The Hackmanit team members have several years of experience gained in various academic and industrial projects. They deal with security of Web applications, Web Services, Single Sign-On, SSL/TLS, and various cryptographic protocols.
Prof. Dr. Jörg SchwenkChairman
PGP: D853 7A59 3169 EB64 9CE6 63B0 B847 F8F7 DCA2 348D
Since September 2003, Prof. Dr. Jörg Schwenk is the owner of the Chair for Network and Data Security at the Ruhr University Bochum. The chair belongs to the renowned Horst Görtz Institute for IT Security.
Professor Schwenk is an internationally recognized expert in the areas of cryptography and IT security. After completing his doctorate in the Department of Mathematics at the University of Giessen he moved in 1993 to Darmstadt, where he worked at the Telekom Technology center for applied research in the field of IT security
Professor Schwenk is an author of numerous international publications in renowned conferences (for example Eurocrypt, Asiacrypt or Communications and Multimedia Security), author of textbooks on cryptography and Internet security, and about 60 patents in the field of IT security.
Dr. Juraj SomorovskyCTO, Department Cryptography
PGP: E3DA 053B 27C6 4DAB A28B 4AF2 3D7B EC35 9CB2 F800
In 2013, Dr. Juraj Somorovsky completed his doctorate in the area of XML Security with distinction.
In his dissertation "On the Insecurity of XML Security", he analyzes various attacks on Web Services and cryptographic algorithms, and provides practical countermeasures, which were adopted by recognized security standards. His work was awarded with the CAST Award for the best dissertation in the field of IT security in 2013. He is the main developer of the analysis tool "TLS-Attacker" and author of numerous attacks on TLS. These include, for example, DROWN and ROBOT, which each won the Pwnie award for the Best Cryptographic Attack. Juraj Somorovsky is currently working as a postdoctoral researcher at the Chair for Network and Data Security. In addition to his scientific work, he gained practical penetrationtesting experiences as a freelancer in several industrial projects for different customers.
Dr. Christian MainkaCTO, Department Single Sign-On
PGP: 4442 AD78 02EA 02A3 5FAF F478 AFD9 A01A 362D F885
Christian Mainka completed his doctorate in 2017 on the topics of web services and single sign-on.
Since 2009, he has been working on security aspects resulting from the use of data description language such as XML. He developed the first web service-specific penetration test tool WS-Attacker. Since then, he has been constantly improving and extending the program so that it can now detect fully automatically a broad spectrum of known vulnerabilities on web services. In his dissertation "On Message-Level Security" he also analyses the security of modern single sign-on procedures such as SAML, OAuth and OpenID Connect and uncovered numerous security gaps.
Dr. Marcus NiemietzCTO, Department Web
PGP: 3CC3 1D1A AAF8 3407 47BA A403 F10E CC43 061D 0357
For over a decade Marcus Niemietz has been working as penetration tester and web security trainer for DAX-30 companies.
As a co-founder of Hackmanit he has been responsible for web security since 2014. In addition, he is actively researching at the Ruhr University Bochum to prevent both UI redressing and cross-site scripting attacks. He is a regular speaker at numerous international IT security conferences, including the USENIX Security, Black Hat (YouTube) and Microsoft‘s renown hacker conference BlueHat. Marcus Niemietz is the publishing author of a book in the field of web security.
Karsten Meyer zu SelhausenIT Security Consultant
PGP: 0EDA AAC6 01DE 3D7F 2123 70F8 4535 C0E7 DB16 F148
Karsten Meyer zu Selhausen has several years of experience in the fields of secure deployment and secure use of Single Sign-On procedures, such as OAuth, OpenID Connect and SAML.
He works as an IT security consultant, penetration tester and trainer for Hackmanit GmbH since 2016. During his master degree in IT Security at the Ruhr-University Bochum, he specialized on the security of different protocols for delegated authorization and authentication, as well as, data description languages, such as XML and PDF. He gained his profound expertise in the secure use of the Single Sign-On procedures, such as OAuth, OpenID Connect and SAML, during numerous consulting projects and penetration tests and shares his knowledge and experience in security trainings.
Mario KorthIT Security Consultant
PGP: 8CD9 AB54 6823 1F6E E200 C863 AB07 F84A F3F6 418A
Mario Korth has several years of experience in the field of web security and uses this experience to carry out professional penetration tests.
He has been working as an IT security consultant and penetration tester for Hackmanit since 2018. As part of his master's degree in IT security at the Ruhr University Bochum, he specializes in the practical application of IT security. The focus of his expertise lies in web security. In addition, he has competences in the areas of binary exploitation, reverse engineering, single sign-on and XML security. He regularly expands and enhances his knowledge in the detection and exploitation of vulnerabilities as a member of the Capture-The-Flag team at the Ruhr University Bochum, which he joined in 2014.