos Polop:
Yeah, man, so it started when I was studying the OSCP, so it was around 2019. And it was because I felt a little bit overwhelmed with the OSCP because you had a lot of information, a lot of methodologies, a lot of network services, web vulnerabilities, tools, use, and everything. And I just wanted to have my own notes. And from the past I already experienced it that if I store my notes offline, at some point it was going to cross the computer, reinstall the operating system, I will lose everything. So it happened already that two or three times to me, and it was like, okay, I want to have my notes and I'm going to put them online because this way I'm not going to lose them.
Joseph Carson:
It definitely makes it safer. I run into the same challenges because I use so many devices. I've got devices for CTS with the notes, I want to have them available. And then I've got my content creation machines, I've got hacking machines, reverse engineering ones. So I'm sitting here a lot and I'm just surrounded by so many devices, and if I try to store it offline and each device and you try to sync it up afterwards and try to move it and merge it, things get overwritten. It gets very messy. So absolutely, going to an online version does simplify things a lot, especially multi-platform as well because I'm always switching in between Mac, Linux, and Windows. It does make it a little bit easier when you do have at least an online version which supports multi-platforms.
Carlos Polop:
Yeah, exactly. And it was fun because I think that... So HackTricks is living in this platform, which is called GitBook, and I think that GitBook as a company just started a couple of months before. So I just discovered it and it was one of the first guys just getting his notes and putting it in this platform. Because now I have seen there are a lot of books similar to HackTricks, usually smaller. It's complicated for a book to be bigger. And a lot of people using GitBook, but I think HackTricks was one of the first ones.
Actually, another funny story about HackTricks was that I was never expecting people to find about it. It was just like your personal notes. As a cybersecurity professional it was my personal notes, and I just bought this domain hacktricks.xyz because I liked the HackTricks domain, the idea of HackTricks. It makes sense, and also XYZ because it was the cheapest one. I didn't even know that Google was indexing pages from XYZ because it's a very malware-related domain. So I was never expecting people to find about it. But I was glad a couple of years later that people was telling me, "Hey, did you know about this book? It's great. He's sharing a lot of solutions." Like, "How did you find that? That's mine."
Joseph Carson:
I guess your intention was is that it was for your personal just easy access for you to quickly go to something to either understand about certain parameters or command lines or capabilities and do that quick copy-paste and replace the attributes.
Carlos Polop:
Exactly. Exactly.
Joseph Carson:
I mean, a lot of times, and that's what I use is more, my notes, is quick copy-paste in between different personal machines and environments. But when people start finding it, for me, especially when I was going through doing certifications or doing certain training courses and there's a specific area that I wasn't very familiar with, it was so valuable. It was so well organized. That was one of the things that I find very valuable is the organization. How would you come up with your method for organizing things? Because I think that's the challenge we all have is that I might do a Kerberos thing or I'm doing CrackMapExec or I'm doing Linux versus Windows and cloud even. How did you decide to organize it in such a way?
Carlos Polop:
Yeah, well first of all, it started with a same feeling because those were my personal notes. So everything was completely disorganized, just copy-paste stuff, just my own notes. Maybe one-third of the book was in Spanish also because they were my notes. And then people started discovering, I was like, "No, I need to change this."
And regarding organization, I don't know, man. I think I just try to keep it as simple as possible. So just to create these different sections and I will have one section of Linux, and it was a lot into previous escalation in Linux, so I just was creating subsections. To be honest, I think that when I saw a page growing a lot, I would just start dividing this page in other subpages and so on.
Also regarding organization, I think that Cloud HackTricks is much better organized because I started that one from scratch, while HackTricks, you can go to the index and find hundreds of different sections and it makes a little bit complicated to follow it. But I also think it's the essence of HackTricks that you just join and you see all this stuff and you see like, "Oh man, there is a lot of information here." And that's why I don't want to change the current organization of HackTricks. But also in order to improve this, I create the methodology sections. You will have the pen testing methodology, the web methodology, and so on in order to try to ease the use of HackTricks. But yeah, I think at some point I should even create a methodology on how to use HackTricks and how to find stuff because sometimes it's even complicated for me to find the stuff I'm looking for.
Joseph Carson:
Having some of the preface where specific, explaining here's how you can use it. But I found at least the evolution of it over the years has definitely made it much easier to see, to your point where, so you can see the index, then you see the methodologies and map a pen.
