Niklas Heringer
Niklas Heringer
Cybersecurity & Math.
⌘K
Subscribe Sign in
Niklas Heringer

About Me

Portfolio, resume, journey

I am currently pursuing a B.Sc. in Cyber Security at the University of Applied Sciences Mannheim, with a strong interest in cryptography, building secure Open-Source-Software, aswell as learning everything i can about offensive security in general.

After developing BASF’s internal platform for quantitative risk management from the ground up, I have now transitioned to penetration testing at ERNW in Heidelberg.

My current focus is on building a solid technical foundation through systematic training and real pentests.

Experience

ERNW - Penetration Tester

Sep 2025 - present, Heidelberg

  • Developing own project in security hardening & hardening automation
  • Focus on Web Security Academy, with the goal of becoming Burp Suite Certified Practitioner
  • Regularly partaking in penetration tests

BASF - Lead Architect, Cyber Security Risk Intelligence Platform

Jan 2023 - Aug 2025, Ludwigshafen

  • Led the architecture and implementation of BASF’s internal quantitative cyber risk platform
  • Designed modular metric systems, cost-benefit models, and ML-powered automation pipelines
  • Initiated platform use as a potential testbed for post-quantum cryptographic evaluations (e.g. NIST PQC candidates)
  • Delivered scalable internal tooling and infrastructure across global teams (China, Singapore, Spain, US)
  • Drove secure software design decisions and supported engineers across cybersecurity and development units

ITK Engineering - Software Engineering working student

Jan 2022 - Dec 2022, Rülzheim

  • Developed internal software as part of an international team
  • Gathered experience with larger enterprise codebases, working in SCRUM and Secure Coding

Freelance - Developer & IT-Support

Jan 2019 - Dec 2021, Ludwigshafen

Built websites, small-scale software, maintained IT infrastructure

Examples (besides this pretty blog):

Education

Cyber Security B.Sc.

2023 - present, Mannheim University of Applied Sciences

Mathematics B.Sc.

2022 - 2023, Karlsruhe Institute of Technology

Before that, i graduated my Abitur in Ludwigshafen with a GPA of 1.1 and four distinctions.

Focus

Lots of what i do and learn i document here on this website.
I love cryptography, CTF challenges, i love to automate in a considered manner. And yes, that's a talking point we got to have about AI haha.
I love AI for some of it's use cases (and i hate it for others), one of the former is how you can save time creating a tool while still clearly grasping what's going on. I try to find myself as a considered AI user here, which can be very frustrating when you see people stomping out 5 pull requests on a random Tuesday, yet my focus is the learning, not really the resulting tool. And yep, for that you got to understand a problem and try to solve it, before you consider asking Claude to help you.

I've said enough, let's go over some of my recent projects and cool events.

Black Hat Europe 2025 - London

Black Hat was my first big security conference.. i loved it! Got to meet awesome people and learned a great deal from many talks that hooked my adhd-ridden mind for hours (not that easy tbh).

„CAPTURE THE FLAG“ Hacking Challenge 2025

My colleague and i managed to land second place, you can read more on that exciting adventure in the respective blog post.

CERN Whitehat Challenge

Mar - Jun 2025

Certified participant in CERN’s real-world penetration test program.
  • Selected for the CERN Whitehat Challenge, conducting security assessments under strict ethical guidelines
  • Developed Cherry Picker, a reconnaissance tool leveraging entropy filtering, TTL clustering, and cloud targeting - the idea's still in it's infant shoes because i can't find the time to complete it
  • Focused on web enumeration & OSINT

Forensic Log Tracker - Open-Source Tool

Modular logging framework for digital forensic casework.

  • Developed a CLI tool for documenting and verifying forensic investigations
  • Implements cryptographic GPG signing and hash verification
  • Provides legally consistent documentation in German legal language
  • Used in university-level forensic training at Hochschule Mannheim
  • Supports Markdown reporting, dry-run documentation, and structured evidence tracking

GitHub: Forensic Log Tracker