I am a 27 year old Computer Science student, having graduated with my bachelors in Information Systems in 2016 from the University of Hamburg. I am currently living in Berlin and pursuing a M.Sc. in Computer Science at Humboldt University. I will graduate in late 2018.

Bachelors Thesis

My bachelors thesis about typosquatting programming language package managers in 2016 gained some popularity. There I demonstrated how it is possible within weeks to intrude into more than 17.000 unique systems by typosquatting package names on PyPi or npmjs.com. As far as I know, this security vulnerability is still unfixed in late 2018.

See my original blog post here. An news article from heise and an article from ars technica. A year later the large IT portal golem wrote also about my thesis.

My Skillset

  • Pretty broad knowledge of applied IT security
  • Intermediate understanding of cryptography
  • Fluent programming skills in Python
  • Intermediate Django skills
  • Some skills in Javascript, PHP, C, Java, Bash
  • Wifi programming and security knowledge about wireless networks
  • Asynchronous IO, select, poll, epoll
  • Chess on a 2000 rating level
  • Playing foosball on an amateur level

Background of this blog

During the last several years I was interested in web application security. I learned many different techniques and gained interesting insight into the security scene, but I never really had the motivation to host my own projects and present myself to the abyss of the internet.

By starting this blog in July 2012 my intention was to feed the community with code snippets and some of my ideas (There are many ideas – too many – but only a fraction that I really realize ).

Nikolai Tschacher

Last major update: October 2018