Because when I was going through quite a few CTFs, because my area is mostly in purpose distillations, but... institute..., that's not one of my greatest areas and it means that I really have to test my knowledge in certain areas. And I find it really actually to the point where it was so educational, it was actually better than most training courses I've ever been through that was able to explain things and show the relationship and show basically also how it becomes exploitable. And so I find just that side of the knowledge side, it was not just like, "Here's a command and you run it and it does this." It was always the background into how it's used, what's the method of using it, if you need to make changes as well. It was such a great educational content and I think that's the difference and that's where HackTricks really excels.
Carlos Polop:
I appreciate that because at the end, whatever I write in HackTricks, my mentality is that at some point I'm going to forget what I'm writing about. So I want to explain as easy as possible, but also with as much information as possible all the concepts inside, inside of HackTricks.
Also, something that I find interesting about HackTricks is that by time to time you're going to be reading a lot of different write-ups on the internet saying, "Hey, you have this technique to do this PostgreSQL injection." And then a couple of months later a new technique about the same topic but exploiting a different features is going to appear. And it was also seen in my own personal notes, even in HackTricks that I will have a link there, another link there, another link. And I was like, it's impossible to just read all the links about some special subject. So the goal of HackTricks is also to condense a lot of different research, putting of course in the reference the original links, and just try to explain, "Hey, you can do this, this, this and this, and you don't need to go to 10 different links. You can just see everything explaining and how is every technique related with the other one in HackTricks," which makes a lot easier to learn about new stuff.
Joseph Carson:
Absolutely. I think that's one of the things I found is, to your point, is keeping it simple and making it something that is readable. A lot of times you get into sometimes too technical where it's all just about what the tool is doing versus what is the methodology. And I think that's sometimes the difference is the methodology is the foundation. The tool is just automating it in such a way to achieve an outcome. And that methodology is maintained, which is great.
So one of the things you mentioned that you've got HackTricks and then you've got the Cloud HackTricks. What is the Cloud, what you're focusing on at the moment? Because I know you also had... One of the previous episodes we went into was talking about PurplePanda, which was fantastic as well, all about the escalation and discovery of cloud vulnerabilities and exploits. So what's expanding on the cloud side? Are you looking at more platforms or more capabilities and where's next?
Carlos Polop:
So I needed to separate Cloud HackTricks from the regular HackTricks because the regular one was just getting so big that it was getting impossible to find the stuff. So I just started Cloud HackTricks and remove or move everything related to cloud and SaaS provider, so software as a service provider, to cloud HackTricks. So actually the main goal of Cloud HackTricks is to find, to understand and be able to know how SaaS and cloud platforms can be attacked focusing on CI/CD platforms. We are talking about GitHub actions. To be honest, I will need to access it in order to remember them because...
Joseph Carson:
I have the same as just my... That's why we take notes is our memories.
Carlos Polop:
Yeah, exactly.
Joseph Carson:
Even in my age is that I have to go and look at my notes.
Carlos Polop:
So we have a lot of information about GitHub, Gitea, Concourse, CircleCI, TravisCI, Jenkins, Apache Airflow, Terraform, Cloudflare, Okta. So yeah, the goal is that I'm trying to call this Red Team 2.0. Of course it's a common Red Team, but it's more and more common to find companies that doesn't have any active directory, doesn't have any internal network, and everything is being used in SaaS providers. So they are going to using Okta as a identity provider. They're going to be using some cloud, AW, GCP, Azure. They are going to be using GitHub Actions or some on cloud CI/CD pipelines. And you no longer are going to be attacking an internal network. You are just going to be finding some tokens. And from those tokens you need to be pivoting between platforms.
And as a Red Teamer, I sometimes feel overwhelmed when I feel like, okay, I have these API tokens. What can I do with you? What is the platform meant to do? How can I access the API? So the goal of Cloud HackTricks is to just explain the most common SaaS providers and tell you, "Hey, these are attack vectors. This is how you can use the API. This is how the CI/CD pipeline works. This is how you could abuse the CI/CD pipelines and even steal other secrets or just abuse trust relationships to pivot between different cloud platforms. We are no longer talking about pivoting inside an internal world because there is no internal network."
Joseph Carson:
Absolutely. And that's one of the things I've seen last year. One of a lot of the big trends was, and if you were going to lots of conferences and events, the big trend was that the switch to targeting cloud infrastructures and cloud environments and also APIs. APIs was the initial access vector. And then basically what happens is that once they get into one of those cloud environments, it's almost like fully trusted between all of the resources and all of the integrations to the point where you've got that full trust and you can simply just move around the network freely. Once you have those API tokens, once you've been able to exploit them, it's completely trusted. And it seems to be that it's in order to make sure that things work, and people are afraid to start hardening because then they start breaking things, just like you did an on-premise traditional systems.
