Robert Kugler is an information security researcher and pentester who has made his passion for breaking things his job. His background stems from over 10 years of data protection, security management and consulting as well as penetration testing. Robert has helped strengthen the security of companies such as Mozilla, Axel Springer, PayPal, Spotify, Sophos, Sony, Fitbit, and Deutsche Telekom. In the past, he has given several presentations on IoT security, digital self-defense, the security risks of anti-virus software, and application vulnerabilities.

Press articles

Please keep in mind, it's not a complete list. Just drop me a line to get a more comprehensive list, if you're interested.

German

• 2012: Sicherheitslücke bei Mozilla entlarvt: Prämie für Schüler
• 2013: Mozilla und Google locken junge Hacker
• 2013: Deutscher Schüler rächt sich an PayPal
• 2013: Internet-Profi mit 17
• 2013: PayPal wieder durch Cross-Site-Scripting angreifbar
• 2013: PayPal schließt schwere Sicherheitslücke - nach zwei Wochen
• 2015: Die Jagd nach gefährlichen Programmen
• 2015: Für die gute Seite entschieden – Hackingtalent hilft Unternehmen, sicherer zu werden
• 2016: Sicherheitslücke bei Lieferando.de
• 2016: Pizza, Burger oder Trojaner?
• 2018: 10 000 Dollar für eine Schwachstelle? Nein, danke!

English

• 2012: Mozilla Foundation Security Advisory 2012-98
• 2013: Mozilla Foundation Security Advisory 2013-45
• 2013: Bug hunters: Big bucks paid to keep ahead of hackers
• 2013: PayPal refuses to pay 17-year-old security researcher
• 2013: PayPal denies stiffing bug-hunting teen on bounty
• 2018: SSD Advisory – Multiple IoT Vendors – Multiple Vulnerabilities

Talks

• 2017: No-Spy - „Are your sure — you’re alone? Pwning CCTV devices“
• 2018: TROOPERS - „Are your sure — you’re alone? Pwning IoT-CCTV devices“ - a bit more technical, less about the privacy aspects. -- Slides
• 2018: Berlin Cyber Security Meetup - „Top 5 Things a Security Researcher Looks for When Attacking an App“ -- Slides Cheatsheet
• 2019: BSides Lisbon 2019 - „Pentest Deep Dive - Anatomy of a weaponized remote code execution flaw“ -- Slides

Awards

• 2015: Second winner of the Cyber Security Challenge Germany 2015

More references

• Openbugbounty.org
• Hack The Box
• PentesterLab
• GitHub