Below you can see a list of talks or workshops I have given for various events along with slides/videos/materials links. If the particular record has a
[PL] before it - it means it was made in Polish language.
The convention for a given event is
date - name, location. The
[lightning talk] tag means the talk took ~5 minutes and was probably prepared just before presenting it or during the event, as an idea to cotribute some more ;).
2020.12.17 - A Midwinter Night’s Con 2020 (link)
- Various interesting (and not) bugs case studies (video, slides) - In this talk I will present a “cstrnfinder” research where I found many (stupid) bugs related to string operations in C. Apart from that, we will look through an insufficient permission check that allowed for kASLR bypass within kernel modules in certain container environments. We will also analyse a not sufficient mitigation in glibc allocator, where changing a few lines of code can make it harder for attackers to exploit buggy applications.
2020.04.25 - Python Pizza, remote @ your couch (link)
- [lightning talk] sudo python is a trap, use isolated mode (video, slides) - a showcase of the “Readline module loading in interactive mode” Python security bug :)
2019.11.14-15 - Security PWNing Conference 2019, Warsaw, Poland (link)
- [PL] Attacking via Linux’s procfs, and Countermeasures for App Developers (slides) - presentation about procfs, the things you can find there, some consequences of those (consider e.g. arbitrary file reads, directory listings with path traversals in both web apps and programs run by users on the system), weird corner cases when depending on
readlink /proc/PID/exeor reading process name from comm or cmdline files, PIDs (which are not process handles) and PID-reuse attacks and some mitigations along with the new one - pidfd. Also talked about procfs mount options - hidepid and gid.
2019.11.07 - Affinity Tech Talks, Kraków, Poland (link)
- Semantic safety won’t save you (slides) showed a sample of security traps in Python, Go and C programming languages. The topic comes from the fact that both Python and Go handle the hard stuff (e.g. memory/threading/errors/etc) for us and people often consider them “safe” because of the semantics of the language. Though… we still shoot ourself in the foot despite that “safety”. Also thanks to @b0bbytabl3s for helping up with this topic :).
2019.09.28 - Noc Informatyka 1.2, Kraków, Poland (link)
- [PL] Bebechy kontenerów Dockerowych oraz Grand Theft Ucieczki z uprzywilejowanych kontenerów (slides) - the same presentation as the one made on AlligatorCon. The title ended up too baity though.
2019.09.12-15 - PyConPL 2019, Zawiercie, Poland (link)
- Python internals - how does CPython work? (slides) - a ~2h talk I gave in polish at AGH; it is a deep dive into CPython and its VM. From the original description: “We will learn about CPython bytecode, PYC files, how to disassemble a Python function or decompile it back from bytecode to Python code. We will look at the flow between launching and executing a Python script. We will also go through CPython VM execution by emulating the execution of a short Python function.”.
- Python internals - let’s talk about dicts - the same talk I gave at Pykonik Tech Talks #43.
- [lightning talk] Regexes WT#? (slides) - showed a DoS in Django web framework, wrong regex in Signal-Desktop I found which didn’t have a direct security impact and reminded about
- [lightning talk] PagedOut! (slides - described the PagedOut! free zine and my article about hacking Python’s ellipsis
- [lightning talk] Python security issues (slides - an overview over random existing Python security bugs.
- [lightning talk] Pyyaml WT# (no slides) - a rant about PyYaml module: there was a 4.1 relase that changed
loadwhich was reverted and removed from pypi…, then 5.1 was supposed to make
loadsafer by default but not necessarily disallowing it to deserialize Python objects, so it is stil insecure.
- [lightning talk] A story of a 3d nickname (slides - a story about ‘3d’ origin in my nickname and something about IRC communities o/.
2019.08.16-17 - AlligatorCon Europe 2019, Budapest, Hungary (link)
- Fancy “privileged” Docker container escapes (slides) - a detailed introduction to the Linux kernel features used by Docker (namespaces, cgroups, capabilities, seccomp, AppArmor) and some info about “privileged” escapes. Note: What does privileged mean? I discuss this matter and show that one of escapes can be pointed down to
--cap-add=SYS_ADMIN --security-opt apparmor=unconfinedand explore this environnment more.
2019.05.30 - AGH, Kraków, Poland (event link)
- [PL] How does CPython work (slides) - a ~2h talk going deeply into how CPython VM works, giving an example of emulating it and explaining some of the CPython internals.
2019.03.28 - Pykonik Tech Talks #43, Kraków, Poland - streaming
- Python internals - let’s talk about dicts (slides) - a ~45 min talk where we show some different aspects of Python dicts, like hashing, a weird case of hashing -1 value, issues when hashing mutable values or overwriting dicts, examples of extending dicts and an interesting case of updating dicts with not overriding already existing keys’ values.
2019.02.12 - Empire Hacking, New York (link or meetup link)
2018.11.19-20 - Security PWNing Conference 2018, Warsaw, Poland (link)
- [PL] Low level debugging with Pwndbg - slides
2018.11.10 - PUT Security Day, Poznań, Poland (link)
- [PL] Docker security - slides; talk given in Polish (slides were in English). The video can be found here.
