QR Code Generator
Ongoing
QR Codes are fascinating because they are so simple yet so powerful and used everywhere. The largest versions can already store almost up to 3kB of data! I started this project to understand how QR codes are built, and I'm learning how encoding formats like UTF-8 and QR error correction levels are implemented. I try to write modular code that I can afterwards extend to support different styling options (color, size, embedded logo).
Trusted Execution Environments (TEEs)
Fall 2025 @ETHZ
TEEs are essential for confidential computing by establishing a trusted relation with the hardware. We investigated the design and security of TEEs. We leveraged Page Fault side-channel attacks to leak sensitive computation data of Intel SGX enclaves. Moreover, we exploited a mock GPU in the form of a TEE to not only leak data but also maliciously modify the output, highlighting the importance of robust TEE implementation.
Firewall
Fall 2025 @ETHZ
In the Network Security class, I built a (low-performance) Python-based firewall. This project incorporated modern defense mechanisms such as rate limiting, port scan detection, and stateful handling of malicious (bogus) UDP/TCP packets. Crucially, I also integrated Network Address Translation (NAT) and utilized blacklists. Implementing a firewall system highlighted the critical tension between efficient, high-performance security enforcement and the necessity of minimizing false positives.
Attacks on Machine Learning Models
Fall 2025 @ETHZ
Another fun project in the Information Security Lab revolved around Machine Learning Models. We implemented Adversarial Examples in pytorch, where you can trick a model to output a wrong classification by perturbing the input in a way that is not visible by the eye but has an effect on the model. We also studied Membership Inference Attacks to determine whether a model was trained on a certain input.
Privilege Escalation on Linux
Fall 2025 @ETHZ
This project focused on exploiting binaries in Linux systems to gain unauthorized access and elevate privileges. In the Information Security Lab, we studyied different techniques to exploit vulnerable SUID/SGID binaries. The goal was to deeply understand system security weaknesses from an attacker's perspective and learn how to defend against these attack vectors.
Formal Verification with Tamarin
Fall 2025 @ETHZ
Tamarin is a powerful tool used to formally verify security protocols, giving mathematical assurance that they are secure. In the Information Security Lab, I modelled and analyzed cryptographic protocols to prove properties like authentication, agreement and secrecy. I learned that protocols that seem logically secure may not always be in the presence of a Dolev-Yao network adversary.
SCION
Fall 2025 @ETHZ
SCION is a future Internet architecture designed to be secure, available, and robust by design, addressing major security issues of the current BGP-based Internet. In the Network Security class, I explored its fundamental concepts, such as path-aware networking, control-plane isolation, and trust root delegation. The project involved setting up a SCION environment in Go and communicating over its channels.
Passkey Implementation
Summer 2025
The future of secure authentication are Passkeys. In a group of two, we implemented WebAuthn to replace traditional passwords with cryptographic keys stored securely on the device. Our main motivation was to understand how underlying algorithms like FIDO2, public-private key cryptography, and attestation work. This project granted us a much deeper understanding of user identity and zero-trust security models. For reference, we also added normal username & password logins as well as 2FA!
Get-Together
Spring 2024 @UZH
Get-Together is a web app for trip planning. This group project of 5 students at UZH was created in need of a trip planning web app where friends can plan trips together. It is possible to choose public transport connections with the help of the transport open data API, organize tasks and decide who is responsible for bringing what. The platform has many interactive features and is quite fun to use! Unfortunately, we are only rarely hosting the platform and it is turned off most of the time. If you're lucky, you can still find it linked below.
Personal Website
Since 2023
In 2023, I created this website you're currently on. I thought to myself that I wanted to learn something new and showcase my capabilities to the world. Thus, I began coding, without knowing HTML, CSS, or JavaScript, and arrived at the current static website you're seeing. The process was sometimes hard but mostly fun, since I directly saw the results of my work. I really hope you like the contents and the design. If you happen to have any feedback, I would be glad to hear it!
Shopping List
Fall 2023
Sure, you can always just use the built-in notes app or a piece of paper to make your grocery lists. However, I have a better alternative, which I often use because I like its UI. I built all the front-end functionality using vanilla JavaScript and I added database support and login functionality with firebase. Though basic, this project taught me a lot about web development and gave me my first sense of how user interaction shapes design decisions.
