Below you can see a list of talks or workshops I have given for various events along with slides/videos/materials links. If the particular record has a ‘[PL]’ before it - it means it was made in Polish language.
The convention for a given event is
date - name, location.
2019.08.16-17 - AlligatorCon Europe 2019, Budapest, Hungary (link)
- Fancy “privileged” Docker container escapes (slides) - a detailed introduction to the Linux kernel features used by Docker (namespaces, cgroups, capabilities, seccomp, AppArmor) and some info about “privileged” escapes. Note: What does privileged mean? I discuss this matter and show that one of escapes can be pointed down to
--cap-add=SYS_ADMIN --security-opt apparmor=unconfinedand explore this environnment more.
2019.05.30 - AGH, Kraków, Poland (event link)
- How does CPython work (in polish; slides) - a ~2h talk going deeply into how CPython VM works, giving an example of emulating it and explaining some of the CPython internals.
2019.03.28 - Pykonik Tech Talks #43, Kraków, Poland - streaming
- Python internals: let’s talk about dicts (slides) - a ~45 min talk where we show some different aspects of Python dicts, like hashing, a weird case of hashing -1 value, issues when hashing mutable values or overwriting dicts, examples of extending dicts and an interesting case of updating dicts with not overriding already existing keys’ values.
2019.02.12 - Empire Hacking, New York (link or meetup link)
2018.11.19-20 - Security PWNing Conference 2018, Warsaw, Poland (link)
- Low level debugging with Pwndbg - slides, demo examples can be found here but they lack some commentary.
2018.11.10 - PUT Security Day, Poznań, Poland (link)
- Docker security - slides; talk given in Polish (slides were in English). The video can be found here.
2018.10.25 - Pykonik Tech Talks #39 Kraków, Poland (link)
- Docker security (see slides from PUT Security Day) - is root in the container the same as on host? Is it safe to add untrusted user to docker group? How to make your app running in a container safer?
2018.10.15 - 4Developers Kraków, Kraków, Poland (link)
- Let’s play: Code Review - slides
2018.09.27 - Pykonik Tech Talks #38, Kraków, Poland (link)
- [lightning talk] Soft and hard links on Linux: symbolic and physical links - demo about links and some flaws around it (long paths, interesting links in /proc etc) - there were no slides
2018.08.01 - AlligatorCon 2018 (link)
- Python Reversing Challenge - slides
2018.08.23-26 - PyCon PL 2018, Ossa, Poland (link)
- Insecure Things to Avoid in Python - slides - consists of the one from ThaiPy + info about how I hosted my ‘Python-challenges’ challenge
- [lightning talk] Random cool stuff in Python - slides -
execusages in CPython (
namedtupleand Python’s 3.7 dataclasses use those)
- [lightning talk] How does CPython work? - slides
- [lightning talk] How to be a better developer - slides
- [lightning talk] Decrypting Android Ransomware - slides
- [lightning talk-ish] “I hate Portals” aka ReverseMe challenge - slides - a talk about some cool solutions to my ‘Python-challenges’ challenge
2018.06.09 - Noc Informatyka 1.1, Kraków, Poland (link)
- Some insecure Things to Avoid in Python - slides - pickle, yaml, eval (and its pseudosandbox) and safeeval
2018.04.19 - Thai Py, Bangkok, Thailand (link)
- Let’s play code review: how to write better python code first time - slides
2018.02.08 - Thai Py, Bangkok, Thailand (link)
- Insecure Things to Avoid in Python - slides
- [lightning talk] Unix wildcards gone wild (see link from PyCon PL 2016)
2017.08.25-26 - AlligatorCon PL 2017, Kraków, Poland (link)
- Python as a hacker’s toolbox vol 2 - slides
2017.08.17-20 - PyCon PL 2017, Ossa, Poland (link)
- Python as a hacker’s toolbox vol 2 - slides
- [lightning talk] A simple step for better security when using Python - slides
- [lightning talk] Python AST rewriting: ‘how does PyTest do that’ - slides
2016.12.05 - Code Europe Cracow 2016, Kraków, Poland (link; note: conference link ~expired)
- [PL] Capture The Flag: interesting way of spending time - slides
2016.10.13-16 - PyCon PL 2016, Ossa, Poland (link)
2016.06.03 - Noc informatyka 1.0, Kraków, Poland (link)
- [PL] Unusual debugging tools - slides and examples
2012-2017 - KNI Kernel Computer Science Organisation, AGH UST, Kraków, Poland
- [PL] CTFs - similar talk to the one at Code Europe conference
- [PL] Shells, buffering and IPython - slides
- [PL] How to learn IT - slides
- [PL] Not working for me either - debugging tools for Linux and Windows - no slides, covered GDB debugging, linux tracers (ltrace, strace), Valgrind, Windows Sysinternals, Dependency Walker and debugging through IDEs - PyCharm and Visual Studio. Done with my friend Alex.
- [PL] Python from scratch course, held with my friend Alex; materials.
- [PL] CTF workshops (2016, 2017) - many different topics, mainly low level ones but not only; see materials.