M.Sc. Lukas Marckmiller – Online Resume

M.Sc. Lukas Marckmiller  Penetration Tester
Email
[email protected]
German
LinkedIn
Phone
+4916097039375
https://lukasmarckmiller.meGitHub
GitHub

Professional Experience

Penetration Tester, ETAS GmbH

Conducting penetration tests and reverse engineering on mobile and web applications, APIs, enterprise systems, cloud environments, and embedded devices for medium to large clients in the mobility sector. Involved throughout the entire process, including customer consultation, proposal preparation, project planning, assessment execution, detailed technical reporting, and providing remediation advice on both strategic and technical levels.

2022 – presentMunich, Germany

Leading penetration testing and consulting projects as Project Lead, including responsibility for planning, execution, and client communication. Managing and coordinating a team of subcontracted penetration testers.

Performing manual source code audits in C, C++, Java/Kotlin, and JavaScript, with a focus on identifying vulnerabilities in security-critical components and recommending improvements. Expertise ranges from low-level authentication mechanisms in resource-constrained embedded systems to validation and quality-of-service (QoS) checks in protocol-rich, application-layer systems with fundamentally different architectures and use cases.

Serving as topic lead for an internally developed Capture-the-Flag (CTF) workshop. Responsible for both strategic and technical development, including customer acquisition, planning, and hands-on delivery of workshops.

Working student Penetration Testing / Red Teaming, Siemens

Enhanced a password-cracking platform based on Hydra and John the Ripper with features like automatic hash identification, optimized configurations, intelligent wordlist/rule selection, result visualization, and performance improvements.

2020 – 2022Munich, Germany

Red teaming campaign for a critical infrastructure client, including the execution of a spear phishing operation to achieve initial compromise.

Working student Security Analysis, Siemens

For my bachelor's thesis, I worked on a device to simplify the forensic process of disk imaging for mobile devices. The goal was to convert an inexpensive and portable single-board computer into a performant and reliable forensic duplicator.

2019Munich, Germany

Internship and working student, MVI SOLVE-IT GmbH

Creating risk assessments and security concepts as Security Manager in Process (SMP) in the automotive context. Working as Software Developer mainly on Java backend components.

2017 – 2019Munich, Germany

Education

Master of Science, Technical University of Darmstadt

2019 – 2022Darmstadt, Germany

Bachelor of Science, HM Hochschule München University of Applied Sciences

2015 – 2019Munich, Germany

IT specialist - Software Development, DM Dokumenten Management GmbH

.NET Developer

2011 – 2014Puchheim, Germany

Skills

Web Security
Backend, Cloud, Web App, API with BurpSuite, Bruno and more
Enterprise Security
Active Directory, Kerberos, Entra ID
Embedded Security
Hardware, IoT, Automotive
Software development
Python, C++, C, Java/Kotlin, Go
Mobile Security
Android and iOS with a focus on native app frameworks
Security Analysis
Reverse Engineering, Binary Analysis, Malware Analysis with JADX, Ghidra, Radare and Frida
Security Audit
QNX, Linux, Cloud (Azure), Webserver

Certificates

OSCP - Offensive Security Certified Professional2025
eWPT - Web Penetration Tester2023
eCPPTv2 - Professional Penetration Tester2024
eJPT - Junior Penetration Tester2023
eMAPT - Mobile Penetration Tester2023