This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Jump to: navigation, search

I'm a senior software developer for (company internal) web applications at Zalando, but not a security specialist in any way.

I was moderator for Cryptography Stack Exchange for almost 4 years (Aug 2011 – June 2015), picking up some cryptography knowledge then.

I created this account as I wanted to correct some mistakes in the website I noted, not write a full biography here. For example, the Java class name validation regex in OWASP Validation Regex Repository is not just vulnerable to RegEx DOS attacks (as noted on Regular expression Denial of Service - ReDoS#Examples and in Wikipedia's ReDoS article), but also simply wrong, and fixing the wrongness (escaping the dot) also fixes the evilness of the RegEx.