Hey! I'm Robin.
I'm a self-employed software engineer and co-founder at prototypers, previously worked as a red teamer & pentester at Deutsche Telekom.
- Automations and integrations
- Full-stack web applications
- Cloud solutions (with AWS)
- Security tools and infrastructure
- Penetration testing and red teaming
- Source code auditing
Making things. Breaking things.
- 15+ years as a software engineer
- 8+ years as a penetration tester
- 3+ years as a co-founder
Mostly writing Go, TypeScript/JavaScript and sometimes Elixir.
3x AWS certified and 2x Offensive Security (OSCP, OSWE) certified.
Open source
pgjobs
postgres job queueing lib for go
tevents
private event logger and job monitor for tailnets
webanalyze
uncovers technologies used on websites
hntr
collaborative workspaces for recon data
smbwatch
fast samba fileshare indexing
wonitor
fast, zero config web endpoint change monitor
pipers
task automation framework
redAsset
subdomain enumeration by parsing FDNS dumps and CA transparency logs
gxss
blind XSS service alerting over slack or email
to github profile →
Sideprojects
Recent posts
2023-02-28
tevents: event logger and job monitor for tailnets
2022-08-22
Queueing with PostgreSQL and Go
2022-02-13
hntr, shareable workspaces for target data
2020-08-20
Push to deploy a Python (Django) service via Github Actions
2020-05-14
Smuggling HTTP headers through reverse proxies
2019-08-25
Bug Bounty: Bypassing a crappy WAF to exploit a blind SQL injection
2018-07-05
Re-using socket FDs vs reverse shell
2018-06-22
Django Vue.js integration as a widget
2017-07-15
Setting up my new Chromebook with linux
2016-11-04
Solving ROP primer level2
2016-10-23
CVE-2016-5195 (Dirtycow) Local Root PoC
2015-05-13
Webanalyze, utility to uncover technologies used on websites.
2014-08-04
Announcing pentrack.io
2014-05-15
How extundelete saved my day
2013-08-27
Be careful when going client only (Firebase)
2012-10-23
Drupal Security Scanner
2012-07-15
Cracking salted MD5 with Hashcat
2011-11-16
EPLUS Group (mobile network operator) security issue (SMS flood, MSISDN verification)
2011-06-30
Simple GET/POST Crawler (Python)
2011-06-15
Advanced INSERT INTO Injection by Taking Advantage of the Primary Key
2011-06-01
myBloggie 2.1.6 SQL Injection and Persistent XSS