Photograph of Andy sitting in a suit with a MacBook in a ball pit taken during the 27th Chaos Communication Congress (27C3) in 2010

Welcome to my blog​whatever this is! I'm Andy, an IT-Security dude living Aachen, Germany.

I am currently working for Rapid7 as a Lead Security Researcher where I mostly build tools for threat analytics like honeypots. In the past I also did some reverse engineering, ICS security and other things there.

My private interests involve everything that has to do with computers. As long as it has a CPU and runs firmware, it is going to spark interest and I reverse engineer, abuse, improve and generally hack stuff. This spans KNX devices I use in my house, model train controllers or server hardware.

You can find me on, Twitter or Github. Here is an incomplete list of talks I gave in the past.

Just to make it abundantly clear what this website is about and to get the legalese we Germans apparently love so much out of the way:

This is a purely private homepage that doesn't generate any kind of income. I have no ads placed here, no affiliate links, no promotions. Every single thing I use and mention in posts on this site was paid by myself with my own money. Nothing is sponsored. All posts I write here are to document things I did in my free time. Nobody paid me for this work and I also don't offer anything like this as part of a paid service. It's for other nerds to read and maybe learn a thing or two in their free time. All talks I gave that are listed on this website were held in my free time about things I did in my free time and I was neither paid to give the talk, nor to build what the talk was about.

As far as data protection goes, I save nothing. Everything is hosted locally, the site does not use any analytics service or other trackers. It doesn't even set a single cookie. The site is generated statically and there is no backend server code that could log anything apart from the nginx that serves these statically generated files. Log files on the server do not exist. IP addresses are kept in RAM as long as necessary so that the web server is able to answer to requests it receives from that IP address. This is a technical necessity.