About Gynvael Coldwind
An enthusiast programmer with a passion for computer security and low-level aspects of IT. Coldwind authored the bestselling book "Zrozumieć Programowanie" ("To Understand Programming"), co-authored the "Praktyczna Inżynieria Wsteczna" ("Reverse Engineering in Practice"), the "Wprowadzenie do Bezpieczeństwa IT" ("Introduction to IT Security"), as well as numerous articles, publications, podcasts and lectures devoted to mentioned topics. In 2013, he was awarded a Pwnie Award (together with Mateusz Jurczyk) in the "Most Innovative Research" category in the field of computer security. Coldwind is the co-founder and former captain of Dragon Sector – historically one of the best competitive security CTF teams in the world. He's also the co-creator of Hackeler8 – an e-sport hacking competition and creator of Paged Out! – an experimental technical magazine. Coldwind also runs a small YouTube channel where he hosts live lectures on his favorite topics. He spent most of his 17-year professional career at Google's information security team, discovering hundreds of vulnerabilities in various software. Currently he's the Managing Director of HexArcana Cybersecurity GmbH.
Where I'm active
Twitter: @gynvael
Mastodon: https://infosec.exchange/@gynvael
Discord: Gynvael's Tech Chat
IRC: irc.gynvael.live (use /LIST to check our channels)
YouTube (EN) https://www.youtube.com/@GynvaelEN
YouTube (PL) https://www.youtube.com/@GynvaelColdwind
Contact
Discord: Gynvael's Tech Chat (preferred for small questions which require a fast reply)
E-mail: gynvael@coldwind.pl (preferred for large questions; reply might take a longer time - few days is the average)
Work
2023 – ...: HexArcana (managing director, security researcher)
2010 – 2023: Google (IT security engineer)
2007 – 2010: Hispasec (researcher, pentester, reverse engineer, programmer)
2005 – 2007: ArcaBit (programmer, reverse engineer)
By the way...
On 22nd Nov'24 we're running a webinar called "CVEs of SSH" – it's free, but requires sign up: https://hexarcana.ch/workshops/cves-of-ssh (Dan from HexArcana is the speaker).
Educational background
finished: Wroclaw University of Technology, Computer Science (INŻ) (diploma thesis "Virtual debugger-decompiler for malware-analysis purposes" (PL))
Papers, lectures, other activities
[NOT UPDATED FOR A VERY LONG TIME]
A list of found vulnerabilities is available in the Security Advisories section.
(Only part of the papers/slides are in English, other are in Polish)
(EN, 2013) CONFidence - Kraków: "Beyond MOV ADD XOR – the unusual and unexpected in x86" (with Mateuszem "j00ru" Jurczykiem)
(PL, 2013) SEConference 2013 - Kraków: CTFs, and Compos, and WarGames! Oh, my!
(PL, 2013) SEConference 2013 - Kraków: Dziesięć tysięcy pułapek: ZIP, RAR, etc. ("Ten Thousand Traps: ZIP, RAR, etc.")
(EN, 2013) Artykuł naukowy: "Identifying and Exploiting Windows Kernel Race Conditions via Memory Access Patterns" (with Mateuszem "j00ru" Jurczykiem)
(EN, 2013) SyScan 2013 - Singapore: "Bochspwn: Exploiting Kernel Race Conditions Found via Memory Access Patterns" (with Mateuszem "j00ru" Jurczykiem)
(PL, 2013) Programista 1/2013: "Diabeł tkwi w szczegółach: Hosting plików ("Devil in the details: File hosting")
(PL, 2012) Programista 4/2012: "Diabeł tkwi w szczegółach: C/C++ (część 2) ("Devil in the details: C/C++ (part 2)")
(PL, 2012) Programista 3/2012: "Diabeł tkwi w szczegółach: C/C++ (część 1)" ("Devil in the details: C/C++ (part 1)")
(EN, 2012) Artykuł: "DLL shared sections: a ghost of the past"
(PL, 2012) TKonferencja 2 - Kraków: DON'T PANIC! - Przegląd zagadnień z zakresu IT security/hackingu. ("DON'T PANIC! - Review of IT security/hacking issues.")
