Name: Andrey Konovalov



Twitter: @andreyknvl

GitHub: @xairy


2019, OffensiveCon: Coverage-Guided USB Fuzzing with Syzkaller [slides] [video]

2017, PHDays: How to find 0days in the Linux kernel [slides]

2015, LinuxCon North America: KernelAddressSanitizer (KASan): a fast memory error detector for the Linux kernel [slides]

Exploit Writeups

CVE-2017-7308: Exploiting the Linux kernel via packet sockets [article]

CVE-2016-2384: Exploiting a double-free in the USB-MIDI Linux kernel driver [article]

Github (Proof-of-concept exploits for the Linux kernel) (A collection of links related to Linux kernel exploitation) (A collection of links related to VMware escape exploits) (A set of Linux binary exploitation tasks for beginners on various architectures) (Disabling kernel lockdown on Ubuntu without physical access)


Linux kernel commits list

Hardware Village

2019, PHDays: Introduction to USB Hacking [slides] [video]

2019, PHDays: Introduction to PCI Express and DMA attacks [slides] [video]

2018, PHDays: Introduction to USB hacking [slides]

2018, Chaos Constructions: Introduction to USB hacking [slides]

2017, Chaos Constructions: Linux USB fuzzing [slides]

2017, ZeroNights: Fuzzing the Linux kernel [slides]


2018, DC4822: Syzkaller: coverage-guided fuzzer for the Linux kernel [slides]

2015: KernelThreadSanitizer (KTSAN): a data race detector for the Linux kernel [slides]

2014: Автоматический поиск состояний гонок в ядре ОС Linux [slides] [rus]

2013: AddressSanitizer for Linux Kernel [slides]


2016: Автоматический поиск состояний гонок в ядре ОС Linux [slides] [paper] [rus]

2014: Автоматический поиск ошибок работы с динамической памятью в ядре ОС Linux [slides] [paper] [rus]


2014-2016, MIPT CTF: A small course on CTF (wargames) for beginners [course] [rus]