Hi, I am a PhD candidate at the chair Security in Telecommunications (SecT) at the Technische Universität Berlin, Germany. My research topics belong to network and software security with a strong focus on web security. As part of my research assistant position at the university, I also teach students and supervise theses or projects. If you are looking for a collaboration partner or a supervisor, feel free to contact me.

Further, I participate in CTFs as part of ENOFLAG and lead the student club AG Rechnersicherheit e.V.. I also do IT-Sec Freelance Work and give talks at various conferences.

Web Security Network Security Software Security Bugbounty CTF

Publications

Here is a list of academic publications I was involved with:

2023

A review of the security role of ISP mandated ONUs and ONTs in GPONs

with Max Franke

Arxiv

Publication ⟶
2022

Oh SSH-it, What’s My Fingerprint? A Large-Scale Analysis of SSH Host Key Fingerprint Verification Records in the DNS

with Nils Wisiol

Cryptology and Network Security: 21st International Conference

Publication ⟶
2021

The Elephant in the Background: A Quantitative Approach to Empower Users Against Web Browser Fingerprinting

with Julian Fietkau, Kashyap Thimmaraju, Felix Kybranz, and Jean-Pierre Seifert

20th Workshop on Privacy in the Electronic Society

Publication ⟶

Teaching

Here is a list of courses that I was a lecturer or teaching assistant for:

Winter '23/24

Websecurity

A lecture on web security covering the well known vulnerability classes (OWASP TOP 10) from an attacker's and defender's perspective.

Course description ⟶
Summer '23

International Information Security Contest

A project where students develop CTF-services for an international Attack-Defense CTF.

Course description ⟶
Winter '22/23

Technical Foundations of Computer Science for Business-Computer Scientists

Students learn the technical foundations of computer science, i.e. computer architectures, number representations, operating systems, scheduling algorithms, paralleziation & locking, networking, etc.

Course description ⟶
Summer '22

International Information Security Contest

A project where students develop CTF-services for an international Attack-Defense CTF.

Course description ⟶
Summer '22

Internet Security

A lecture about internet security, i.e. protocols, firewalls, DDoS, XSS, etc.

Course description ⟶
Winter '21/22

Technical Foundations of Computer Science for Business-Computer Scientists

Students learn the technical foundations of computer science, i.e. computer architectures, number representations, operating systems, scheduling algorithms, paralleziation & locking, networking, etc.

Course description ⟶
Winter '21/22

Rescue Your Server Project (Computer Security Big Project)

A project where students develop new vulnerable services for the IT-Seclab Course.

Course description ⟶
Summer '21

International Information Security Contest

A project where students develop CTF-services for an international Attack-Defense CTF.

Course description ⟶

Theses & Projects

I am happy to supervise bachelor and master thesis that are related to my research interests. It's best if you can bring an idea, but feel free to ask if I have a topic available. Similarly, if you're looking for a bachelor's (6LP) or master's (9LP) project, do not hesitate to contact me as well.

Here is a list of theses and projects I have supervised:

2024

Assessing Web Vulnerabilities: Exploring File Upload Vulnerabilities on PHP Servers and Conducting a Comparative Analysis of Testing Tools

Bachelor Thesis

2024

Large Scale Analysis of Web Security Headers and Their Potential Data Transfer Overhead

Bachelor Thesis

2023

Towards Effective Vulnerability Management: A Survey to Assess the Status Quo of Coordinated Vulnerability Disclosure in Germany

Bachelor Thesis

2023

PressPot: Developing and Evaluating a Honeynet Framework Based on WordPress CMS

Bachelor Thesis

2022

A Case Study of Building a Coverage-Guided Fuzzer with the Purpose of Finding Security Vulnerabilities in PHP Web Applications

Bachelor Thesis

Contact

If you wish to contact me, feel free to do so! I check my emails multiple times a day, the other channels less frequently.