Independent offensive security work since 2020. Leipzig. Code reviews, penetration tests, security consulting. 70+ engagements.
Services
Most engagements are manual code reviews of Solidity smart contracts. A backend background helps when scope extends to the Python, TypeScript, or Go sitting alongside.
I also run penetration tests, usually when teams want to figure out their external attack surface or incident response capabilities. The interesting vulnerabilities tend to live in the cracks between components.
Beyond, I help teams formalize threat models, and advise on operational security: key management, internal practices, and risk assessments and reduction.