About
Security researcher and developer specializing in web application security.
I'm a 21-year-old security researcher and developer from Feldkirch, Austria, now based in Vienna. I've been programming and breaking things since school, and after finishing my Matura at HAK Feldkirch I went straight into working rather than university. I learned more from reading source code and finding real vulnerabilities than any curriculum could have taught me.
I run ShipSecure, where I do manual security audits for indie developers and SaaS founders. I also built LooksPhishy, an open source tool that relays phishing reports to all major security providers at once.
Outside of security, I care about open source, privacy, and self-hosting. I run NixOS on everything, self-host most of my infrastructure, and have strong opinions about keyboards.
This site hosts my security vulnerability writeups and research. All vulnerabilities documented here have been responsibly disclosed and patched before publication.