rv

Blog Projects & Others Security Advisories Imprint

Hey! I'm Robin.

I'm a self-employed software engineer and co-founder at prototypers, previously worked as a red teamer & pentester at Deutsche Telekom.

Automations and integrations
Full-stack web applications
Cloud solutions (with AWS)

Security tools and infrastructure
Penetration testing and red teaming
Source code auditing

Mostly writing Go, TypeScript/JavaScript and sometimes Elixir.

3x AWS certified and 2x Offensive Security (OSCP, OSWE) certified.

Open source

pgjobs

postgres job queueing lib for go

tevents

private event logger and job monitor for tailnets

webanalyze

uncovers technologies used on websites

hntr

collaborative workspaces for recon data

smbwatch

fast samba fileshare indexing

wonitor

fast, zero config web endpoint change monitor

pipers

task automation framework

redAsset

subdomain enumeration by parsing FDNS dumps and CA transparency logs

gxss

blind XSS service alerting over slack or email

to github profile →

Sideprojects

CampingBroetchen
Digital (breakfast) ordering for camping places (SaaS)
Visit →
Kursbuddy
(Sport-) course and member management (SaaS)
Visit →

Recent posts

2023-02-28

tevents: event logger and job monitor for tailnets

2022-08-22

Queueing with PostgreSQL and Go

2022-02-13

hntr, shareable workspaces for target data

2020-08-20

Push to deploy a Python (Django) service via Github Actions

2020-05-14

Smuggling HTTP headers through reverse proxies

2019-08-25

Bug Bounty: Bypassing a crappy WAF to exploit a blind SQL injection

2018-07-05

Re-using socket FDs vs reverse shell

2018-06-22

Django Vue.js integration as a widget

2017-07-15

Setting up my new Chromebook with linux

2016-11-04

Solving ROP primer level2

2016-10-23

CVE-2016-5195 (Dirtycow) Local Root PoC

2015-05-13

Webanalyze, utility to uncover technologies used on websites.

2014-08-04

Announcing pentrack.io

2014-05-15

How extundelete saved my day

2013-08-27

Be careful when going client only (Firebase)

2012-10-23

Drupal Security Scanner

2012-07-15

Cracking salted MD5 with Hashcat

2011-11-16

EPLUS Group (mobile network operator) security issue (SMS flood, MSISDN verification)

2011-06-30

Simple GET/POST Crawler (Python)

2011-06-15

Advanced INSERT INTO Injection by Taking Advantage of the Primary Key

2011-06-01

myBloggie 2.1.6 SQL Injection and Persistent XSS