Christian Mainka
IT Security Researcher

I am an IT security professor at University of Wuppertal where I lead the group ROSES (Robust, Secure and Privacy-Preserving Smart Systems). Also, I am one of the founders of Hackmanit, a Freelancer, organizer of RuhrSec, hiker, cyclist, and handball player.
With almost two decades of experience in web and data security research, my work was presented at top-tier academic and industry conferences. I have published 32 peer-reviewed papers, including 12 at top-tier conferences in my field and 3 awarded papers.
I have filed numerous CVEs in widely used applications and libraries. I am the originator of the penetration test tools WS-Attacker and the Single Sign-On Burpsuite Extension EsPReSSO, which have proven valuable in the industry. My PhD research focused on XML-based web services and Single Sign-On protocols, such as OAuth and OpenID Connect and SAML. Since then, I have expanded my research to explore the robustness of digital systems, with a particular focus on document security. My current work involves investigating cryptographic failures related to document signatures and encryption using fault injection. I am also engaged in researching browser security, with a specific focus on security and privacy issues resulting from SOP bypasses, including XS-Leaks. In 2018, I got a permanent research position at the Chair for Network and Datasecurity lead by Prof. Jörg Schwenk. In May 2025, I joined the University of Wuppertal and continue to explore innovative solutions to the challenges of cybersecurity.
open position
I am looking for a PhD Candidate (100% TVL-E13) working with me on Topics around Web and Data Security. Contact me via mail if you would like to work in our Team on practical IT security topics.
news
May 05, 2025 | I joined the University of Wuppertal. |
---|