Whitebox and Blackbox Penetrationtests of Web- and Mobile-Applications from planning to reporting
Source Code Review of Java/Springboot/PHP/DotNet/NodeJS based Web-Applications and REST-APIs
Source Code Review and Penetrationtests of Kotlin/Java/Objective-C/ReactNative based Android and IOS Applications
Supporting the SOC in Incident-Management, Red-Team Assesment of the network from perspective of a compromised employee VPN-account
2012 Hardening / Secure Installation Guide for a HiPath PBX
2012 Penetration test an Avaya PBX
2012 Writing Secure Programming Guidelines for Javascript / HTML5
2012 Source Code Audit for several iPad/Android/Blackberry Apps for a bank in the UK
2011 C/C++ Source Code Audit of Apache Modules at a major german ISP
2011 Source Code Audit and Penetration Testing of an Android Application
2011 Penetration test of a Tandberg based video conference system for the German Federal Bank.
2010 Threat Analysis for a VoIP and Video infrastructure for a major german bank.
2010 Reverse Engineering of ARM based Executables of AVM FritzBox 6360 for Ka-
belBW.
2010 Security assesment of the IQImpact Broker-PBX manufactured by IPC for the
German Federal Bank.
2010 7 months of Webapplication Testing for T-Systems’s key systems during their
Security Checkup 2010.
2009 Penetration testing of the call-center-infrastructure of the German Federal Bank.
2008 Security review of „T-System“s Cisco-based VOIP-Infrastructure.
2007 Documentation review of Siemens HiPath 8000 PBX-system.
2007 Penetration testing of a Siemens VoIP-phone.
2007 Binary analysis of a software distribution tool at „T-Systems“.
2006 Selected as head of security audit and penetration testing of the PBX-environment of German Federal Bank including documentation review, network-operating system- and PBX-configuration audit and ISDN tests.
2006 Security assesment of the PBX-environment of „Deutsche Börse AG“.
2006 Penetration testing and audit of an Avaya-PBX-environment at „TechData“.
2005 Security assessment of the complete SIP-environment of „T-Online“.
2005 VoIP-Training for „T-Online“ security department.
2004 Audit of a Siemens HiPath PBX-enviroment at „Tengelmann“.
2004 Security assessment of a client for wlan-authentication at „Datev eG“.
15 Jahre Erfahrung im Bereich Penetrationtesting, Zertifikate OSCP, OSCE, Diplm. Informatik am Karlsruher Institute for Technology mit Schwerpunkten auf Cryptography und Telematik
IT Security
Penetrationtester
Mobile App Vulnerability Assessment/Mobile App Source Code Audit Android,iPhone,iPad,Blackberry,VMB hacking, ISDN attacks, Wardialing, Fuzzing, Reverse Engineering, Embedded Systems, Buffer-/Heap-/Integer overflow attacks, Web application pentesting, network pro- tocol analysis, analysis of proprietary protocols, analysis and attacks on cryptographic pro- tocols, Binary analysis (IDA), C/C++/Java/Objective-C/PHP Source code auditing, Threat analysis, Programm- und Source Code Analyse, Source Code Analyse, BlackBox Penetration Testing, Penetration Testing
Internetprovider, Banken, Versicherungen
Whitebox and Blackbox Penetrationtests of Web- and Mobile-Applications from planning to reporting
Source Code Review of Java/Springboot/PHP/DotNet/NodeJS based Web-Applications and REST-APIs
Source Code Review and Penetrationtests of Kotlin/Java/Objective-C/ReactNative based Android and IOS Applications
Supporting the SOC in Incident-Management, Red-Team Assesment of the network from perspective of a compromised employee VPN-account
2012 Hardening / Secure Installation Guide for a HiPath PBX
2012 Penetration test an Avaya PBX
2012 Writing Secure Programming Guidelines for Javascript / HTML5
2012 Source Code Audit for several iPad/Android/Blackberry Apps for a bank in the UK
2011 C/C++ Source Code Audit of Apache Modules at a major german ISP
2011 Source Code Audit and Penetration Testing of an Android Application
2011 Penetration test of a Tandberg based video conference system for the German Federal Bank.
2010 Threat Analysis for a VoIP and Video infrastructure for a major german bank.
2010 Reverse Engineering of ARM based Executables of AVM FritzBox 6360 for Ka-
belBW.
2010 Security assesment of the IQImpact Broker-PBX manufactured by IPC for the
German Federal Bank.
2010 7 months of Webapplication Testing for T-Systems’s key systems during their
Security Checkup 2010.
2009 Penetration testing of the call-center-infrastructure of the German Federal Bank.
2008 Security review of „T-System“s Cisco-based VOIP-Infrastructure.
2007 Documentation review of Siemens HiPath 8000 PBX-system.
2007 Penetration testing of a Siemens VoIP-phone.
2007 Binary analysis of a software distribution tool at „T-Systems“.
2006 Selected as head of security audit and penetration testing of the PBX-environment of German Federal Bank including documentation review, network-operating system- and PBX-configuration audit and ISDN tests.
2006 Security assesment of the PBX-environment of „Deutsche Börse AG“.
2006 Penetration testing and audit of an Avaya-PBX-environment at „TechData“.
2005 Security assessment of the complete SIP-environment of „T-Online“.
2005 VoIP-Training for „T-Online“ security department.
2004 Audit of a Siemens HiPath PBX-enviroment at „Tengelmann“.
2004 Security assessment of a client for wlan-authentication at „Datev eG“.
15 Jahre Erfahrung im Bereich Penetrationtesting, Zertifikate OSCP, OSCE, Diplm. Informatik am Karlsruher Institute for Technology mit Schwerpunkten auf Cryptography und Telematik
IT Security
Penetrationtester
Mobile App Vulnerability Assessment/Mobile App Source Code Audit Android,iPhone,iPad,Blackberry,VMB hacking, ISDN attacks, Wardialing, Fuzzing, Reverse Engineering, Embedded Systems, Buffer-/Heap-/Integer overflow attacks, Web application pentesting, network pro- tocol analysis, analysis of proprietary protocols, analysis and attacks on cryptographic pro- tocols, Binary analysis (IDA), C/C++/Java/Objective-C/PHP Source code auditing, Threat analysis, Programm- und Source Code Analyse, Source Code Analyse, BlackBox Penetration Testing, Penetration Testing
Internetprovider, Banken, Versicherungen