A zealous security researcher, software developer and penetration tester. I enjoy building tools that perform automated security analysis of software. Ocassionally, I like experimenting with the newest JavaScript framework, ahem, web technologies.
I am a cybersecurity student at Saarland University with focus on web security and automated software testing. More specifically, I am interested in program analysis, fuzzing, vulnerability detection and exploitation.
Along with my studies, I am working as a research assistant at CISPA Helmholtz Center for Information Security. My current research is focused on developing tools for automated generation of highly-structured inputs.
Outside university and work, I enjoy learning new skills, experimenting with new languages and frameworks, as well as improving my penetration testing expertise.
At Fast-Dine I was responsible for improving the security posture and development practices of the company. As part of the company, I introduced automated software testing and CI/CD practices as part of the development process. Furthermore, I developed an automated test suites for web and mobile applications. Other activities include but are not limited to:
During my time at VIPFY, I was taking on a variety of responsibilities, most of which related to software testing and QA. My main contribution is an autonomous testing software for Electron-based application. Other tasks include but are not limited to:
The program prepares students for a career in the field of cybersecurity. The goal is to prepare graduates for further doctoral strudies, but also for positions in the industry. It provides a lot of flexibility when it comes to course selection. Several of the courses that I have completed so far are listed below:
The program teaches the foundations of computer science and cybersecurity. It introduces fundamental theoretical concepts, which are complemented by a variety of practical assignments. Students are also able to further specialize and choose advanced courses from a wide selection of topics. This allowed me to focus on my areas of interest and to specialize in the following topics:
My thesis “Transpiling Schema Languages to Grammars” explores the possiblity to generate grammars from schema specifications for JSON and XML. I developed tools that extract the syntactic constraints defined in such schemas and produce grammars, which can be used both parsing and producing of documents. In particular, my thesis demonstrates that the grammars produced by my transpilers can produce a wide variety of complex inputs when paired with a grammar-based fuzzer. The results also show that the coverage achieved by these inputs is significantly higher than other techiques such as random fuzzing.