2018.10.25 - Pykonik Tech Talks #39 Kraków, Poland (link)
- Docker security (see slides from PUT Security Day) - is root in the container the same as on host? Is it safe to add untrusted user to docker group? How to make your app running in a container safer?
2018.10.15 - 4Developers Kraków, Kraków, Poland (link)
- Let’s play: Code Review - slides
2018.09.27 - Pykonik Tech Talks #38, Kraków, Poland (link)
- [lightning talk] Soft and hard links on Linux: symbolic and physical links - demo about links and some flaws around it (long paths, interesting links in /proc etc) - there were no slides
2018.08.01 - AlligatorCon 2018 (link)
- Python Reversing Challenge - slides
2018.08.23-26 - PyCon PL 2018, Ossa, Poland (link)
- Insecure Things to Avoid in Python - slides - consists of the one from ThaiPy + info about how I hosted my ‘Python-challenges’ challenge
- [lightning talk] Random cool stuff in Python - slides -
execusages in CPython (
namedtupleand Python’s 3.7 dataclasses use those)
- [lightning talk] How does CPython work? - slides
- [lightning talk] How to be a better developer - slides
- [lightning talk] Decrypting Android Ransomware - slides
- [lightning talk-ish] “I hate Portals” aka ReverseMe challenge - slides - a talk about some cool solutions to my ‘Python-challenges’ challenge
2018.06.09 - Noc Informatyka 1.1, Kraków, Poland (link)
- Some insecure Things to Avoid in Python - slides - pickle, yaml, eval (and its pseudosandbox) and safeeval
2018.04.19 - Thai Py, Bangkok, Thailand (link)
- Let’s play code review: how to write better python code first time - slides
2018.02.08 - Thai Py, Bangkok, Thailand (link)
- Insecure Things to Avoid in Python - slides
- [lightning talk] Unix wildcards gone wild (see link from PyCon PL 2016)
2017.08.25-26 - AlligatorCon PL 2017, Kraków, Poland (link)
- Python as a hacker’s toolbox vol 2 - slides
2017.08.17-20 - PyCon PL 2017, Ossa, Poland (link)
- Python as a hacker’s toolbox vol 2 - slides
- [lightning talk] A simple step for better security when using Python - slides
- [lightning talk] Python AST rewriting: ‘how does PyTest do that’ - slides
2016.12.05 - Code Europe Cracow 2016, Kraków, Poland (link; note: conference link ~expired)
- [PL] Capture The Flag: interesting way of spending time - slides
2016.10.13-16 - PyCon PL 2016, Ossa, Poland (link)
2016.06.03 - Noc informatyka 1.0, Kraków, Poland (link)
- [PL] Unusual debugging tools - slides and examples
2012-2017 - KNI Kernel Computer Science Organisation, AGH UST, Kraków, Poland
- [PL] CTFs - similar talk to the one at Code Europe conference
- [PL] Shells, buffering and IPython - slides
- [PL] How to learn IT - slides
- [PL] Not working for me either - debugging tools for Linux and Windows - no slides, covered GDB debugging, linux tracers (ltrace, strace), Valgrind, Windows Sysinternals, Dependency Walker and debugging through IDEs - PyCharm and Visual Studio. Done with my friend Alex.
- [PL] Python from scratch course, held with my friend Alex; materials.
- [PL] CTF workshops (2016, 2017) - many different topics, mainly low level ones but not only; see materials.
2016-2017 - for various university classes assignments at AGH UST, Kraków, Poland
- [PL] SQLi, XSS, CSRF: some vulnerabilities from web applications - slides - presented and demoed about some vulns and exploitation techniques for web applications. Co-authored with Magdalena Jaroszyńska.
- [PL] 1/3: Reverse engineering and finding and exploitting bugs in native apps for x86/x86_64 - slides - introduction presentation to show up my master thesis topic for a diploma seminar. Described few low level concepts - processor registers, x86 assembly basic instructions, the
retinstrtuctions flow and some bug sources in applications.
- [PL] 2/3: Reverse engineering and finding and exploitting bugs in native apps for x86/x86_64 - slides - mid-semester presentation; showed a process of solving a reverse-engineering CTF challenge: from inspecting the binary, deassembling it, decompiling it via IDA Pro, inspecting program’s strings, finding the winning condition, dynamic analysis via debbugging to find out which global values corresponds to which game objects and solving winning-condition equations through Z3 theorem prover. The talk also shown how code instrumentation, here address sanitizer, helps finding bugs, how a stack-buffer-overflow can be exploited, how to find out ELF binaries mitigations and various techniques an attacker can use to exploit bugs (shellcodes, overwriting GOT, ROP chains).
- [PL] 3/3: Reverse engineering and finding and exploitting bugs in native apps for x86/x86_64 - slides - a summary presentation where I showed how ELF maps to memory, listed processes for finding bugs, described fuzzing and symbolic execution, showed an interesting heap-related bug and more.