About Me

I am a Security Software Developer passionate about building attack & defense tools (this is just SEO bait for recruiters and Google, because 'basement-dwelling hacker' doesn't look great) .

Hacking systems and writing code ever since I "borrowed" my sister's Amiga 600 (the one she got for her First Communion – sorry, sis).

First Polish guy to snag a Pwnie Award for "Most Innovative Research" in cybersecurity. Did some projects for DARPA – even got to present at the Pentagon (no tie required, thankfully!).

Published stuff in the old-school classics like Phrack, SecurityFocus, etc. Creator of Kon-Boot – that little tool that's apparently useful for forensics folks, law enforcement, intel agencies, and big tech when they lock themselves out.

Spent years chasing bugs in the giants: Chrome, NVIDIA, AMD, Intel, Microsoft, Apple... Ended up finding a bunch of vulnerabilities in browsers, drivers, and kernels (some critical ones with CVEs like 2022-2399, 2021-30522, and others I won't list to spare you the boredom).

Held titles like Research Engineering Technical Leader at Talos, Senior Protection Designer Kryptos Logic, Vulnerability researcher at COSEINC.

Now among other things I focus on software development for security. Going independent: focusing on what I actually enjoy—building specialized tools and picking only the projects that seem worth the coffee and late nights.

Got a wild idea, fun project, or need a developer for custom security tools? Drop me a message. Always up for chatting about making (or responsibly breaking) cool things together.

Articles

• 01/11/2016 Praktyczna inzynieria wsteczna (Book/Co-author - PWN PL)
• 07/04/2016 Exploiting the Apple Graphics Driver and Bypassing KASLR (CISCO TALOS)
• 31/01/2014 Hacking and patching TP-LINK TD-W8901G router
• 01/03/2012 Securing The Kernel Via Static Binary Rewriting, Program Shepherding and Partial Control Flow Integrity
• 01/01/2012 Mitigating ReturnOriented Programming Attacks and Other Exploitation Attempts via Secure API Execution
• 01/09/2011 Fast, Reliable and Runtime Protection Method Against Table Index Overflows
• 10/05/2011 Securing The Kernel via Static Binary Rewriting and Program Shepherding
• 06/09/2010 JIT spraying and mitigations
• 23/08/2010 Security Mitigations for Return Oriented Programming Attacks
• 08/11/2009 Using MATLAB and Mathcad for solving (mesh current) equations
• 05/10/2009 SMB2: 351 Packets from the Trampoline
• 10/06/2009 Evading network level emulation
• 25/05/2009 Generic Unpacking of Selfmodifying, Aggressive, Packed Binary Programs
• 18/05/2009 Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case) + SpiderPig Project Page
• 01/06/2007 Aslan Metamorphic Engine Corner plus some demos.
• 01/06/2007 TI89 Titanium calculator corner plus a plenty of not really useful things.
• 06/02/2007 Bypassing the breakpoints with file "streams"
• 16/10/2005 Exploiting Windows Device Drivers Whitepaper
• 15/08/2005 Playing with RDTSC
• 04/08/2005 Windows Syscall Shellcode exclusive for SecurityFocus
• 02/08/2005 NT shellcodes prevention demystified published in PHRACK#63
• 29/06/2005 Fighting EPO Viruses exclusive for SecurityFocus
• 25/02/2005 Antidebugging for (m)asses protecting the env.

Selected Projects

• 2009 - Present Kon-Boot Kon-Boot is a widely used security utility that allows users to bypass Microsoft Windows and Apple macOS passwords without making persistent changes to the system. It is the first and only reported tool capable of bypassing Windows 10/11 online (live) passwords while supporting both major OS platforms. A staple tool in penetration testing and computer forensics.
• 2023 iOS Forensics Suite A comprehensive tool designed to generate detailed, locally-processed reports from iOS backups, supporting both encrypted and unencrypted data. It produces responsive reports in Web, PDF, or JSON formats for maximum flexibility. All data processing occurs locally, ensuring sensitive personal information remains private and secure.
• 2021 Frida USB Dump (macOS USB Sniffer) A specialized Frida script designed to sniff and dump USB traffic on macOS. Originally used to investigate the checkm8/checkra1n jailbreak, it dumps data to a file with ASCII markers to facilitate further parsing and analysis.
• 2021 iREPAIR - System Repair & Restore An advanced iOS system recovery tool that allows users to repair and restore Apple devices (iPhone, iPad, iPod touch) without data loss. It can fix devices stuck in Recovery Mode and other system issues, whilst also supporting backup creation and recovery.
• 2016 Exploit for CVE-2016-1743 (Apple Intel HD 3000 Driver) A Proof-of-Concept exploit targeting the Apple Intel HD 3000 Graphics driver on OSX 10.11. This research demonstrates a vulnerability within the graphics driver subsystem.
• 2013 Rootkit Detection Framework for UEFI (parts DARPA CFT project) (2013) A security framework developed as part of the DARPA CFT project. Focused on identifying and mitigating rootkits within the UEFI environment.
• 2011 Windows Kernel Shepherding A research implementation of Static Binary Rewriting and Program Shepherding for the Windows kernel and drivers without source code. It statically rewrites the kernel image to inject instrumentation, enforcing execution policies and detecting control flow anomalies typical of exploits.
• 2010 SMB2 Remote Exploit for Vista SP1/SP2 A remote exploit targeting the SMB2 vulnerability in Windows Vista SP1/SP2. Released alongside the HACKTRO tool.
• 2009 VMware CloudBurst: Guest to Host Escape Exploit A Guest-to-Host escape exploit targeting VMware virtualization software (CVE-2009-1244). Demonstrates the ability to break out of the virtualized environment to execute code on the host system.
• 2007 TI89 Titanium Resident EPO Calculator Virus The world's first memory-resident virus for the TI-89 calculator, written in Motorola 68K assembly. It demonstrates advanced techniques like Entry Point Obscuring (EPO) and ROM call table manipulation to remain active and infect other programs.
• 2006 Disit Disassembler (x86) A custom disassembler library for the x86 architecture. It provides detailed context about instructions, including register usage (source/destination), memory access patterns, and flag modifications.
• 2005 Aslan Metamorphic Engine An advanced, GUI-oriented metamorphic engine capable of integrating code into any x86 PE binary. It rebuilds the entire PE structure, including relocations, imports, and resources, while maintaining variable alignment to seamlessly inject arbitrary code.
• 2005 TAPION Polymorphic Decryptor Generator A polymorphic engine designed to evade code detection mechanisms. It generates unique decryptors on the fly, encrypting original data and decrypting it during execution to bypass static analysis.