Consulting

I’m open for consulting work, if you have interesting challenges from one of the listed areas of my expertise, please reach out.

[0x0] Go Engineering

I predominantly work with Go as a programming language and have gathered a lot of experience when it comes to debugging it and understanding failures in production systems. Have a race condition, a memory leak or a weird runtime crash your engineers cannot solve? I might be able to help! I also enjoy to provide guidance in the design and structure of Go projects, as well as analyzing them for security problems.

[0x1] Penetration Testing

Infrastructure Audit

Infrastructure assessment to analyze the exposure of a system and search for exploitable vulnerabilities.

Web Application Audit

Audit of modern web applications according to OWASP standards.

[0x2] Incident Response

Impact analysis after a suspected breach with a focus of assessing the damage, compromised data and systems, as well as guidance for restoration and minimising the impact on service availability.

[0x3] Code Auditing

Code review with focus on searching for common vulnerabilities, identify anti-patterns and programming mistakes that could lead to an exploitable vulnerability.

[0x4] System Design Guidance

Guidance in the design of secure system architectures according to modern standards.

[0x5] Training

Secure Software Development

Training for software developers to incorporate industry best practices and safety measures to ensure the software meets the desired security standards.

Human Security

Social Engineering awareness training and hardening, travel guidance and best practices for data protection of employees, review of OSINT security posture.

Physical Security

Lock picking, audit of physical access control systems and countermeasures against their evasion.

[0x6] Risk Assessment

Creation of a threat model and risk assessment for a product or technical infrastructure.

[0x7] Reverse Engineering

Understand the inner workings of a competitor’s product, or analyse malicious software to the core.