David Bla — Ethical Hacker & Security Professional

# whoami

I'm a security-focused IT professional who breaks things for a living — then helps build them back stronger. With deep experience in penetration testing, exploit development, and offensive security research, I operate at the intersection of hacking and engineering.

I architect and automate complex systems, build API proxies, create security testing infrastructure, and develop custom exploits. My approach: if it can be automated, it should be. If it can be broken, I'll find how.

When I'm not finding vulnerabilities, I'm building tools that help others test their defenses — from file download testing platforms to DNS exfiltration demos.

🔓

Offensive Security

Pentests, Red Teams, Custom Exploits

🛠️

Full-Stack Engineering

Python, JS, Go, APIs, Infrastructure

🌐

Network Security

DNS, TLS, Protocol Analysis

🤖

Automation

CI/CD, Docker, Security Pipelines

# cat skills.txt

Offensive Security

Penetration Testing Exploit Development Red Teaming Web App Security Social Engineering Reverse Engineering

Network & Protocol

DNS Security DNS Tunneling TLS/SSL HPKP Network Analysis Wireshark

Development

Python JavaScript Go FastAPI Node.js REST APIs

Infrastructure

Docker Nginx Linux CI/CD Cloud Security Automation

# DNS Exfiltration Demo

DNS is often overlooked as a data channel. Attackers can encode stolen data into DNS queries that pass through firewalls unnoticed. This interactive demo visualizes how DNS-based data exfiltration and covert communication works — entirely client-side, no actual data leaves your browser.

Configuration

Mode

Secret Data

Attacker Domain

Encoding

Chunk Size (bytes per query) 16

Speed (ms between queries) 500ms

Live DNS Query Log

Press "Start Exfiltration" to begin the simulation...

💻

Victim

DNS Query

🛡️

Firewall

PASS

Recursive

☠️

Attacker DNS

Reconstructed Data (Attacker Side)

Waiting for data...

How It Works

Data is encoded (hex/base32/base64) and split into chunks that fit within DNS label limits (63 chars). Each chunk becomes a subdomain of the attacker-controlled domain. Standard DNS recursion delivers the encoded data to the attacker's nameserver logs.

Why It Bypasses Firewalls

DNS traffic (UDP/53) is almost always permitted outbound. Most firewalls and proxies don't inspect DNS payload content beyond basic formatting. The queries look like normal subdomain lookups.

Detection Strategies

Monitor for unusually long subdomain labels, high entropy in domain names, abnormal query volume to a single domain, and TXT record queries with large responses. Passive DNS analytics and ML-based detectors can flag these patterns.

# ls projects/

📦 Live

File Download Testing

Platform to test file download security mechanisms — network-based blocking, inline AV scanning, HPKP pinning, transport obfuscation, and more.

PythonFastAPIDockerNginx

🔧 Coming Soon

Security Toolbox (PWA)

Client-side security & developer tools — date/timestamp converters, encoding tools, diff viewer, URL en/decoding. Like CyberChef, but focused.

JavaScriptPWAClient-Side

🌐 Research

DNS Exfil Toolkit

Tools and research around DNS-based data exfiltration, covert channels, and C2 communication. Detection strategies and proof-of-concept implementations.

PythonDNSScapyResearch

🛡️ Pentesting

Custom Exploit Development

Original vulnerability research and exploit development. Responsible disclosure and security advisory work.

CPythonAssemblyReversing

# ping david

david@srv: ~/contact.sh

david@srv:~$ echo $EMAIL

david@davidbla.de

david@srv:~$ gpg --armor --export david@davidbla.de