German
link to LinkedIn profile link to Youtube channel link to uTest profile (login required)
photo

Martin Fürholz

IT-Security Professional

Rostock, Germany

Information Technology & Services

IT-Security expert, Leading Penetration Tester, and Trainer with over a decade of experience in the field of software testing and penetration testing. Proven ability in the detection and resolution of security vulnerabilities, experience in leading security testing teams, and a track record of contributions to open-source tools and resources.

Work Experience:

Security Expert, Leading Security Tester, DRM Expert, Trainer at uTest (current, Freelancer)

Web and Desktop Application Developer (2000-present)

Technical Skills & Proficiencies:

Extensive IT skills and mastery of various tools in IT and IT-Security, including web, mobile, IoT, desktop, and DRM security.

Web and Desktop Application Development experience in C#/C++.

Native German speaker

Fluent in English

European Type B Driver's License (own vehicle available)

ABOUT ME

Personal Details

NAME:

Martin Fürholz

Residence:

Rostock, Germany (since 2012)

Born:

July 18, 1980 in Vienna, Austria

Occupation:

IT Security Expert, Leading Penetration Tester,
Professional Trainer for Software Testing and Penetration Testing

Driver's License:

European Type B, (own vehicle available)

IT Skills

check

Over 9 years of experience as an IT security and penetration testing expert

check

Exclusive Test Team Lead of the security testing team at uTest since 2018

check

Over 1300 reported vulnerabilities at uTest

check

Created full courses in API testing and security testing for the uTest Academy

check

Proficient in programming languages such as C/C++/Java/Python

check

Experienced in using security tools such as nmap, Kali Linux, Burp Suite, OWASP ZAP, Wolfram language, and regular expressions

Interests and Hobbies

Sport:

Wakeboarding, trail running

Music:

Singing, playing piano, drums, bass guitar, and music production with established international musicians such as the London Community Gospel Choir and Joni Fuller

Video Production:

Working on a new YouTube channel about penetration testing

Photography:

Attended a photography school for a full year in 1999/2000

Short Biography

Martin Fürholz is a professional IT security and penetration testing expert with a wealth of experience. He has been the Test Team Lead of the security testing team at uTest since 2018, where he has contributed to the uTest Academy by creating full courses in API testing and security testing. He has a proven track record with over 1300 reported vulnerabilities at uTest and is highly skilled in programming languages such as C/C++/Java/Python, as well as security tools such as nmap, Kali Linux, Burp Suite, OWASP ZAP, Wolfram language, and regular expressions. In addition, Martin is a professional trainer and coach, having provided training sessions and workshops to employees, security testers, and other interested parties. He is also an accomplished singer, musician, and photographer. In his free time, Martin is passionate about wakeboarding, trail running, and video production, and is currently working on a new YouTube channel about penetration testing.

Continuing Education

Bachelor's in Digital Business (English) at IU International University of Applied Sciences, starting August 2024

Offensive Security Certification (WEB-200 course), exam scheduled for fall 2024

NOTABLE ACCOMPLISHMENTS & PROJECTS

from

2022

TO

Present

(2 Years)

Artificial Intelligence

GoingLLM: The AI Researcher Revolutionizing Web Research

Introducing GoingLLM, my latest project, a fully-automated AI researcher chatbot designed to make web research more efficient and accessible. The goal of GoingLLM is to enable ChatGPT to perform intelligent Google searches and web crawls using the Google Custom Search API (and others) to solve complex tasks. The ultimate vision is to create a tool that can handle high- level questions that other web-enhanced GPT-tools, like Bing Chat or Google Bard, can't solve due to their limitations.

Since the release of ChatGPT, I've been studying and working on GoingLLM for months. The project is available on GitHub (https://github.com/MartinRJ/GoingLLM), and now also as "GPT" (ChatGPT plugin).

Leveraging the latest advancements in AI, GPT-4, web APIs, and direct web crawls, GoingLLM delivers fast and accurate research results. With GoingLLM, users can easily access the information they need, transforming the way they approach research and problem-solving. This innovative project demonstrates my commitment to pushing the boundaries of AI and my passion for developing cutting-edge technology solutions.

