2020-01-30: confidence 2020 CFP deadline is approaching fast

confidence 2020 logo

Just in case you were thinking about speaking at confidence 2020 in Krakow in May: the CFP is about to be over, so submit now (or ideally: yesterday). Confidence is one of the longest running Polish technical security conferences, and also one of the largest ones. I had the pleasure of speaking there a few times, and now I'm in the program committee for the last couple of years. It's a fun event, especially for networking with the Polish security scene.


What's in it for you? Preparing for a conference takes a lot of time and effort. To appreciate your effort they offer: — Free conference entry + discounts for your mates/coworkers — Cover of your travel expenses — Accommodation during the conference — Speaker dinners and other events — Sightseeing Cracow How to become a speaker? They will need your: — Name, surname, and e-mail of the speaker — Short biography* — Photo* — The topic of the presentation* — Short description of the topic (max. 500 words)* — Non-standard technical requirements (do you need any additional equipment for the lecture?) — Minimal level of knowledge required from the audience — Category of your talk (such as malware, phishing, etc.)

And just in case you reaaallyyy don't know what's this about, the conference organizers included this hilarious tutorial:

Photo of a conference room with 3 text balloons. The first one points to the large screen at the head of the room and says 'Your presentation here'. The second one points at the presenter and says 'You stay here', and the last one points to the crowd and says 'They are listening here'.

Read more... [ 0 comments ]

2020-02-02: MEGA sekurak hacking party 2020

Agenda wygląda wyśmienicie: https://sklep.sekurak.pl/event/view?id=2!

  • Kiedy: 16.03.2020
  • Gdzie: Kraków, centrum kongresowe ICE
  • Bilety: od 300 PLN dla osób prywatnych (early bird niestety już zeszły), od 500 PLN + VAT dla firm
  • EDIT: o, dostałem kupon na 15% zniżki: gyn-code-15
  • Prelekcje: 10, od 9:45 do ~18:30 (+-30 minut)

Miałem okazję być rok temu, i gorąco polecam!

Fotografia z MEGA sekurak hacking party 2019, widok zza pleców prelegentów na widownie; sala przypomina wyglądem salę operową lub teatralną, z miejscami w centrum sali, na balkonach po bokach, oraz na balkonach piętro wyżej na całym obwodzie sali. Na fotografii widać ponad tysiąc widzów.

Czytaj dalej... [ 0 komentarzy ]

Five newest or recently updated notes (these are unfinished posts, code snippets, links or commands I find useful but always forget, and other notes that just don't fit on the blog):

Click here for a list of all notes.

EN Security papers and research notes

Some conference slides are linked at the bottom of this page.

EN Selected vulnerabilities

The full list of vulnerabilities discovered by me (including collaborative work) can be found here (please note that the list might be out of date).

The Google Application Security / Research site might also contain some of my findings.

EN Coding (selected posts)
EN Tools and libraries
  • PiXieServ is a simplified PXE (network boot) server for Windows and Linux-based OS, created for testing of very small home-made OS. See also the post about it.
  • ExcpHook, a system-wide exception monitor for Windows XP 32-bit. Useful if you're fuzzing something that doesn't like having a debugger attached.
  • Ent is an entropy measuring tool for reverse engineering reconnaissance (see also a post explaining how to use it).
  • HiperDrop is a simple command line process memory dumper for Windows, with a few different work modes.
  • asmloader - this little app executes headerless machine code (compiled assembly code). It's meant to be an aid in learning/teaching and playing with assembly, as well as the right tool when you just need to execute some machine code.
  • NetSock is a simple socket/networking lib/wrapper for C++ I've wrote back in 2003 and update from time to time - I use it for most of my network-enabled projects.
PL Videotutoriale i podcasty [ 0 views | 0 videos | 0 subscribers ]

Subscribe to me on YouTube W wolnym czasie prowadzę videocasty na żywo o programowaniu, reverse engineeringu oraz hackingu/security:

Livestream | Kanał na YT | Archiwum starszych odcinków

Najnowszy odcinek: Gynvael's Livestream #75: Implementujemy serwer FTP
[ 0 thumbs up | 0 comments | 0 views ]

Dodatkowo: ReverseCraft - starsza seria podcastów o reverse engineeringu i assembly.

PL Edukacyjnie (wybrane posty)

Dla programistów:

Security / hacking:

  • Hacking - jak uczyć się security/hackingu i spać spokojnie.

Dodatkowo, kilka przemyśleń na temat odnajdywania się na rynku pracy w IT:

PL Programowanie (wybrane posty)

← trochę więcej postów jest po angielskojęzycznej stronie.

PL Gamedev i GFX (wybrane posty)

Grafika generowana proceduralnie:

【 design & art by Xa / Gynvael Coldwind 】 【 logo font (birdman regular) by utopiafonts / Dale Harris 】