(PL, 2012) IGK'9 - Siedlce: Ewolucja układów graficznych ("Evolution of video cards")
(PL, 2011) IGK'8 - Siedlce: IT Security vs GameDev
(EN, 2011) Article: PHP LFI to arbitratry code execution via rfc1867 file upload temporary files
(EN, 2011) Paper: Exploiting the otherwise non-exploitable - Windows Kernel-mode GS Cookies subverted (with Matthew "j00ru" Jurczyk, in English)
(EN, 2010) RECON 2010: Lecture "Syndicate Wars Port - How to port a DOS game to modern systems" (with Unavowed, in English)
(EN, 2010) CONFidence: Lecture "A Case Study of Recent Windows Vulnerabilities" (with Matthew "j00ru" Jurczyk, in English)
(EN, 2010) Hack In The Box - Dubai: Lecture "A Case Study of Recent Windows Vulnerabilities"
(PL, 2010) SEConference 2010: Lecture (popular science) "Reverse Engineering for fun and profit" + Reverse Engineeringu workshops
(EN, 2010) Paper: GDT and LDT in Windows kernel vulnerability exploitation (collaborative work with Matthew "j00ru" Jurczyk, in English)
(EN, 2010) HITB Magazine #1: Exception Detection on Windows (in English)
(EN, 2009) CONFidence 2.0: Lecture "Practical Game Security" (in English!)
(PL, 2009) SecDay 2009: Lecture "PHP Internals
(PL, 2009) SEConference 2009: Lecture "Praktyczne podejście do testowania bezpieczeństwa implementacji obsługi formatów danych" (video) ("Practical approach to testing the security of file format implementations")
(PL, 2009) SysDay 2009: Lecture "Return-oriented exploiting"
(PL, 2008) SekIT 2008: Lecture "Bankers vs users"
(PL, 2008) Xploit 3/2k8: Własne instrukcje procesora w zabezpieczaniu aplikacji ("User CPU opcodes in securing an application")
(PL, 2008) Xploit 3/2k8: Kompresja i szyfrowanie plików wykonywalnych ("The compression and encryption of executables")
(PL, 2008) ISSA Wrocław: Lecture "The security of Google Chrome"
(PL, 2008) Xploit 2/2k8: Podstawy budowy plików PE ("The basics of PE files")
(PL, 2008) Hakin9 7-8/2k8: Format GIF okiem hakera - część druga ("The GIF format from a hackers point of view, part 2")
(PL, 2008) Hakin9 5/2k8: Format GIF okiem hakera ("The GIF format from a hackers point of view")
(PL, 2008) Hakin9 3/2k8: Format BMP okiem hakera ("The BMP format from a hackers point of view")
(PL, 2008) Hakin9 3/2k8: Entropia ("Entropy")
(PL, 2008) Hakin9 1/2k8: Zdradliwe nazwy plikow ("The treacherous names of the files")
(PL, 2007) Praca inżynierska: Wirtualny debugger-dekompiler złośliwego oprogramowania (thesis: "Virtual debugger-decompiler for malware-analysis purposes")
(PL, 2006) Wykład Revival (Politechnika Opolska): Lecture "Reverse Engineering - Modyfikowanie Aplikacji" ("Reverse Engineering - Modifying applications")
(PL, 2006) Wykład Revival (Politechnika Opolska): Lecture "Reverse Engineering - Packery i protektory" ("Reverse Engineering - Packers and protectors")
(PL, 2006) Wykład Revival (Politechnika Warszawska): Lecture "Reverse Engineering - Modyfikowanie Aplikacji" (video) ("Reverse Engineering - Modifying applications")
(PL, 2006) Wykład Revival (Politechnika Warszawska): Lecture "Reverse Engineering - Packery i protektory" ("Reverse Engineering - Packers and protectors")
(PL, 2006) Programowanie w języku C, część 1. ("Programming in C, part 1") (the second part never existed)
(PL, 2006) DLL Spoofing
(PL, 2005-2007) 25 wykładów na wyklady.net (25 online lectures at wyklady.net)
(PL, 2004) 4P: Kruczki i sztuczki C cz. 1 ("Tricks in C, part 1") (the second part never existed)
(PL, 2003) 4P: Alternatywne sposoby zdobywania wiedzy dot. programowania ("The alternative ways to gather intel. about coding")
(PL, 2001) GDPL: OpenGL - Generowanie Cieni ("OpenGL - Generating shadows")
(PL, 2001) GDPL:OpenGL - Tworzenie tuneli w przestrzeni ("OpenGL - Tunnels in space")
Hobbies
Programming (in every language that I set my eyes on, for every platform that I set my eyes on), Reverse Engineering, Computer Security, GameDev (just a hobby), fantasy books (+ some SciFi and others), computer games, anime/manga, hiking, etc.