I have also been significantly involved in the planning and development of an AI Red-Teaming practice since 2024.

GoingLLM as ChatGPT plugin ('GPT')

from

2018

TO

Present

(6 Years)

Leadership Security Testing

Leadership in Security Testing: uTest Team Lead since 2018 (Freelancer)

As a Test Team Lead of the security testing team at uTest, I have been instrumental in leading and managing the testing process for multiple applications per week, including web applications, mobile apps, IoT devices, and desktop apps. I have been in this position since 2018 and have been the second-most active penetration tester in our team.

In this role, I have contributed to providing repeated free security training to employees, security testers and other interested parties from the community in up to 6-hour training sessions and workshops. I have also contributed to the uTest Academy by creating full courses for uTesters in the areas of API testing and security testing.

As a leading penetration tester, I have over 1300 reported vulnerabilities at uTest since I joined the security testing team in 2016. I have worked my way up to the Test Team Lead position and have been in this role since 2018.

In summary, my leadership experience in security testing has enabled me to bring value to the team by providing security training, contributing to the uTest Academy, and leading the testing process while also demonstrating my expertise in penetration testing.

from

2018

TO

Present

(6 Years)

Expertise in Penetration Testing

Expertise in Penetration Testing: Experience and Accomplishments

Introduction

I am a highly experienced IT-Security Expert and Leading Penetration Tester. I have been working in the field of penetration testing since 2016 and held the position of Test Team Lead at uTest in both the functional testing and security testing divisions since 2018.

Career at uTest

As a security tester at uTest, I have reported over 1300 vulnerabilities and played a significant role in security training for uTesters and contributing to the uTest Academy. I have also provided tutorials, technical articles, and other resources to the uTest community.

Accomplishments

As a penetration tester, I have a proven track record of testing various types of applications and my position as the Test Team Lead at uTest is a testament to my expertise. I hold the certificate 'CompTIA Pentest+ Ethical Hacker' and have successfully demonstrated my skills in finding security vulnerabilities.

Open-Source Contributions

I have made substantial contributions to open-source security tools such as MobSF and have also been involved in creating free guides, tutorials, and courses in the field of IT security. Additionally, I have contributed to several security and IT websites, such as Security Stack Exchange, showcasing my passion for sharing my knowledge and experience with others. With a decade of community involvement, I have made several contributions to different open-source projects, including contributions to several Second Life viewers, creation of free Firefox browser add-ons, and annual one-day courses for computer science students at the University of Rostock.

Teacher and Trainer for Penetration Testing: Experience and Accomplishments at Alfatraining GmbH

Between 2021-2022, I had the opportunity to share my expertise in penetration testing and software testing as a full-time teacher and trainer at Alfatraining GmbH for over a year. During my time there, I taught 4-week long courses aimed at IT managers, covering everything from the basics of managing penetration tests, HTTP basics, to highly technical subjects such as working with nmap. The course culminated in a CompTIA Pentest+ CE exam and a 1-day Alfatraining exam, where participants had to complete a web application penetration test. The participants in my courses were diverse, ranging from police officers, IT managers, network administrators, and more, all with varying levels of experience in the field.

As a teacher, I was dedicated to ensuring that my participants received a well-rounded education in the field of penetration testing, and I am proud to have contributed to the professional development of many IT professionals during my time at Alfatraining GmbH.

I am confident that my expertise, experience, and accomplishments in the field of penetration testing, as well as my passion for sharing my knowledge and experience, make me an excellent candidate for any role requiring advanced skills in this area.

General Testing Statistics Security Testing Rating

from

2015

TO

Present

(9 Years)

Career at uTest

Career at uTest: Progress and Accomplishments

As a seasoned professional with over 25 years of experience in IT and IT security, I have made a name for myself in the industry as a leading security tester and trainer. I joined uTest in 2014 as a gig-based tester, and the security testing team in 2016 and quickly worked my way up to the position of Test Team Lead, a role I have held since 2018.

In my role as the exclusive Test Team Lead of the security testing team at uTest, I lead a team of highly skilled professionals in testing multiple applications each week, including web applications, mobile apps, IoT devices, desktop apps, and more. Our focus is to ensure that these applications are secure and free of vulnerabilities that could put the end-user at risk.

