Bernhard Mueller, Chief Hacking Officer
Two decades of breaking things for a living — from bricking Nokias via MMS, to teaching machines to find zero-days, with a Pwnie Award along the way.
Vulnerability research across enterprise software, embedded systems, and mobile platforms. 20 published advisories covering Flash, SQL Server, Nokia firmware, WAFs, and more.
Demonstrated that classic vulnerability analysis and exploitation techniques are feasible on Symbian OS smartphones, despite OS obscurity and lack of tooling. Showed how to find low-level vulns in Nokia phones exploitable via MMS.
A technique to make DNS cache poisoning more reliable. SEC Consult was among the first to write a working "fast cache poisoning" exploit after Dan Kaminsky's coordinated multi-vendor disclosure.
Created the OWASP Mobile Application Security Testing Guide and Verification Standard — now the industry-standard references for mobile app security, used by enterprises and regulators worldwide.
The definitive guide for mobile app security testing and reverse engineering. 703 pages, 24,600+ readers. OWASP Flagship project. Co-authored with Sven Schleier, Jeroen Willemsen, Carlos Holguera. The Reverse Engineering and Tampering chapter was primarily written by Bernhard.
Industry standard defining security requirements for mobile applications. Adopted by enterprises and regulators worldwide.
Research demonstrating attacks against mobile 2FA/OTP tokens — from classical reverse engineering to custom kernel sandboxes and full-system emulation. Included PoC exploits for tokens from major banking vendors.
Reference implementations for detecting the Frida dynamic instrumentation framework on Android. Foundational for OWASP MASTG anti-tampering content.
Framework for measuring and evaluating code obfuscation effectiveness. Directly related to the MASTG Reverse Engineering chapter.
Built Mythril, the first widely-used open-source symbolic execution engine for Ethereum smart contracts. Spoke at DEF CON 27 and HITB Amsterdam. Nominated for a Pwnie Award.
Pioneering open-source security analysis tool for EVM bytecode. Uses symbolic execution, SMT solving, and taint analysis to find vulnerabilities in Ethereum smart contracts. Called "the nmap of Ethereum."
Research paper and talk on symbolic-execution-based analysis of EVM smart contracts. Introduced Mythril's symbolic analysis approach and the LASER symbolic execution engine.
Talk on the adversarial landscape on Ethereum — exploits, counter-exploits, and honeypots. Demonstrated the Scrooge McEtherface auto-exploitation bot live on stage.
Ethereum auto-looter using symbolic execution and Z3 solver to automatically extract ETH from vulnerable contracts.
SolFuzz (32 stars): Hybrid fuzzer with symbolic analysis. DeFi Hacking Playground (32 stars): Flash loan attack lab. Rektosaurus (51 stars): NFT metadata XSS testing. Storm (39 stars): EVM node stress-testing/fuzzing.
Building AI agents that find security vulnerabilities autonomously. From viral early agent experiments to production-grade security auditors with published research.
Language-agnostic AI code security auditor that builds adaptive knowledge graphs for deep iterative reasoning. Two-model architecture (junior agent + senior guidance). On ScaBench: 31.2% micro recall vs 8.3% baseline.
Benchmarking framework for evaluating AI smart contract audit agents against real-world vulnerability datasets.
Minimal autonomous AI agent based on OpenAI API. Went viral during the 2023 AI agent wave — one of the simplest yet most capable early agent frameworks. Demonstrated that a competent autonomous agent could be built in a few hundred lines of Python.
Experiment in AI self-replication — a GPT-based agent that can spawn copies of itself.
AI-assisted web3 bug bounty hunting assistant. Tracks live bounties and deploys autonomous agents to find vulnerabilities.
Solving the ancient board game Mancala using deep Q-learning. Includes OpenAI Gym environment, agent vs. agent self-play, and PyGame UI.
Polyphonic, multi-instrument music transformer trained on 3,604 metal/grunge/punk MIDI songs. Custom tokenizer, 200 hours on 4x Nvidia T4 GPUs. Generates original metal, industrial, punk, and electronic tracks.
Technical deep-dives, malware analysis, and occasional satire.
Because why stop at breaking software when you can try to reverse-engineer reality itself? Observer Patch Holography (OPH) is a candidate theory of everything that unifies quantum mechanics and general relativity from first principles.
Observer Patch Holography (OPH) is a theory of everything that unifies quantum mechanics, general relativity, and the Standard Model from four information-theoretic axioms. OPH derives Lorentz invariance, Einstein's field equations, quantum entanglement, gauge symmetry (U(1) × SU(2) × SU(3)), and the holographic principle as necessary consequences — not assumptions. The framework resolves the black hole information paradox, explains dark energy as an observer-patch boundary effect, and predicts novel signatures testable with current technology. Published as the preprint "Observer Patch Holography" and the book "Reverse Engineering Reality."
Open-source interactive tutorials for complex topics, built to make hard things intuitive.
Interactive, step-by-step tutorial for understanding STARK proofs intuitively. Build traces, constraints, and FRI from scratch.
Curated learning path for zero-knowledge proofs. Three parallel tracks: SNARKs, STARKs, and Bulletproofs.
Curated learning path for AI security. Adversarial attacks, prompt injection, and AI-powered pentesting.