Michael Messner

Co-Founder

Munich, Bavaria, Germany19 yrs 10 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Over 13 years of penetration testing experience
  • Expert in firmware analysis and hardware reverse engineering
  • Speaker at multiple international security conferences
Stackforce AI infers this person is a cybersecurity expert specializing in penetration testing and embedded device security.

Contact

LinkedIn

Skills

Core Skills

Penetration TestingOffensive SecurityFirmware AnalysisSecurity ResearchEmbedded Device HackingSecurity AssessmentsVulnerability ManagementAutomated Penetration Testing

Other Skills

Critical Infrastructure HackingOpen Source DevelopmentHardware Reverse EngineeringWeb Application SecurityManual Penetration TestingMetasploitVulnerability ScanningExploit DevelopmentResearchSecurityInformation SecuritySecurity AuditsVulnerability AssessmentNetwork SecurityLinux

About

As a penetration tester I have more than 13 years of experience in different penetration testing areas. At the Siemens Corporate Technology, I had the possibility to focus on hacking Siemens products and embedded devices. In my current position as Senior Key Expert I am responsible for offensive security research in the areas of firmware analysis, hardware reverse engineering and product red teaming. Speaker on the following events: * Black Hat Arsenal EU - EMBA - Firmware security analyzer (2022) * DEF CON30 Demo Labs - EMBA - Firmware security analyzer (2022) * Black Hat Arsenal USA - EMBA - Firmware security analyzer (2022) * TROOPERS22 - EMBA - Firmware security analyzer (2022) * Black Hat Arsenal Asia - EMBA - Firmware security analyzer (2022) * rC3 - remote Chaos Experience (2021) * Siemens internal pentester meetup (2019) * Bsides Munich (2017) * SOHO Router Horror Stories Webcast mit Rapid7 (2013) * Sigint 2013 (CCC) * Chaostreff Salzburg (2013) * LinuxTag 2013 * Frühjahrsfachgespräche der German Unix Usergroup - 2013 * Integralis Security World 2012 * Frühjahrsfachgespräche der German Unix Usergroup - 2012 * Integralis Security World 2011 * BackTrack Day 2011 * BackTrack Day 2010 * BackTrack Day 2009 Trainings and certifications: * 40+ Metasploit Module * Toothless Hardware Hacking Training (2019) * Riscure Side-Channel und Fault Injection Training (2019) * SexViaHex - Software Exploitation Via Hardware Exploitation (2017) * Advanced IoT Firmware Exploitation von Craig Heffner (2017) * Hardware Hacking Workshop by Craig Heffner (2016) * Embedded Device Exploitation (RTOS) by Craig Heffner (2015) * Embedded Device Exploitation (Linux) by Craig Heffner (2014) * CISSP - Certified Information Systems Security Professional (2013) * SecurityTube GNU Debugging Expert (2013) * Corelan Live – Win32 Exploit Development Bootcamp (2012) * SecurityTube Metasploit Framework Expert (2012) * Offensive Security Certified Expert - OSCE (2011) * SANS Security 580 - Metasploit Kung Fu For Enterprise Pen Testing (2011) * Offensive Security Certified Professional - OSCP (2009) * Offensive Security Wireless Professional - OSWP (2009) * Cisco - CCNA (2008) * LPI - LPIC-1 (2005) Spezialgebiete / Interessen: Hardware Hacking, Hardware Reverse Engineering, Hacking of Industrial Devices, Hacking of Embedded Devices, SOHO and Home Router Hacking, Pentesting, Metasploit, Exploit devel, Webapps, Vulnerability Research, Exploiting, external Pentesting, internal Pentesting, Hacking, IT Security Research, Penetration Testing, IT Security, Offensive IT Security

Experience

Siemens energy

Penetration Tester

Sep 2020Present · 5 yrs 6 mos

  • Move on to hack only critical infrastructure and critical products
Penetration TestingOffensive SecurityCritical Infrastructure Hacking

