PlaSysX

Hi, I'm Saúl Ruiz

Cybersecurity Analyst · Offensive Security · Pentesting

I identify and document security flaws in systems and applications before attackers can exploit them.

Ethical HackingWeb SecurityVulnerability AnalysisSecurity Research
View ProjectsContact MeLinkedInDownload CV
Saúl Ruiz Plaza

Saúl Ruiz Plaza

Cybersecurity Analyst · Offensive Security · Pentesting

Identity

About

I'm Saúl Ruiz Plaza, a cybersecurity analyst focused on pentesting, offensive security and technical analysis.

I like understanding how systems work internally, testing things, breaking them in controlled environments and documenting what I learn along the way. That's why I usually work on labs, write-ups and projects where I practice enumeration, exploitation, privilege escalation and web security.

My SOC experience has also helped me a lot, because it allows me to see cybersecurity from both sides: how threats are detected and how an attacker may think.

I use PlaSysX as my personal brand to share projects, technical content and everything I'm building within the cybersecurity world.

Saúl Ruiz Plaza speaking at Sysmana

Method

How I Work

My approach to offensive security combines technical analysis, hands-on practice, clear documentation and defensive context.

Understand the target

Before testing anything, I try to understand what the system exposes, how it is built and what context surrounds it.

Enumerate with purpose

For me, enumeration is not about following a checklist, but about collecting information to decide the next logical step.

Validate findings

When I find a possible issue, I validate it carefully in a controlled environment, avoiding assumptions without evidence.

Document the process

I care a lot about documenting the process properly so the work is reviewable, reproducible and easy to communicate.

Correlate offense and defense

My SOC experience helps me understand how offensive actions are detected and analyzed from the defensive side.

Trajectory

Experience

SOC operations

Alert analysis

Vulnerability validation

Technical reporting

Cybersecurity Analyst

IaaS365

May 2026 - Present

Cordoba, Andalusia, Spain · Hybrid

Main work

I am part of the CyberSOC team at IaaS365, working on monitoring and security analysis for real client environments.

My activity focuses on investigating security events through SIEM and XDR technologies, contributing to the detection, management and response to alerts. I also collaborate on technical audit projects aimed at evaluating and improving the security of the analyzed environments.

SIEMXDRMonitoringIncident HandlingDocumentation

ASIR Internship - SOC Analyst

IaaS365 · Dual Vocational Training

Jan 2026 - May 2026

Cordoba, Andalusia, Spain · Hybrid

Main work

Worked inside the CyberSOC team on security operations, threat intelligence, incident analysis, vulnerability research and client-oriented technical reporting.

Collaborated on automation and digital surveillance improvements, including Python tools for OSINT data collection and processing, plus integrations for alert and data management.

Participated in technical meetings and result presentations while working with SOC-related technologies such as SIEM/SOAR, Splunk, Trend Micro Vision One, Pentera, Nessus, Proxmox and n8n.

SIEM/SOARSplunkTrend Micro Vision OnePenteraNessusProxmoxn8nPythonOSINTCTI

ASIR Internship - IT Support and Systems

Bodegas Campos · Dual Vocational Training

Jan 2025 - Mar 2025

Cordoba, Spain · On-site

Main work

Worked on IT support and systems management, including device preparation, operating system updates, software installation, hardware maintenance and support for internal users.

Supported information management with Microsoft Access and Excel, and gained experience with business tools such as SAGE and POS systems.

Performed basic networking and troubleshooting tasks, including cable crimping, network device configuration, Wireshark analysis and small process improvement proposals.

WindowsHardwareMicrosoft AccessExcelSAGEPOS systemsWiresharkNetworkingPower Automate

Academic base

Education

IES Gran Capitan

Higher Technician in Network Computer Systems Administration (ASIR)

Sep 2024 - Jun 2026

I completed the ASIR vocational training program, working with Linux and Windows operating systems, networking, network services, databases and virtualization environments.

During the program, I developed cybersecurity-related skills such as system administration, basic network analysis, service configuration, user and permission management and incident resolution in laboratory environments.

I also worked with virtualized environments, which allowed me to practice machine deployment, service configuration and testing in controlled scenarios.

Linux System AdministrationWindows System AdministrationNetworkingDatabasesVirtualizationNetwork ServicesCybersecurity fundamentals

IES Blas Infante

Bachillerato + Baccalaureat / Bachibac

Sep 2022 - Jun 2024 · 7.74

I completed the Bachibac program, a double qualification that combines the Spanish Bachillerato with the French Baccalaureat. This gave me a bilingual academic background in Spanish and French, as well as a multicultural perspective.

