The team

Maik Robert

Offensive Security Engineer

Offensive security engineer focused on web application front-ends and back-ends. Started in bug bounties, now audits code and applications for some of the most security-sensitive companies in the world.

Work with Maik Penetration Testing
Maik Robert Available for engagements
Specialties
  • Web application security
  • Smart contract audits
  • Reverse engineering
  • Mobile + binary analysis
  • Black-box testing
  • Threat modeling

How he got here

Maik started in security by working bug bounties full-time for several years before joining a German security company that provided attack surface management and external red teaming for many of Germany's largest industrial enterprises.

He also serves as a security researcher for a Web3 company, where he conducts web and smart contract audits. Most of his time is spent auditing code directly when it's available, but he is equally comfortable with a black-box approach, thanks to years of bug bounty work and independent research.

Notable research

That research has produced some significant findings, including the full takeover of an entire top-level domain through vulnerabilities in the registrar. Maik was also part of a major project alongside Sam Curry that uncovered critical vulnerabilities affecting nearly every major car manufacturer and their related service providers.

  • Top-level domain takeover

    Achieved full takeover of an entire top-level domain through vulnerabilities discovered in the registrar.

  • Automotive industry research

    Co-led a major project with Sam Curry uncovering critical vulnerabilities affecting nearly every major car manufacturer and their related service providers.

  • Web3 security audits

    Active security researcher for a Web3 company, conducting both web and smart-contract audits.

How he approaches a test

Bug bounties and security research demand a wide range of skill sets, and Maik has built deep experience across reverse engineering, mobile, binaries, front-end and back-end systems, and thick clients. When testing, he builds a mental threat model of the application and looks for the places where it breaks down. That model evolves over time as code changes or new information surfaces.

Security is a continuous process. Code changes, people change, services change, and any of it can introduce new vulnerabilities.

Outside of work

Maik spends as much time outside as possible: snowboarding in the winter and downhill mountain biking the rest of the year.

Want Maik on your pentest?

When the scope matches his stack, we build the team around him. Tell us about your engagement.

Book a free 15-minute call