And I think one of the areas is that really we need to have more knowledge into hard and properly hard. Where's the vulnerabilities? What's the best practices? And this is you might get certain skilled resourcers who focus on different cloud providers, but really getting that holistic architecture knowledge across all of them is quite difficult these days. So I think what you're doing is building that foundation of how does it all work together and what's all of the vulnerabilities and exploits and can lead in a lot of the factors that we're going off. I think this is going to be definitely so valuable for at least defenders of those who's hardening these environments to really find that what's the most targeted vulnerabilities and how they make sure that they reduce the risk as much they can.
Carlos Polop:
Exactly. And also in cloud, actually there is another section about cloud providers. So we are talking about AWS, GCP, Workspace from Google, Azure, Azure ID or Entra ID.
Joseph Carson:
Entra ID these days.
Carlos Polop:
And for others such as DigitalOcean.
But well, the goal of this section of Cloud HackTricks is to explain. So what I have seen is that a lot of companies are trying to move to cloud without any kind of previous experience in cloud. So they are just going to be doing nastier stuff when moving to cloud. Like, "Hey, just expand these two instances. Let's give administrator access to a lot of users because I don't understand IAM permissions in AWS, so just give everything. We will fix this. Let's run production and development in the same AWS account," and all these bad practices.
Just because people think that cloud is very easy, and it actually is, but it's very easy to use it poorly. In order to use it in a secure way, you need to know what you're doing. So the goal of this section of Cloud HackTricks is to explain things of different services on these platforms, explain how they can be used, how they can be securely configured, and also how they can be abused for previous escalation, post-exploitation, persistence. So the goal of Cloud HackTricks in this matter is no longer just focus only on offensive security, but also on how a service can be used, and then how a service can misuse.
Joseph Carson:
So... to the purple side of things, really. It's becoming a purple resource that allows you to really can look at it from an attacker perspective so you can actually look at your environment, how an attacker sees it, but also give you the recommendations into how you actually get from the defensive capability. And it's no longer... You can't do one without the other. It's ultimately you have to know what the exploits are and what the risks are and then you have to know what you need to do in order to remediate and to close and harden the systems.
Carlos Polop:
Exactly. Also, because I guess that most of the pen testers that go to Cloud HackTricks actually doesn't have much prior experience with the cloud. So they also need to understand the foundations in order to understand the attacks. So in this case, it's meant for both system and state of Blue Teams and also Red Teams and pen testers just to understand how everything is working in order to understand the vulnerabilities. And actually, I like a lot the organization because in both factors you will go to the AWS and you will find the basics, the services, how every service work, how you can enumerate it, and then you will go to sections about post exploitation, pre-escalation, persistence. So if I need to be much better organized.
Joseph Carson:
I want to switch into some of the things that you recently added. You started doing training, which is you started with the ARC training. So what was the idea behind that and how has it been going and what's next when it comes to the training side?
Carlos Polop:
So the idea behind the ARTE certification, which is AWS Red Team expert, was that, do you know that in cybersecurity there are a lot of companies dedicated to create trainings but there weren't that many focus on offensive security in cloud environments. And what so is that most of the companies or all the companies giving trainings in this subject, especially digital training, so no going to a conference and having a training, just buying maybe some training online. It was they will give you some laboratories, some prepared environments, and then you will need to find the proper tools to complete the laboratories.
And this is definitely a way for learning, but it's not my favorite way because you're going to be learning what you find on the internet, you're going to be focusing on the specific problem you have, but you are not going to be learning all the basics, all the foundations. You're not going to be learning about other services but the ones that you have in those specific laboratories. And I found it to be a little bit lacking, especially in AWS and GCP because there is much more training about Azure. That's why we start focusing on AWS.
Joseph Carson:
Perfect.
Carlos Polop:
So the goal of the course that we created is that we are going to be starting from the beginning, supposing that nothing about AWS, and we are going to explain what is an account, what is an organization, how is the hierarchy of AWS? Then we are going to be explaining with a lot of videos, with a lot of demos, a lot of different services so you just don't focus in two or three services. We have 20 or more than 20 AWS services. And for each service that you explain, you are going to be having some small laboratories. So we explain a lot of techniques. I do a lot of demos in the videos. And then you have your custom AWS account with your laboratories and you're going to be able to do specific actions that you are going to be receiving help because you're going to say, "Hey, you have these permissions. Check this actor's page," but you're not going to be having the solutions.
