Below you can see a list of talks or workshops I have given for various events along with slides/videos/materials links. If the particular record has a [PL] before it - it means it was made in Polish language.

The convention for a given event is date - name, location. The [lightning talk] tag means the talk took ~5 minutes and was probably prepared just before presenting it or during the event, as an idea to cotribute some more ;).

  • [PL] Attacking via Linux’s procfs, and Countermeasures for App Developers (slides) - presentation about procfs, the things you can find there, some consequences of those (consider e.g. arbitrary file reads, directory listings with path traversals in both web apps and programs run by users on the system), weird corner cases when depending on readlink /proc/PID/exe or reading process name from comm or cmdline files, PIDs (which are not process handles) and PID-reuse attacks and some mitigations along with the new one - pidfd. Also talked about procfs mount options - hidepid and gid.
  • [EN] Semantic safety won’t save you (slides) showed a sample of security traps in Python, Go and C programming languages. The topic comes from the fact that both Python and Go handle the hard stuff (e.g. memory/threading/errors/etc) for us and people often consider them “safe” because of the semantics of the language. Though… we still shoot ourself in the foot despite that “safety”. Also thanks to @b0bbytabl3s for helping up with this topic :).
  • [PL] Bebechy kontenerów Dockerowych oraz Grand Theft Ucieczki z uprzywilejowanych kontenerów (slides) - the same presentation as the one made on AlligatorCon. The title ended up too baity though.
  • Python internals - how does CPython work? (slides) - a ~2h talk I gave in polish at AGH; it is a deep dive into CPython and its VM. From the original description: “We will learn about CPython bytecode, PYC files, how to disassemble a Python function or decompile it back from bytecode to Python code. We will look at the flow between launching and executing a Python script. We will also go through CPython VM execution by emulating the execution of a short Python function.”.
  • Python internals - let’s talk about dicts - the same talk I gave at Pykonik Tech Talks #43.
  • [lightning talk] Regexes WT#? (slides) - showed a DoS in Django web framework, wrong regex in Signal-Desktop I found which didn’t have a direct security impact and reminded about re.VERBOSE flag.
  • [lightning talk] PagedOut! (slides - described the PagedOut! free zine and my article about hacking Python’s ellipsis
  • [lightning talk] Python security issues (slides - an overview over random existing Python security bugs.
  • [lightning talk] Pyyaml WT# (no slides) - a rant about PyYaml module: there was a 4.1 relase that changed safe_load into load which was reverted and removed from pypi…, then 5.1 was supposed to make load safer by default but not necessarily disallowing it to deserialize Python objects, so it is stil insecure.
  • [lightning talk] A story of a 3d nickname (slides - a story about ‘3d’ origin in my nickname and something about IRC communities o/.
  • Fancy “privileged” Docker container escapes (slides) - a detailed introduction to the Linux kernel features used by Docker (namespaces, cgroups, capabilities, seccomp, AppArmor) and some info about “privileged” escapes. Note: What does privileged mean? I discuss this matter and show that one of escapes can be pointed down to --cap-add=SYS_ADMIN --security-opt apparmor=unconfined and explore this environnment more.
  • [PL] How does CPython work (slides) - a ~2h talk going deeply into how CPython VM works, giving an example of emulating it and explaining some of the CPython internals.

