Corkami @corkami
reverse engineering & visual documentations corkami.com by @angealbertini Joined May 2011-
Tweets598
-
Followers9K
-
Following12
-
Likes422
Hi newcomers! I've been contributing to Magika since 2023 (it became public in 2024). Magika is not AI slop: it's useful in its own way, and used in production. The recent Rust release doesn't change how Magika is fundamentally working.
This repository offering in depth dissections of binary file formats, including PE, ELF, Mach-O, and more. An essential resource for reverse engineers and developers to uncover the structure of executables and libraries. github.com/corkami/pics
In PagedOut 6, I showed many PDF tricks by dissecting a crazy yet fully working handmade “Hello World” PDF file.
I made in PagedOut 6 an illustration on the basics of the PDF format.
New year resolution #2: ✅ try streaming. Week #1: From PDF basics to PoC||GTFO polyglots. Thanks to everyone for the support!
After the next stream, I'll start redoing my first streams in french! You'll have time to catch up in the meantime. I'll resume english streams afterwards. Après le prochain direct, je referais mes 7 premiers directs, mais en français cette fois! Partagez SVP!
Today, I crafted manually tiny polyglot files as easy examples. In my next stream (tomorrow @ 9PM CET), I'll walk through some real polyglots: the releases of PoC||GTFO. youtube.com/live/POg2Qpxbp…
lately @corkami has been dropping some fire content
My stream about crafting a PDF file from scratch is over. youtube.com/live/q6KgFezu8… It was pretty chill to take the time to answer questions, thanks again for joining!
Let’s try something new in 2025… This saturday at 8pm CET, I'll stream about crafting a valid PDF file from scratch. We’ll see how it goes!
I presented about file formats at #38C3. Thanks for the feedback everyone! speakerdeck.com/ange/fearsome-…
The Woff v2 format pushes things further: standard tags are now implicit via an enum, tables-specific transformations are applied to improve compression, and Brotli compression (2013-) is used.
The Woff (Web Open Font Format) is an alternate form of TTF/OTF, in which tables are typically compressed individually w/ Zlib. Besides, the content remains similar and Woff files can be turned back to TTF/OTF.
OTF (OpenType) fonts files are similar to TTF: The version looks like a magic, similar directory / table structure, some tables are shared w/ TTF (OS/2, maxp, cmap...), some are exclusive (CFF ^ glyf, loca).
TTF fonts spaghetti: - the number of elements in the glyf table is set in the maxp table. - the relative offsets of the elements in the glyf table are given by the loca table. - the format of the loca table is specified in the head table.
TTF (and vector fonts in general) are very complex. A tiny font with a single defined glyph made of a single rectangle... 0x590 (1424) bytes! They even contain some bytecode!
TTF (TrueType fonts) have no magic, start directly with a directory table pointing to each tagged-tables. The format is uncompressed, many tables start with a version number. Standard software can add their own custom tables (ex: FontForge).
BPG - Better Portable Graphics - was created by Fabrice Bellard (LzExe / FFMpeg / QEmu...) and has a very compact header with variable integers, yet it has a proper magic.
Binary properties list is a serialization format with a PDF-like structure: a magic, a trailer, an xref table, and objects referencing each others. Which makes it easy to move objects around or overlap them.
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Nicolas Krassas @Dinosn
157K Followers 767 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKZLB Posting content that I find interesting.
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Halvar Flake @halvarflake
45K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Justin Tunney @jartine
43K Followers 364 Following I built a C library that lets you compile 12kb static binaries that run natively on Linux, Mac, Windows, FreeBSD, OpenBSD, NetBSD and BIOS using just GCC/Clang.
Ali Hadi | B!n@ry @binaryz0ne
35K Followers 569 Following DFIR and Adversary Simulation | All posts reflect the views and interests of the person behind this account only |
Richard Johnson @richinseattle
19K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Battle Programmer Yuu @netspooky
21K Followers 1K Following knuck if you buck 日本語/español OK (he/they) @tmpout @binarygolf @[email protected] (fedi) @ https://t.co/mZ77OEN0DV (bsky)
Karsten Hahn @struppigel
26K Followers 782 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
hasherezade @hasherezade
91K Followers 957 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
x0rz @x0rz
95K Followers 417 Following Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓
Travis Goodspeed @travisgoodspeed
26K Followers 4K Following Merchant of Dead Trees and Licensed Proselytizer of the Gospel of the Weird Machines with Pwnage, PoC, and Secular Rock.
