2018-02-05: PWNing 2018: Looking for sponsors

I realize that it's quite a long shot posting this request on the English side of my blog, but it may be worth a try, so here it goes :)

Security PWNing is a Polish commercial (i.e. you need to buy a ticket) conference I help co-organize, i.e. I'm responsible for selecting speakers, CFP, etc; most of the conference work itself is done by folks from the Polish Scientific Publishers PWN. There have been two successful editions so far, one in 2016 and one in 2017, and both had over 300 participants attendees. The conference itself is mostly in Polish, with simultaneous translation to English available starting this year (that's why I said it's a "long shot" at the beginning), and it's purely technical with some additional security/privacy popular science talks.

Anyway, we're looking for sponsors (companies, individuals, we're not picky) that would be able to add some funds into the mix that could be used to help cover either the standard conference expenses, or some extras we would like for to happen (e.g. ranked open CTF with cool prizes, or electronic badges).

So if you know someone / could ask someone about it, and they would be interested, please direct them my way (gynvael@coldwind.pl) - thanks :)


Read more... [ 0 comments ]

2018-03-13: Livestream: 15.03 20:00 - Nieśmiertelność w grze Commando na C64

W najbliższy czwartek będzie całkiem ciekawy stream (moim zdaniem) zaproponowany przez dwie osoby z pewnej grupy Facebookowej* - dodawanie nieśmiertelności do gry Commando na 8-bitowy komputer Commodore 64. Dodam, że celem będzie uruchomienie gry z nieśmiertelnością na prawdziwym C64 - emulator też pójdzie w ruch oczywiście, ale ostatecznie jednak będę chciał przejść Commando nie wysilając się zbytnio na prawdziwym sprzęcie. Dodam, że gra jest na dyskietce 5.25", więc do całości dojdzie jeszcze pobawienie się starymi nośnikami.
* Uhm, szczerze, wymieniłbym z imienia, ale nie mogę znaleźć komentarzy z naszą dyskusją :(

Disclaimer: Nie miałem nigdy C64 (ale "grałem w C64" u kolegów ;>), więc stream będzie bardziej na zasadzie "skoro na x86 zrobiłbym tak tak i tak, to na MOS6510 też tam spróbuje".

Gdzie: https://www.youtube.com/watch?v=RzIZFmkmhFQ
Kiedy: Czwartek (15.03.2018) 20:00 CET

P.S. Przy okazji będzie to okazja do przetestowania mojego "setupu" do streamowania obrazu ze starych komputerów, tj. m.in. karty do przechwytywania HDMI.

Czytaj dalej... [ 1 komentarz ]

Five newest or recently updated notes (these are unfinished posts, code snippets, links or commands I find useful but always forget, and other notes that just don't fit on the blog):

Click here for a list of all notes.

EN Security papers and research notes

Some conference slides are linked at the bottom of this page.

EN Selected vulnerabilities

The full list of vulnerabilities discovered by me (including collaborative work) can be found here (please note that the list might be out of date).

The Google Application Security / Research site might also contain some of my findings.

EN Coding (selected posts)
EN Tools and libraries
  • PiXieServ is a simplified PXE (network boot) server for Windows and Linux-based OS, created for testing of very small home-made OS. See also the post about it.
  • ExcpHook, a system-wide exception monitor for Windows XP 32-bit. Useful if you're fuzzing something that doesn't like having a debugger attached.
  • Ent is an entropy measuring tool for reverse engineering reconnaissance (see also a post explaining how to use it).
  • HiperDrop is a simple command line process memory dumper for Windows, with a few different work modes.
  • asmloader - this little app executes headerless machine code (compiled assembly code). It's meant to be an aid in learning/teaching and playing with assembly, as well as the right tool when you just need to execute some machine code.
  • NetSock is a simple socket/networking lib/wrapper for C++ I've wrote back in 2003 and update from time to time - I use it for most of my network-enabled projects.
PL Videotutoriale i podcasty [ 0 views | 0 videos | 0 subscribers ]

Subscribe to me on YouTube W wolnym czasie prowadzę videocasty na żywo o programowaniu, reverse engineeringu oraz hackingu/security:

Livestream | Kanał na YT | Archiwum starszych odcinków

Najnowszy odcinek: Gynvael's Livestream #62: Nieśmiertelność w Commando
[ 2 thumbs up | 0 comments | 0 views ]

Dodatkowo: ReverseCraft - starsza seria podcastów o reverse engineeringu i assembly.

PL Edukacyjnie (wybrane posty)

Dla programistów:

Security / hacking:

  • Hacking - jak uczyć się security/hackingu i spać spokojnie.

Dodatkowo, kilka przemyśleń na temat odnajdywania się na rynku pracy w IT:

PL Programowanie (wybrane posty)

← trochę więcej postów jest po angielskojęzycznej stronie.

PL Gamedev i GFX (wybrane posty)

Grafika generowana proceduralnie:

【 design & art by Xa / Gynvael Coldwind 】 【 logo font (birdman regular) by utopiafonts / Dale Harris 】