MaximilianRichter

Software Developer · Security Engineer · Endurance Athlete

Build. Break.Secure. Race.

I build security tools that protect AI systems — at Bosch, in production. I also train 15+ hours a week for Ironman and a sub-3 marathon. Same obsession, different arenas.

// Security

Next.js · Python · Supabase
AI-powered security frameworks

// Endurance

Ironman 70.3 · Marathon · Table Tennis
Same discipline — different field

0

Production Tools

0

Years @ Bosch

AI Sec

Specialization

70.3

Ironman

sub 3h

Marathon Goal

0

Hrs/Week Training

Next Race

Ironman 70.3 Kraichgau--d --h --m --s

Achievement Unlocked

🏆0

Achievements 0/7

// Projects

What I build.

AEGISLive

Security Framework

Framework that evaluates how vulnerable AI agents are to prompt injection, data exfiltration, and unauthorized actions. Built from scratch at Bosch.

→ Tested 5+ agent architectures, uncovered critical vulnerability classes before deployment

PythonOpenAI APIAI Security

Attack Surface ScannerLive

CLI Tool

Automated reconnaissance tool that maps a target's external attack surface — DNS records, open ports, subdomains, security headers — in one command.

→ Full scan in <30s · Open source · Live demo below

PythonCLIOffensive Sec

SMB Security ToolIn Dev

Security Product

Making enterprise-grade security accessible to companies with 10–200 employees. One-click setup, automated scanning, reports a non-technical CEO can understand.

→ Addressing a $50B+ underserved market segment

Next.jsTailwindPython

VendorQBeta

B2B SaaS

AI reads your existing security docs and auto-generates answers for vendor questionnaires. Turns a 2-week process into a 2-hour review.

→ ~70% faster response time · Currently in beta with early users

Next.jsTypeScriptSupabase

// Races

What I race.

Ironman 70.3 Kraichgau

May 31, 2026

1.9 km

Swim

90 km

Bike

21.1 km

Run

≤5:00

Target

Berlin Marathon

September 27, 2026

42.195 km

Distance

≤3:00:00

Target

4:16

Min/km

WR Course

Course

Table Tennis

Ongoing · Landesliga 2025/26

1740

Current

1800

Target

// Live Demo

Try it yourself.

attack-surface-scanner — bash

Attack Surface Scanner v2.0 — Live Demo

This scanner performs real DNS lookups and security header analysis.

Type 'scan richtermax.com' to try it, or 'help' for all commands.

scanner $

Simplified demo version — real DNS via Google DoH, real security headers via HTTP fetch.
The full Attack Surface Scanner includes port scanning, subdomain enumeration, and more.

The best security systems are built by people who know how to break them — and have the endurance to keep going.

— My operating principle

// Writing

Thoughts & insights.

Building AEGIS: Why AI Agents Need Security Frameworks

AI agents can browse the web, execute code, and access databases. But who's testing whether they can be manipulated into doing it wrong? I built AEGIS to find out.

Featured8 min read

Training for Ironman While Working Full-Time at Bosch

How I fit 15+ hours of swim/bike/run into weeks already packed with a full-time dev job and 4 side projects.

From Apprentice to ???: My Career Roadmap

No CS degree (yet). Started as an apprentice. Here's the plan to get to Big Tech — or build something bigger.

The Endurance Roadmap: What's Next After 70.3

Full Ironman, 100km ultra, Backyard Ultra — the next chapter.

Two Weeks in Shenzhen: The Exchange That Changed My Perspective

Drone license, table tennis with locals, and the most intense cultural experience of my life.

Why I Set Extreme Goals at 21

Most people my age are figuring out what to do. I decided to do everything at once — and document why.

// Timeline

The Route.

JAN

Career

Application Developer Degree

Three years building production software at a Fortune 500 company. No university — learned by shipping real code.

MAY

Race Day

Ironman 70.3 Kraichgau

First Ironman finish. 1.9km swim, 90km bike, 21.1km run. Target: sub 5:00.

FEB–SEP

Career

Full-Time IT Specialist at Bosch

Building AEGIS, VendorQ, Attack Surface Scanner, and SMB Security Tool. Four production tools in parallel with a full-time job.

SEP

Race Day

Berlin Marathon

Sub-3 on the fastest course in the world. 4:16/km for 42.195 kilometers.

OCT

Career

Dual-Degree CS Start

Adding the theory to the practice. CS with Cybersecurity focus — while still working and training.

DEC

Athletic

Build Phase for 2027

Base building for the next season. Full Ironman 140.6 and 100km ultra run on the horizon.

2029+

Both Worlds

What's next

Security engineering at a company where the work matters — or building my own security product. Either way, I'll be ready.

The route continues

// Stack

What I work with.

stack --list-all

$ cat languages.conf

✓TypeScript · Python

$ cat frameworks.conf

✓Next.js · Tailwind · Supabase · OpenAI API

$ cat security.conf

✓Nmap · Burp Suite

$ cat infra.conf

✓Docker · Git · Linux · Vercel

→ 12 tools loaded. All systems operational.

// Training Data

Weekly volume.

Running0

Intervals, tempo, long runs

Cycling0

Trainer + outdoor rides

Swimming0

Technique + endurance

Table Tennis0

Landesliga matches + drills

Strength0

Full body + core stability

Total weekly volume

15-20hrs

// Contact

Get in touch.

~/contact $

Let's connect

Available for opportunities, collaborations, and conversations

Name

Email

Message

Or find me on

GitHub LinkedIn Strava

 ███╗   ███╗ █████╗ ██╗  ██╗
 ████╗ ████║██╔══██╗╚██╗██╔╝
 ██╔████╔██║███████║ ╚███╔╝
 ██║╚██╔╝██║██╔══██║ ██╔██╗
 ██║ ╚═╝ ██║██║  ██║██╔╝ ██╗
 ╚═╝     ╚═╝╚═╝  ╚═╝╚═╝  ╚═╝

You found the easter egg.

If you're a recruiter reading this —
you're exactly who I want to work with.

loading...

click anywhere to close