During this period, I developed advanced French language skills, achieving a certified B2 level, while also improving my oral and written communication skills in both languages.

I also participated in academic projects, research assignments and oral presentations in Spanish and French, strengthening my analytical, presentation and academic work skills in bilingual environments.

Technical work

Projects

WriteUps CTF Solutions

WriteUps CTF Solutions

A technical repository where I document CTF solutions and lab work with an offensive methodology: enumeration, exploitation, privilege escalation, evidence collection and reproducible notes that make each path understandable.

CTFWrite-upsLinuxWeb SecurityPrivilege EscalationEthical Hacking

SecureYourPass

Coming soon

???

Coming soon

Visibility

Talks & Achievements

Cybersecurity Workshop - Sysmana XVI

Cybersecurity Workshop - Sysmana XVI

IES Gran Capitan · Hack your first WordPress

I delivered 'Hack your first WordPress', a practical web hacking workshop in a controlled environment. The session introduced how to analyze a WordPress site, identify possible weaknesses and understand attacker behavior in a safe lab. It also allowed me to practice communicating technical concepts clearly to other people.

Finalist - Hackathon 'Define el futuro del agua'

EMACSA · Aquacrypt

I was selected as a finalist with Aquacrypt, a technical idea focused on OT security developed as a team with José Álvaro Romero Granados. The proposal addressed insecure and unencrypted communication in legacy industrial environments, where attacks such as man-in-the-middle or manipulation of critical parameters can become a risk. The project combined encrypted communication between industrial devices and SCADA systems with SIEM-like monitoring concepts.

Competencies

Skills

My skills combine offensive practice, automation, documentation and real defensive context.

Offensive Security

I like understanding how systems can be compromised step by step. I usually start from reconnaissance and enumeration, then try to find weak points, validate them and build a clear attack path in controlled environments.

ReconnaissanceEnumerationWeb exploitationPrivilege escalationLinuxActive Directory

Python & Automation

Python is one of the tools I use the most. I use it to automate repetitive tasks, create small scripts, scrape information, work with OSINT data and make technical processes easier.

Python scriptingScrapingOSINTData processingAPI integrationsAutomation

Web Security

Web security is one of the areas I enjoy the most within offensive security. It allows me to analyze exposed services, login panels, weak configurations, hidden paths and vulnerable applications.

Web enumerationWordPress securityAuthentication flawsDirectory discoveryVulnerability testing

Technical Documentation

I care about documenting what I do, not just solving it. Clear notes, reports and lab documentation make it easier to understand the process later, review evidence and reuse what I learned in future analysis.

Technical notesReportsEvidenceLab documentationClear explanations

SOC & Threat Context

My SOC experience helps me understand the defensive side too: alerts, incidents, vulnerabilities, CTI and how real environments are monitored. I try to connect that knowledge with my offensive security path.

Alert analysisIncident investigationCTIVulnerability researchDetection logic

Validation

Certifications

My current focus is consolidating offensive practice and preparing certifications aligned with pentesting.

Verified certifications

Currently preparing

eJPT

In preparation

Long-term goal

OSCP

Long-term goal

PlaSysX Media

Latest PlaSysX Videos

Through PlaSysX, I share cybersecurity content, labs, technical learning and personal projects.

Visit the channel

Loading...

Publications

Explore my blog

I share content about cybersecurity, pentesting and offensive security: write-ups, resources and technical lessons to understand how systems are analyzed and protected.

CybersecurityPentestingOffensive securityWrite-ups
Open the blog

Latest posts

CTF Write-up

WriteUps CTF Solutions: how I document labs

A short look at how I structure CTF notes so enumeration, exploitation and privilege escalation remain understandable later.

CTFDocumentationEnumerationPrivilege Escalation
Published: 2026-05-24Read: 4 min
Read post
Web Security

Hack your first WordPress: workshop notes

Notes from a controlled web hacking workshop focused on WordPress analysis and attacker behavior in a safe lab.

WordPressWeb SecurityWorkshopKali Linux
Published: 2026-05-24Read: 3 min
Read post

Connect

Contact

Open to cybersecurity opportunities, pentesting, SOC, technical projects and PlaSysX-related collaborations.

Download CVEnglish version available
LinkedInsaulruizplazaGitHub@saulruizplazaYouTube@PlasysxTikTok@plasysx_esInstagram@Plasysx