Emba - embedded analyzer

Founder & Open Source Maintainer

Jan 2020Present · 6 yrs 2 mos · Online

  • I started the EMBA firmware security analyzer in 2020 with the goal of becoming a free security analyzer for firmware of embedded devices. EMBA is an open-source firmware analyzer used for professional penetration testing, security research and enterprise firmware scanning.
Firmware AnalysisOpen Source DevelopmentSecurity Research

Siemens

2 roles

Senior Key Expert - Embedded Device Hacking

Promoted

Jul 2017Sep 2020 · 3 yrs 2 mos

  • Responsible for security research in the areas of hardware reverse engineering, firmware analysis, embedded device hacking and product red teaming
  • Perform and lead penetration tests of multiple industrial products and embedded devices
Hardware Reverse EngineeringFirmware AnalysisEmbedded Device Hacking

Penetration Tester

Sep 2013Jun 2017 · 3 yrs 9 mos

  • Security assessments of products, web applications and infrastructure
  • Research in embedded device hacking
  • Embedded device hacking training
Security AssessmentsEmbedded Device HackingWeb Application Security

Integralis

2 roles

Senior IT-Security Consultant

Promoted

Oct 2011Aug 2013 · 1 yr 10 mos

  • All kinds of manual penetration tests (e.g. WLAN hacking, client analysis, citrix escapes, web application)
  • Security research
  • Metasploit hacking trainings
Manual Penetration TestingSecurity ResearchMetasploitPenetration Testing

IT-Security Consultant

Mar 2008Sep 2011 · 3 yrs 6 mos

  • Automated penetration tests (Burp, Nessus, Nmap, Metasploit, Kali Linux)
  • Vulnerability scanning and management
Automated Penetration TestingVulnerability ScanningVulnerability Management

Deloitte austria

IT-Administration

Jan 2006Jan 2008 · 2 yrs · Salzburg

Education

Fachhochschule Salzburg

DI(FH) — ITS - Informationstechnik & Systemmanagement

Jan 2003Jan 2007

Stackforce found 100+ more professionals with Penetration Testing & Offensive Security

Explore similar profiles based on matching skills and experience

Mike Dame

Mike Dame

Hacker of Time & Space

at The Multiverse

North Palm Beach, United States8 yrs 2 mos exp
Client RelationsMulti-Cloud Penetration TestingOffensive Security ServicesPenetration TestingRed Teaming
Edbert S.

Edbert S.

Cyber Security Consultant (VAPT)

at Confidential.

Marikina, Philippines5 yrs 10 mos exp
Vulnerability Assessment and Penetration Testing (VAPT)
Atul kishor Jaiswal

Atul kishor Jaiswal

Senior Security Engineer

at CRED

Bangalore, India8 yrs 11 mos exp
Cloud SecurityIncident Response & ForensicsRed Teaming & Adversary SimulationVulnerability AssessmentVulnerability Management
Edrian Miranda Muñoz

Edrian Miranda Muñoz

Principal cybersecurity analyst

at Syniverse

Santo Domingo District, Costa Rica5 yrs 2 mos exp
Cloud SecurityWeb Application SecurityRed TeamingAzure Active DirectoryIdentity and Access Management
Jiacheng(Gavin) Zhong

Jiacheng(Gavin) Zhong

Privacy Engineer - Red Team

at TikTok

United States2 yrs 6 mos exp
Security ResearchWeb SecurityPwnReverse EngineeringNetwork Security
Yash Thakkar

Yash Thakkar

CTF Player

at Hack The Box

Mumbai, India1 yr 10 mos exp
Ethical HackingPenetration Testing
Santosh Nishad

Santosh Nishad

Associate Consultant - Offensive Security

at NetSentries Technologies

India3 yrs 7 mos exp
Penetration TestingVulnerability Management
Elangovan S

Elangovan S

Blogger

at Medium

Coimbatore, India0 mo exp