With over 1300 reported vulnerabilities under my belt since joining the security testing team at uTest, I am a true expert in penetration testing. I have honed my skills through repeated free security training sessions and workshops for uTesters, employees, and other members of the uTest community. My training sessions range from introductory topics such as HTTP basics and API testing, to more advanced topics such as working with nmap and Metasploit.

In addition to my role as a security tester and trainer, I have also made valuable contributions to the uTest Academy. I have created full courses for uTesters in the areas of API testing and security testing, providing them with the knowledge and skills they need to excel in their careers.

My expertise extends far beyond security testing, as I am also highly skilled in a wide range of IT-related fields, including operating systems, programming languages, web and desktop app development, and mobile app development. I am a certified CompTIA Pentest+ Ethical Hacker and ISTQB CTFL Software tester, and I hold a certificate in ECDL Advanced Expert.

In conclusion, my career at uTest has been marked by continuous progress and numerous accomplishments. I have established myself as a leading security tester and trainer, and I have made valuable contributions to the uTest community and the IT industry as a whole.

from

2010

TO

Present

(14 Years)

Open-Source Contributions

Open-Source Contributions: A Decade of Community Involvement

Overview

As an experienced IT-Security Expert and leading penetration tester, I have been actively involved in the open-source community for over a decade. Throughout my career, I have made various contributions to the community, ranging from security tool development to the creation of free educational resources. My dedication to open-source projects reflects my commitment to the community and my passion for security and technology.

The contributions

2021 - Today: Informatik-Fachschaft Rostock - I have been offering annual one-day courses for computer science students of the University of Rostock as part of the project week organized by the Fachschaft Informatik since 2021.

2018 - Today: Open-source contributions to security tools like MobSF - I am an active contributor to security tools like MobSF and have made numerous contributions to the project.

As the Test Team Lead at uTest: I have a leadership role in security testing, including responsibilities as the Test Team Lead of the security testing team at uTest. In this role, I provide free security training sessions and workshops to employees and other interested parties in the community. I also contribute to the uTest Academy, creating full courses in the areas of API testing and security testing

2017 - 2018: Free Firefox browser addons - I developed several free Firefox browser addons, designed to make browsing, viewing, searching, and collecting images from art websites easier.

2010 - 2015: Contributions to several Second Life viewers - I contributed to several viewers of the popular virtual world, Second Life, and served as a volunteer and moderator in the official JIRA bugtracker

2016 - Today: Free guides, tutorials, and courses - I have created and contributed to a significant number of free guides, tutorials, and courses on security and IT topics. I have also contributed to several security and IT websites, such as Security Stack Exchange.

from

2018

TO

Present

(6 Years)

Programming Background and Experience

Programming Background and Experience: From Education to Career

I am a highly skilled and experienced IT-Security Expert and leading Penetration Tester with a strong background in programming and software development. My education and career in the field of programming have led me to my current position as a security expert and leading security tester. I have extensive experience in web development, desktop app development, and mobile app development and have mastered programming languages such as C#, C++, Java, and functional programming.

Throughout my career, I have demonstrated my expertise and achieved notable accomplishments in the field of programming. I have served as a trainer and coach, providing security training and workshops to employees, security testers, and other interested parties in the community. I have also contributed to the uTest Academy, creating full courses for uTesters in the areas of API testing and security testing

In my role as the Test Team Lead of the security testing team at uTest since 2018, I have provided technical articles, tutorials, and other resources available for free to the uTest community. I have also been the second-most active penetration tester in our team, with over 1300 reported vulnerabilities, and have tested multiple applications per week on average.

I am also an active member of the open-source community, having made contributions to security tools like MobSF and creating free guides, tutorials, and courses for security and IT websites such as Security Stack Exchange. I have also provided annual one-day courses for computer science students of the University of Rostock as part of the project week organized by the Fachschaft Informatik since 2021.

In conclusion, my extensive experience and expertise in programming, software development, and IT-Security have made me a valuable asset in the field. My achievements and contributions to the industry have established me as a leading figure in the community, and I am confident in my ability to continue making significant contributions to the field.