2019.03.28 - Pykonik Tech Talks #43, Kraków, Poland - streaming

  • Python internals - let’s talk about dicts (slides) - a ~45 min talk where we show some different aspects of Python dicts, like hashing, a weird case of hashing -1 value, issues when hashing mutable values or overwriting dicts, examples of extending dicts and an interesting case of updating dicts with not overriding already existing keys’ values.
  • Low level debugging with Pwndbg - slides - more robust version of this talk; demo examples here.
  • [PL] Low level debugging with Pwndbg - slides, demo examples can be found here but they lack some commentary.
  • [PL] Docker security - slides; talk given in Polish (slides were in English). The video can be found here.
  • Docker security (see slides from PUT Security Day) - is root in the container the same as on host? Is it safe to add untrusted user to docker group? How to make your app running in a container safer?
  • Let’s play: Code Review - slides
  • [lightning talk] Soft and hard links on Linux: symbolic and physical links - demo about links and some flaws around it (long paths, interesting links in /proc etc) - there were no slides
  • Python Reversing Challenge - slides
  • Insecure Things to Avoid in Python - slides - consists of the one from ThaiPy + info about how I hosted my ‘Python-challenges’ challenge
  • [lightning talk] Random cool stuff in Python - slides - __dict__, __slots__, exec usages in CPython (namedtuple and Python’s 3.7 dataclasses use those)
  • [lightning talk] How does CPython work? - slides
  • [lightning talk] How to be a better developer - slides
  • [lightning talk] Decrypting Android Ransomware - slides
  • [lightning talk-ish] “I hate Portals” aka ReverseMe challenge - slides - a talk about some cool solutions to my ‘Python-challenges’ challenge
  • Some insecure Things to Avoid in Python - slides - pickle, yaml, eval (and its pseudosandbox) and safeeval
  • Let’s play code review: how to write better python code first time - slides
  • Insecure Things to Avoid in Python - slides
  • [lightning talk] Unix wildcards gone wild (see link from PyCon PL 2016)
  • Python as a hacker’s toolbox vol 2 - slides
  • Python as a hacker’s toolbox vol 2 - slides
  • [lightning talk] A simple step for better security when using Python - slides
  • [lightning talk] Python AST rewriting: ‘how does PyTest do that’ - slides
  • [PL] Capture The Flag: interesting way of spending time - slides
  • [lightning talk] Capture The Flag - slides
  • [lightning talk] Unix wildcards gone wild - slides

2012-2017 - KNI Kernel Computer Science Organisation, AGH UST, Kraków, Poland

  • [PL] CTFs - similar talk to the one at Code Europe conference
  • [PL] Shells, buffering and IPython - slides
  • [PL] How to learn IT - slides
  • [PL] Not working for me either - debugging tools for Linux and Windows - no slides, covered GDB debugging, linux tracers (ltrace, strace), Valgrind, Windows Sysinternals, Dependency Walker and debugging through IDEs - PyCharm and Visual Studio. Done with my friend Alex.
  • [PL] Python from scratch course, held with my friend Alex; materials.
  • [PL] CTF workshops (2016, 2017) - many different topics, mainly low level ones but not only; see materials.

2016-2017 - for various university classes assignments at AGH UST, Kraków, Poland

  • [PL] SQLi, XSS, CSRF: some vulnerabilities from web applications - slides - presented and demoed about some vulns and exploitation techniques for web applications. Co-authored with Magdalena Jaroszyńska.
  • [PL] 1/3: Reverse engineering and finding and exploitting bugs in native apps for x86/x86_64 - slides - introduction presentation to show up my master thesis topic for a diploma seminar. Described few low level concepts - processor registers, x86 assembly basic instructions, the call, leave, ret instrtuctions flow and some bug sources in applications.
  • [PL] 2/3: Reverse engineering and finding and exploitting bugs in native apps for x86/x86_64 - slides - mid-semester presentation; showed a process of solving a reverse-engineering CTF challenge: from inspecting the binary, deassembling it, decompiling it via IDA Pro, inspecting program’s strings, finding the winning condition, dynamic analysis via debbugging to find out which global values corresponds to which game objects and solving winning-condition equations through Z3 theorem prover. The talk also shown how code instrumentation, here address sanitizer, helps finding bugs, how a stack-buffer-overflow can be exploited, how to find out ELF binaries mitigations and various techniques an attacker can use to exploit bugs (shellcodes, overwriting GOT, ROP chains).
  • [PL] 3/3: Reverse engineering and finding and exploitting bugs in native apps for x86/x86_64 - slides - a summary presentation where I showed how ELF maps to memory, listed processes for finding bugs, described fuzzing and symbolic execution, showed an interesting heap-related bug and more.