Omar Santos

Cyber Security, Technology, Science, Math, and Tech Stuff

About Omar

Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure.

Omar is the author of over 20 books and video courses; numerous white papers, articles, and security configuration guidelines and best practices. Omar is a Principal Engineer of Cisco’s Product Security Incident Response Team (PSIRT) where he mentors and lead engineers and incident managers during the investigation and resolution of security vulnerabilities.

Current Projects

Chair of the OASIS Common Security Advisory Framework (CSAF) Technical Committee

The Art of Hacking Video Courses

The Art of Hacking is a series of video courses that is a complete guide to help you get up and running with your cybersecurity career. You will learn the key tenets and the fundamentals of ethical hacking and security penetration testing techniques. These video courses provide step-by-step real-life scenarios. You will see first hand how an ethical hacker performs initial reconnaissance of a victim and assess systems and network security controls security posture. Details about these courses can be found at:
The following are the different video courses that will be part of the Art of Hacking series:

These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts.

Safari Cybersecurity Related Live Training

I am often delivering several live training sessions in Safari. . You can obtain more information about these live training sessions at:
The following are the live training sessions that I am delivering in Safari:

DEFCON Training

  • Intense Introduction to Modern Web Application Hacking - This course starts with an introduction to modern web applications and immediately starts diving directly into the mapping and discovery phase of testing. In this course, you will learn new methodologies used and adopted by many penetration testers and ethical hackers. This is a hands-on training where will use various open source tools and learn how to exploit SQL injection, command injection, cross-site scripting (XSS), XML External Entity (XXE), and cross-site request forgery (CSRF). We will wrap up our two hour fast-paced course by unleashing students on a vulnerable web application with their newly found skills.


  • WebSploit is a virtual machine (VM) created by Omar Santos for different Cybersecurity Ethical Hacking (Web Penetration Testing) training sessions . The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications. This is an all-in-one Kali + Vulnerable Applications standalone VM designed for you to practice your skills in a safe environment.

PSIRT openVuln API

My GitHub Corner

Books and Other Publications

The following are my current publications: