Portfolio
💼 Projects
UTMS (Universal Time Modeling System)
A radically new approach to time, habit, and task modeling. Configured with programmable LISP entities, it tracks not just tasks but context, conditions, interruptions, and emergent patterns. Designed to augment human agency over time. The core is written in Python, the configuration in Hy (LISP on Python), frontend in React + vite + TypeScript.
OWASP Raider
A web authentication testing framework for exploring complex HTTP session workflows. Built in Python, configurable with Hy (LISP on Python). Presented at multiple security conferences. Raider models authentication as a programmable state machine, allowing security researchers to script interactions across redirects, CSRF tokens, and multi-step logins.
Bug Bounties & Responsible Disclosure
Privately disclosed critical vulnerabilities in high-profile applications and banking systems via the Synack Red Team and other responsible channels.
🎤 Talks & Presentations
-
Ruby Unconf (2019) — “Attacking own APIs to find security bugs”
Talked about API security at a Ruby Unconf event, explaining how web fuzzing works. -
Several Security Conference Demos (OWASP Raider, 2023)
Presented Raider’s novel approach to testing authentication flows using stateful scripting.
📰 Media Features
Sometimes, my face was pixelated.
Sometimes, my name was changed.
But the work—and the impact—was real.
BDO Foresight 4/2024 — “Ich gehöre zu den Guten!” – Motive eines Hackers
Interviewed under a pseudonym by BDO’s editorial team, this long-form feature profiles my story, ethical hacking work, and zero-day discovery.
Read full article (German) or Download PDF
WELT / ComputerBild (2014) — “So leicht kommen Hacker an Ihre Urlaubsfotos”
Commissioned to demonstrate photo kiosk vulnerabilities using Raspberry Pi and Teensy hardware. The piece was published with blurred images and without attribution.
Welt article, Spiegel article, Computerbild press release (all in German).
PortSwigger (2023) — “Raider: A tool to test authentication in web applications”
Raider featured in PortSwigger’s Daily Swig, highlighting its capability to automate stateful testing of web authentication flows.
Read article
PortSwigger (2020) — “Tiny Tiny RSS developers act promptly to resolve big, big security problems”
Coverage of the critical vulnerabilities I discovered in Tiny Tiny RSS, leading to CVE-2020-25787–89.
Read article
🛡️ Notable CVEs
-
Series of vulnerabilities in TinyTinyRSS allowing authentication bypass and code execution. A carefully crafted malicious feed exploiting URL whitelist bugs led to SSRF → LFI → FastCGI RCE—writing a PHP backdoor that allows arbitrary command execution on vulnerable TT‑RSS Docker setups. Read blog article and the PDF report.
-
Authentication vulnerability in Pivotal’s Spring Security Framework. Identified a logic flaw in Spring Security 4.2.x with PlaintextPasswordEncoder when multiple hashed-password columns exist and one is NULL. This caused authentication to succeed for any username with password “null”. Reported to the Spring team—patched in version 4.2.13.
🛠️ Tools & Contributions
- Internal DevSecOps Pipelines — designed and deployed automated security checks into CI/CD flows.
- Wireshark Training Material — authored original video courses and exercises for WCNA certification.
📜 Certifications
- OSCE — Offensive Security Certified Expert (didn’t finish exam since certification was deprecated)
- OSCP (2017) — Offensive Security Certified Professional
- OSWP (2018) — Offensive Security Wireless Professional
- WCNA (2012) — Wireshark Certified Network Analyst
- CompTIA A+ (2010)
- Scrum Master (PSM-i)
🧠 Skills
For an exhaustive list of tools, technologies and skills, see my skills page
Want to collaborate, hire me, or consult on a security topic?
Contact me or Schedule a meeting