Thomas Barabosch

Madrid, Community of Madrid, Spain
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Thomas Barabosch is a cybersecurity-focused engineer based in Madrid with over a decade of hands-on experience and 15+ years in the security domain. He specializes in binary and firmware analysis, contributing notable back-end and security work to projects like FACT_core and the cwe_checker tool that detect CWEs in ELF executables and integrate with IDA Pro. Comfortable from low-level machine code to tooling integration, he builds robust analysis plugins, JSON pipelines, and automated acceptance tests to surface hard-to-find vulnerabilities. His work demonstrates a pragmatic blend of research and productionization—refactoring legacy code, adding targeted partial analyses, and fixing Docker and parsing edge cases to make tools reliable in CI. Educated at the University of Bonn, he brings a systems-minded approach and a passion for things that compile down to machine code.
code10 years of coding experience
bookThe University of Bonn
languagesGerman, Spanish, English
stackoverflow-logo

Stackoverflow

Stats
1reputation
0reached
0answers
0questions
github-logo-circle

Github Skills (16)

program-analysis10
json10
cwd10
code-analysis10
docker10
scanning10
python10
security-scan10
dockers10
vulnerability-scanners10
static-analyzer10
security-scanner10
security10
test-automation9
firmware9

Programming languages (7)

DockerfileCRustJavaScriptHTMLPythonEmacs Lisp

Github contributions (5)

github-logo-circle
fkie-cad/cwe_checker

Oct 2018 - Sep 2019

cwe_checker finds vulnerable patterns in binary executables
Role in this project:
userSecurity Engineer
Contributions:1 release, 56 commits, 33 PRs in 11 months
Contributions summary:Thomas primarily contributed to enhancing the `cwe_checker` tool, which analyzes binary executables for security vulnerabilities. Their work involved refactoring the codebase, creating a module for JSON-related functions, implementing a partial analysis feature to run specific CWE checks, and adding acceptance tests for various CWEs, including CWE215, CWE243, and CWE476. Additionally, the user expanded the tool's capabilities by introducing support for new CWE checks, such as CWE560, and improving the cwe_checker_to_ida tool for integration with IDA Pro.
static-analyzervulnerableghidrabinary-analysiscwe
fkie-cad/FACT_core

Dec 2017 - Sep 2019

Firmware Analysis and Comparison Tool
Role in this project:
userBack-end Developer & Security Engineer
Contributions:38 commits, 16 PRs, 14 pushes in 1 year 10 months
Contributions summary:Thomas primarily contributed to the `cwe_checker` plugin within the repository. Their work involved implementing and refining the plugin, which analyzes ELF executables for Common Weakness Enumeration (CWE) vulnerabilities, demonstrating a focus on security. The commits show the user updating the plugin to parse the output in JSON format, addressing Docker-related issues, and fixing parsing errors. The user also contributed to the `input_vectors` plugin demonstrating experience in code analysis and vulnerability assessment.
security-automationfirmwaresecuritycomparisonfirmware-tools
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Thomas Barabosch