I'm Benito. I'm a college student who's been interested in cybersecurity since before high school. People often ask me how I got my start, and honestly, it was a deep sense of curiousity that drew me into this field. In seventh grade, my father got me a laptop, and I discovered command prompt. A blinking cursor at a terminal, that looked straight out of a hacking movie. Then came the questions— which I've been answering ever since. The way I learn is by hands-on labs: setting things up, breaking them, fixing them, and learning about what happened at each step.

> What I'm working on

Lately, I've been spending most of my time around enterprise-style environments— the kinds of systems that feel closer to how organizations actually operate. Authentication, permissions, network boundaries, misconfigurations, etc. I also build a lot of my own labs. Physical setups, virtual ranges, half-finished experiments, because for me it's the way that sticks. I like knowing how the whole thing works, end to end.

> How I think about security

To me, security is about patterns. Understanding systems well enough to notice when something feels off. Offensive security is so interesting to me because it's all about being creative and methodical at the same time- you're finding something others missed. I'm also interested in the defensive side of the story, though- what breaks, why it breaks, and how people miss it. Especially nowadays, with modern AI advancements, it's even easier for organizations to throw LLMs at their problems, which often miss contextualization and can lead to huge knowledge, and thus, security gaps. On the other side of the problem is script kiddies that can just 'point and shoot' exploits at systems, without understanding what's happening. I DO use AI in my learning, but not without understanding what's going on. I don't use AI in the creation of my posts. Writing is part of the learning process for me. If I can't explain something clearly, I usually don't understand it as well as I think I do. The best students are teachers.

> What you'll find here

On this site, you'll find:

• Writeups from CTFs, labs, and things I broke on purpose
• Projects that mix hardware, software, and networking
• Notes on experiments that aren't finished yet (and might never be)
• Occasional longer reflections when something sticks with me

Some posts are technical, some are more reflective, but all of them are my honest voice.

> Where I'm headed

I'm early in my career, and honestly I'm excited about that. I've talked to a lot of senior, C Suite, and even midrange engineers who are so locked into their careers, they don't get much time for hands-on projects, which is the fun part, in my opinion. That said, I'm building toward a career in offensive security: threat hunting, penetration testing, red teaming— but I'm more focused on building solid fundamentals right now, than rushing into titled positions.

Who is Paperclips Vinny?

If you've read this far, you deserve the truth. 'Paperclips Vinny' is me, and I am 'paperclips vinny'. The username started as a screen name (it's a reference to a character in the movie Atlantis) to maintain my privacy while exploring the many facets of cybersecurity, and just slowly became my defacto handle.

Anyways, have fun exploring this website and I hope you find what you're looking for. </>