I'm Benito. I'm a college student who's been interested in cybersecurity since before high school. People often ask me how I got my start, and honestly, it was a deep sense of curiousity that drew me into this field. In seventh grade, my father got me a laptop, and I discovered command prompt. A blinking cursor at a terminal, that looked straight out of a hacking movie. Then came the questions— which I've been answering ever since. The way I learn is by hands-on labs: setting things up, breaking them, fixing them, and learning about what happened at each step.

> What I'm working on

Lately, I've been spending most of my time around enterprise-style environments— the kinds of systems that feel closer to how organizations actually operate. Authentication, permissions, network boundaries, misconfigurations, etc. I also build a lot of my own labs. Physical setups, virtual ranges, half-finished experiments, because for me it's the way that sticks. I like knowing how the whole thing works, end to end.

> How I think about security

To me, security is fundamentally about pattern-recognition; understanding systems well enough to notice when something feels off. Deep knowledge of both attack tactics and techniques and defensive tooling and infastructure is what enables a good security team to become great. I find Offensive security fascinating because it's all about being creative and methodical at the same time- you're finding something other people missed. However, I'm also interested in the defensive side of the story- what breaks, why it breaks, and how people miss it. Especially nowadays, with the AI 'boom', it's increasingly common for organizations to throw AI systems at their security problems, which often lack contextualization and can lead to knowledge gaps— and ultimately, security gaps. On the other side of the problem is script kiddies that can just 'point and shoot' exploits at systems, without understanding what's happening. I use AI in my learning process, but deliberately and warily. To me, AI is a supplement, not a substitution, for understanding. Writing, in particular, is part of the learning process for me. If I can't explain something clearly, I usually don't understand it as well as I think I do.

If you can explain something clearly, you truely understand it. And when you teach it or explain it to someone else, you're forced to really understand it. Especially in Cybersecurity, where the boundaries are being pushed every day, the best teachers are students who never stopped learning.

> What you'll find here

On this site, you'll find:

• Writeups from CTFs, labs, and things I broke on purpose
• Projects that mix hardware, software, and networking
• Notes on experiments that aren't finished yet (and might never be)
• Occasional longer reflections when something sticks with me

Some posts are technical, some are more reflective, but all of them are my honest voice.

> Where I'm headed

I'm early in my career, and honestly I'm excited about that. I've talked to a lot of senior, C Suite, and even midrange engineers who are so locked into their careers, they don't get much time for hands-on projects, which is the fun part, in my opinion. That said, I'm building toward a career in offensive security: threat hunting, penetration testing, red teaming— but I'm more focused on building solid fundamentals right now, than rushing into titled positions.

Who is Paperclips Vinny?

If you've read this far, you deserve the truth. 'Paperclips Vinny' is me, and I am 'paperclips vinny'. The username started as a screen name (it's a reference to a character in the movie Atlantis) to maintain my privacy while exploring the many facets of cybersecurity, and just slowly became my defacto online handle.

Anyways, have fun exploring this website and I hope you find what you're looking for. Happy Hacking! </>