Home
daniel@ploetzl: ~
daniel@ploetzl
~
$ whoami
Daniel Plötzl
Penetration Tester / Red Team Operations
daniel@ploetzl
~
$ cat focus.txt
System exploitation mechanisms • Process behaviour • Detection analysis
Penetration testing fundamentals • Endpoint testing • Observability evasion
daniel@ploetzl
~
$ ls -l skills/
drwxr-xr-x linux-internals/ # process lifecycle, signals, execution model
drwxr-xr-x system-interaction/ # X11, input grabbing, session-level exploitation
drwxr-xr-x execution-labs/ # runtime behaviour, process orchestration, forensic visibility
drwxr-xr-x pentesting-basics/ # attack surface analysis, system behaviour testing
daniel@ploetzl
~
$ systemctl status motivation.service
● motivation.service - Offensive cybersecurity development track
Loaded: loaded (/usr/lib/systemd/system/motivation.service; enabled; preset: enabled)
Active: active (running) since Tue 2024-04-02 09:42:00 CET; continuous
Main PID: 42 (hands-on-security-learning)
Status: "Preparing for CRTP certification, building offensive tooling"
daniel@ploetzl
~
14
CTF Challenges
7
Write-ups
4
Offensive Labs
24
42Vienna Projects
Portfolio Purpose
This website documents my transition to and development in penetration testing and Red Team operations through hands-on systems programming, CTF challenges and development of offensive cybersecurity-oriented labs and tooling.
What you'll find here:
• Technical write-ups focused on Red Team operations and penetration testing
• Small lab tools exploring system exploitation and session control mechanisms
• Experiments designed to analyse system behaviour and observability evasion under controlled conditions
What you'll find here:
• Technical write-ups focused on Red Team operations and penetration testing
• Small lab tools exploring system exploitation and session control mechanisms
• Experiments designed to analyse system behaviour and observability evasion under controlled conditions
Recent Write-ups
[2026-05-03]
Linux user-space workspace relocation into RAM with explicit, encrypted persistence. Demonstrates separation of runtime and durable state, controlled commit semantics and the impact of execution context on filesystem visibility and monitoring.
[2026-04-19]
USB Human Interface Device (embedded system, RP2350) project, emulating keyboard and mouse input using a single USB interface to analyse endpoint behaviour and input injection scenarios.
[2026-04-02]
User-space X11 project, creating an override-redirect fullscreen window, bypassing the window maanger, grabbing all keyboard and mouse input and locking user session at display level without elevated privileges.
[2026-03-21]
Penetration testing methodologies, legal frameworks, rules of engagement and testing scopes (black/grey/white box).
[2026-03-08]
Linux user-space process orchestration and lifecycle manipulation project, using RAM-backed self-migration, concurrent payload execution, randomised scheduling and aggressive process group termination. Includes a monitoring component that tracks transient process populations and runtime behaviour in real time.
[2026-02-10]
Detection types, lifecycle and frameworks (ADS, DML, ATT&CK) for building sustainable threat detection programs.
[2026-01-26]
Foundational log analysis covering data sources, collection, formats and hands-on authentication log investigation.
[2026-01-19]
Bash script for system authentication logs (/var/log/auth.log): extracts SSH auth events, highlights failed logins, patterns and possible compromises.
daniel@ploetzl: ~
daniel@ploetzl
~
$ date
daniel@ploetzl
~
$ exit
The system will reboot now!
Connection to 100.64.0.16 closed.