Below you can see a list of talks or workshops I have given for various events along with slides/videos/materials links. If the particular record has a ‘[PL]’ before it - it means it was made in Polish language.

The convention for a given event is date - name, location.

  • Fancy “privileged” Docker container escapes (slides) - a detailed introduction to the Linux kernel features used by Docker (namespaces, cgroups, capabilities, seccomp, AppArmor) and some info about “privileged” escapes. Note: What does privileged mean? I discuss this matter and show that one of escapes can be pointed down to --cap-add=SYS_ADMIN --security-opt apparmor=unconfined and explore this environnment more.
  • How does CPython work (in polish; slides) - a ~2h talk going deeply into how CPython VM works, giving an example of emulating it and explaining some of the CPython internals.

2019.03.28 - Pykonik Tech Talks #43, Kraków, Poland - streaming

  • Python internals: let’s talk about dicts (slides) - a ~45 min talk where we show some different aspects of Python dicts, like hashing, a weird case of hashing -1 value, issues when hashing mutable values or overwriting dicts, examples of extending dicts and an interesting case of updating dicts with not overriding already existing keys’ values.
  • Low level debugging with Pwndbg - slides - more robust version of this talk; demo examples here.
  • Low level debugging with Pwndbg - slides, demo examples can be found here but they lack some commentary.
  • Docker security - slides; talk given in Polish (slides were in English). The video can be found here.
  • Docker security (see slides from PUT Security Day) - is root in the container the same as on host? Is it safe to add untrusted user to docker group? How to make your app running in a container safer?
  • Let’s play: Code Review - slides
  • [lightning talk] Soft and hard links on Linux: symbolic and physical links - demo about links and some flaws around it (long paths, interesting links in /proc etc) - there were no slides
  • Python Reversing Challenge - slides
  • Insecure Things to Avoid in Python - slides - consists of the one from ThaiPy + info about how I hosted my ‘Python-challenges’ challenge
  • [lightning talk] Random cool stuff in Python - slides - __dict__, __slots__, exec usages in CPython (namedtuple and Python’s 3.7 dataclasses use those)
  • [lightning talk] How does CPython work? - slides
  • [lightning talk] How to be a better developer - slides
  • [lightning talk] Decrypting Android Ransomware - slides
  • [lightning talk-ish] “I hate Portals” aka ReverseMe challenge - slides - a talk about some cool solutions to my ‘Python-challenges’ challenge
  • Some insecure Things to Avoid in Python - slides - pickle, yaml, eval (and its pseudosandbox) and safeeval
  • Let’s play code review: how to write better python code first time - slides
  • Insecure Things to Avoid in Python - slides
  • [lightning talk] Unix wildcards gone wild (see link from PyCon PL 2016)
  • Python as a hacker’s toolbox vol 2 - slides
  • Python as a hacker’s toolbox vol 2 - slides
  • [lightning talk] A simple step for better security when using Python - slides
  • [lightning talk] Python AST rewriting: ‘how does PyTest do that’ - slides
  • [PL] Capture The Flag: interesting way of spending time - slides
  • [lightning talk] Capture The Flag - slides
  • [lightning talk] Unix wildcards gone wild - slides

2012-2017 - KNI Kernel Computer Science Organisation, AGH UST, Kraków, Poland

  • [PL] CTFs - similar talk to the one at Code Europe conference
  • [PL] Shells, buffering and IPython - slides
  • [PL] How to learn IT - slides
  • [PL] Not working for me either - debugging tools for Linux and Windows - no slides, covered GDB debugging, linux tracers (ltrace, strace), Valgrind, Windows Sysinternals, Dependency Walker and debugging through IDEs - PyCharm and Visual Studio. Done with my friend Alex.
  • [PL] Python from scratch course, held with my friend Alex; materials.
  • [PL] CTF workshops (2016, 2017) - many different topics, mainly low level ones but not only; see materials.