So if you want to find the flag, you need to learn what is going. ...copy based, which is a nightmare for some people. But at the end, everyone is grateful because it's the only way you are going to learn without giving you the straightforward solutions.
And then at the end of the course, you will have methodologies for Red Teams, for white box assessments. So you will learn AWS and they will learn how to do proper engagements in AWS. So we wanted to create this full course where you go from zero to hero and you're actually able to perform pen test and Red Teams in AWS in this case because this occurs for AWS, but we are close to release the course for GCP and Workspace also.
Joseph Carson:
Oh, fantastic. So it's a really exploratory type of learning method rather than just, "Here's the thing. Go through it A to Z," and you've done it.
Carlos Polop:
Exactly.
Joseph Carson:
You actually have to explore. Which I think is one of the best ways because it really forces you to go and understand the background, how things actually work properly. And sometimes you do have to do a lot of research yourself as well, and even going through the process of following you step by step. So is the course online or in person and how long is the course itself? How long is the training?
Carlos Polop:
So the course is online. You can find it in training.hacktricks.xyz. It's a self-based course. So you have just the videos, you have your own laboratory, and you just do it whenever you have the time. And it will have more than 50 laboratories, more than 20 hours of videos. So to be honest, the time it takes depends on lot of the people and on the background that they have. But we offer 45 days of laboratories that we are going to increase to 60 days in a couple of weeks once we manage to optimize the laboratories. So yeah, I will say that it should take maybe month and a half to finish it. And they're going to be having a final exam just to prove that you have the knowledge. And yeah, the final exam we have three different flags. If you find all of them, you will immediately get your certificate and you will have the certification of the course, of the certification.
Joseph Carson:
Fantastic. It sounds like the whole journey from you taking the path that you went and taking your notes and documentation and creating HackTricks and moving it to cloud, it's the evolution of how you would've seen to be trained.
Carlos Polop:
Yeah, exactly.
Joseph Carson:
Passing that on and actually creating something because there's always a gap in the industry ... is that getting into is the knowledge transfer, and also getting into where you wanted immersive training as well where it's really interactive style of training rather than just taking it from the old traditional old school industry focused methods. I think that's what I find as well is that the knowledge transfer is getting much more seamless and much more available for people to get into the industry. So really what you've done is you've created the foundation of the next generation of people who would come to replace us, which is ultimately sometimes it's that we have to pass on the flag at some point. We have to.
Carlos Polop:
I'm part of HackTricks because of that. I know a lot of people just learning in the past years, all of them know HackTricks. All of them are very grateful or have this organization. Of course, I need to mention that HackTricks is not built on my peer knowledge. It's built on what I'm learning about, reading new write-ups of new research of other people. And now I have a community. I know a lot of people that is sending everything they research, every new trick defined that is not yet in HackTricks that will send a pull request to GitHub and just collaborate. And this is helping a lot to people from all around the world to learn about cybersecurity. Also, something fun about HackTricks is that it is now translated into 17 different languages, and every pull request, every chance that is performing HackTricks is being translated to these languages because at the end, the goal is to just get cyber technical cybersecurity closer to everyone in the world and allow people to learn on their own about cybersecurity.
Joseph Carson:
Absolutely. That's one of the things, the challenge we've always had in the past to your point is that it's always been isolated into main languages and translation always was difficult to get it to a lot of those countries where they need it where they may not have the skills or knowledge, sort of the training courses available, and having to translate it just because of the navigational acceleration that they may have not had in the past.
So what's next? What's next for you? What conference do you want to speak at next? What's the next coin that you want to achieve or what's next for HackTricks?
Carlos Polop:
So that's a good question. For HackTricks training, we are looking forward to release the Workspace and GCP course before summer, and maybe after summer we have the time we'll release course for Azure just to have the three main goals as training.
For HackTricks as its own, to be honest, I think he just have enough movement. So I have a lot of people sending pull requests. I still see it like my personal notes, so it's not like I will dedicate my full-time job to HackTricks. I will just write whatever I'm learning new, I'm pulling HackTricks and trying to help people. So yeah, all I want to HackTricks is just to continue as a community project for everyone. Actually, I'm training my brother for giving him the access and the maintenance of HackTricks because I'm getting too busy, man. So yeah, I'm doing that.
