About
You can contact me under this email address:
tschacher.nikolai [[at]] gmail.com
Why?
Whenever I have difficulties solving a particular problem, I try to put it into words. This process has two advantages:
- Fresh blog articles are created
- The problem at hand is solved by properly defining and describing it
For that reason, I am writing this blog.
If you want to know how I think and with what mindset I am navigating this world, read the article Where is the World headed to?
Education & Professional Experience
I am a computer science professional, having graduated with my B.Sc. in Information Systems in 2016 from the University of Hamburg and with a Master in Computer Science from the Humboldt University in 2019.
I worked several years in the IT security industry and have experience in a wide field of IT security.
Currently, I am interested in web scraping, large scale crawling, machine learning, bot detection and always generic IT security.
Bachelors Thesis
My bachelor thesis about Typosquatting Programming Language Package Managers in 2016 gained some popularity. There, I demonstrated how it is possible within weeks to intrude into more than 17.000 unique systems by typosquatting package names on PyPi or npmjs.com. As far as I know, this security vulnerability is still unfixed in late 2018.
See my original blog post here. An news article from Heise and an article from ars technica. A year later the large IT portal Golem wrote also about my thesis.
Expertise and Skills
- Pretty broad knowledge of applied IT security and cryptography
- Fluent programming skills in Python, JavaScript and Typescript
- Intermediate Django knowledge
- Intermediate Reactjs knowledge with ant.d
- WiFi programming and security knowledge about wireless networks
- Chess on a 2000 rating level
- Playing foosball on a high amateur level
Freelance Work and Contracting
I am always looking for interesting freelance work. If you think that my work might be of use for your latest projects, do not hesitate to contact me.
Background of this Blog
In the last decade I was interested in web application security. I taught myself different techniques and gained interesting insight into the security scene, but I never really had the motivation to host my own projects and present myself to the abyss of the Internet.
By starting this blog in July 2012, my intention was to feed the community with code snippets and some of my ideas. There are many ideas – too many – but only a fraction that I really realize.
Nikolai Tschacher - Last update: February 2022