I am Pedro Sánchez Cordero, author of conexioninversa.

If you have come this far, it is because you are interested in cybersecurity and more specifically in Red Team, Threath Hunting and of course, my beloved DFIR.

As you may have been able to appreciate, the old conexioninversa blog is no longer accessible, after many deliberations and nightly thoughts, I have thought that many of its contents were discontinued many years ago and in practice (today) they did not have much utility.

After that, keeping the forensic part and giving a touch incorporating "threat hunts" to the blog, I thought of creating this site with more current content.

As always, I thank you for being faithful readers of the blog that really is yours.


Access the technical content GitHub Wiki or if you prefer the code Github repositories.


  • I have worked in important companies as a consultant specialized in Incident Response, Honeynets, intrusion detection, honeynets and pen-testing. I have implemented ISO 27001, CMMI (level 5), PCI-DSS standards and various security methodologies, especially in the banking sector for more than ten years.
  • I also collaborate on Incident Response, security and computer forensics with various organizations and with state security forces and companies and foreign agencies.
  • I have developed open source tools for the forensic community and I have also programmed exploits for the IoT world.
  • I have participated in the LookShields conference organized by the Ministry of Defense. I also have Nato Secret clearance.
  • I have worked in the RedTeam and BlueTeam area of ​​Bitdefender analyzing malware and persistent attacks for more than four years.
  • I am the founder of the blog CONEXIONINVERSA and Professor of the INCIBE Summer BootCamp.
  • I have also worked for four years at Deloitte as Incident Response Service Delivery Manager - DFIR
  • Instructor of the Master of the UCLM (University Castilla La Mancha)
  • Instructor of Forensic Analysis and Malware of the Certified Cyber ​​Security Professional (CCSP) course of the ISMS Forum
  • I am currently a forensic investigator in the Response area of ​​Banco Santander
  • Speaker at various Cybersecurity conferences (RootedCon - BugCON - INCIBE - Sh3llCon - CCN CERT).