Regarding conferences, I will be talking in a conference in Malaga in Spain in May. I will be training the European, the team Europe for the next ICC where it's going to be celebrated in Chile. I think it will be at the end of October. So that's going to be pretty fun. Also, I sent a couple of call for a call for paper and call for training to DEF CON this year. This year I'm completely changing topics. I'm going to be talking about macOS in the call for paper in case they select my talk, and also will be given a training about AWS and GCP in DEF CON in case they select my training because I don't know nothing about that yet.
But to be honest, I'm stepping down a little bit in talks and conferences, and I would like to relax for maybe one or two years, maybe 2025, 2026. Because at some point I realized that I was doing some researching just to have something for the next year to give a talk just because people was expecting me to be giving talks in some Spanish conferences. And I realized that I'm not longer enjoying that that much because I'm feeling the pressure to give a talk, so I'm not enjoying it and then giving a talk. So I probably will be stepping down for conferences and so on for the next two years just to relax a little bit and learn about the world.
Joseph Carson:
Absolutely, I mean it's a tough balance as well. Even Alan Moll was challenged with the same is that how much time I'm spending in doing the research and playing in the lab. And then trying to reuse content because a lot of times the conferences want exclusive talks, and I don't think that's something that's scalable and something that researchers want to be in the situation. So you want to be able to repeat it and get it to as much as all these possible. But yeah, I hear you. It is a fine balance. My preference is always to research the things I enjoy doing and then of it makes a good talk, I then try to convert it into the talk. Then I submit the CFPs for it. And then you hope that if the interest that conferences want to hear, but sometimes it's hit-and-miss.
Carlos Polop:
Exactly. I completely agree. And also I love doing trainings because you can have the other content, people will change and you can reuse the content for training and people will get benefits, but regarding the taxes, what you say, you need to have novel topics, novel research, novel vulnerabilities, CVs and this stuff. And this year I just felt like, hey, I'm no longer doing this for fun. I'm just doing it to have something to solve in a conference, and I just want to step down from that path. I don't enjoy that. Yeah, you completely understand this.
Joseph Carson:
I do. Sometimes it's just that balance. For me, it's finding that things that I enjoy talking about is what I try to emphasize. And if it's something that you're doing the research just because it's a topic that the conference wants, it's the reverse way of doing it.
But Carlos, it's always awesome talking to you. I always enjoy catching up, chatting, and hopefully we'll get to catch up somewhere near soon. If I can get my way to Spain I can probably catch up in... week. But otherwise, definitely if there's things that I can do for you, always feel free to reach out. So for the audience, what's the best way for the audience to stay in contact with you and to reach out?
Carlos Polop:
So I think the main way will be via LinkedIn. So if you search for me, Carlos Polop in LinkedIn, you can just easily find me. And if you have any questions about HackTricks or this stuff, conferences or whatever or maybe HackTricks training, just ping me there and I will respond. Don't do it anymore in Twitter because I am moving Twitter to another person. So to contact me, it's better to use LinkedIn.
Joseph Carson:
Fantastic. And we'll definitely make sure that all of the links to HackTricks and the training courses and all the content are made in the show notes, so it'll be much easier to find those.
Carlos Polop:
I appreciate it.
Joseph Carson:
As always, it's fantastic. Any final words or wisdom that you'd like to leave the audience? Any tips or tricks or suggestions?
Carlos Polop:
I don't know, man. Just as always, if you are technical in cybersecurity, just enjoy it. At some point you lose that path, especially where you are working as a pen tester. At some point you'll think more about the money than about technical. At that time, I guess you just need to step back, see what you relax and just continue with your movement because you can get your hobby being your work or your work being your hobby, is on you.
Joseph Carson:
Absolutely. That's always the challenge. And I think we both come from that same background, is that for me, technology and being a geek is my passion hobby. And it's always the fine line about, okay, how do I keep it that way? Other priorities don't overshadow it. I think that's wise words is that always do what you enjoy doing and try to spend as much time... There's always going to be things you have to do, the reporting, the documentation, taking notes, and testing things, but try to make sure that you're getting the fine balance between stuff that you really enjoy that really drives the passion.
So Carlos, as always, fantastic. Many thanks for being on. Hopefully catch up with you again soon. For the audience, tune in every two weeks for the 401 Access Denied podcast. We're really here to bring you the world leaders in cybersecurity that really are changing the future and really establishing the next generation of security professionals. So Carlos, as always, keep up the amazing work and stay safe, enjoy what you're doing, and keep the passion up.
Carlos Polop:
Thank you. Thank you again for the invitation. It was great as always.
Joseph Carson:
You're welcome. Everyone, all the best, take care, and stay safe.