Info
Contact
Name: Andrey Konovalov
Email: andreyknvl@gmail.com
PGP: keybase.io
Twitter: @andreyknvl
GitHub: @xairy
Conferences
2019, OffensiveCon: Coverage-Guided USB Fuzzing with Syzkaller [slides] [video]
2017, PHDays: How to find 0days in the Linux kernel [slides]
Exploit Writeups
CVE-2017-7308: Exploiting the Linux kernel via packet sockets [article]
CVE-2016-2384: Exploiting a double-free in the USB-MIDI Linux kernel driver [article]
Github
github.com/xairy/kernel-exploits (Proof-of-concept exploits for the Linux kernel)
github.com/xairy/linux-kernel-exploitation (A collection of links related to Linux kernel exploitation)
github.com/xairy/vmware-exploitation (A collection of links related to VMware escape exploits)
github.com/xairy/easy-linux-pwn (A set of Linux binary exploitation tasks for beginners on various architectures)
github.com/xairy/unlockdown (Disabling kernel lockdown on Ubuntu without physical access)
Kernel
Hardware Village
2019, PHDays: Introduction to USB Hacking [slides] [video]
2019, PHDays: Introduction to PCI Express and DMA attacks [slides] [video]
2018, PHDays: Introduction to USB hacking [slides]
2018, Chaos Constructions: Introduction to USB hacking [slides]
2017, Chaos Constructions: Linux USB fuzzing [slides]
2017, ZeroNights: Fuzzing the Linux kernel [slides]
Various
2018, DC4822: Syzkaller: coverage-guided fuzzer for the Linux kernel [slides]
2015: KernelThreadSanitizer (KTSAN): a data race detector for the Linux kernel [slides]
2014: Автоматический поиск состояний гонок в ядре ОС Linux [slides] [rus]
2013: AddressSanitizer for Linux Kernel [slides]
Thesis
2016: Автоматический поиск состояний гонок в ядре ОС Linux [slides] [paper] [rus]
2014: Автоматический поиск ошибок работы с динамической памятью в ядре ОС Linux [slides] [paper] [rus]
Teaching
2014-2016, MIPT CTF: A small course on CTF (wargames) for beginners [course] [rus]