Łukasz @maldr0id
12K Followers 948 Following Military-grade @Android malware reverse engineer @Google || "Tom Brady of malware strings analysis" - @MalwareTech || Tweets are my own opinions || he/him ✨🌈🦄
Jordan Wiens @psifertex
6K Followers 1K Following Worst developer among many good ones making https://t.co/XCCx7ED5uf
Virus Bulletin @virusbtn
61K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Gynvael Coldwind @gynvael
39K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/him
Hash Miser @H_Miser
9K Followers 1K Following Internet janitor, #CERT #BlueTeam and Whisk(e)y enthusiast "Everything you do is useless ! Enjoy 🍻" [email protected] https://t.co/pBOfukJZJi
dragosr @dragosr
23K Followers 9K Following Stop, Think, Pwn! (see also @[email protected], https://t.co/BjclXYWQ9R for alternate)
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / mobile research @ ▓▓▓▓▓ / Team 501 / ex IBM Capability Lead & FireEye TORE / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Osur @Osur_Gaetano
36 Followers 2K Following Cybersecurity Analyst | Web Application Security | Bug Hunter | Backend application development
kuan @nulldiscipline
0 Followers 478 Following
yeng @yeng_number
1 Followers 380 Following
justmazz_ @justmazz_
547 Followers 2K Following software/reverse engineer | ex-cheat dev | senior security engineer @ a cool company
Ovi @0x0v1
890 Followers 940 Following hacker, security researcher founder: @barghestasia ex: @msftsecresponse
veele @veelesec
136 Followers 547 Following trying to kubernetes | gsoc @mandiant | sih 🏆 | c4gt @dhwani_ris | lift scholar
tmniosc @tmniosc_
5 Followers 1K Following
0xDbg @0x_dbg
8 Followers 891 Following
Leonardo Caputo @leonardocaputoo
8 Followers 367 Following
-=[ dxp ]=- @dxp2532
82 Followers 117 Following
MMXI @vxmmxi
3 Followers 153 Following ذَلّوا بِأَسيافِنا طولَ الزَمانِ فَمُذ — تَحَكَّموا أَظهَروا أَحقادَهُم فينا
vesperx @vesperxw
1 Followers 72 Following
e5BqjGEqTuuZZ0fNg50s @BqjE562525
0 Followers 19 Following
Youssef Khaled @Youssef_12105
2 Followers 219 Following
xecaz @xecaz_
5 Followers 60 Following Once promising child actor, now aspiring synchronized swimmer.
Grégory Morel @GregMorel82
77 Followers 183 Following C.S. Associate Professor, Ph.D. Math & Computer Science, expert in Graph Theory & Combinatorial Optimization, always hungry for new knowledge
T1nt1n @t1nt1nsn0wy
677 Followers 5K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)
manu_vt @manu_v_t
74 Followers 711 Following
Tu Tri Mi @trimituvn
22 Followers 2K Following
AISecHub @AISecHub
9K Followers 8K Following 🚀 AISecHub | AI & Cybersecurity | Securing AI systems, and sharing insights on emerging challenges | https://t.co/YeYtqq5tJC
shard7 @shard7_
56 Followers 380 Following I like building stuff related to computer security. https://t.co/IpCbw7Fq7Q
Scour @makeitharderr
464 Followers 7K Following
0xzdiox @0xzdiox
1 Followers 284 Following Assumptions fail before silicon does. Between states. Breaking invariants. Hardware Security Researcher Speaker @ BlackHat | c0c0n
S A @flafee_fluff
0 Followers 3K Following Tesla, Grok 4, and X fan. Goal: Become an X engineer. ♥️♥️ 🇮🇱 🇺🇸 ♥️♥️ Israel 💪💪
Jirosec @ig_ftw
66 Followers 1K Following Security Research | BUG BOUNTY HUNTER | OFFENSIVE SECURITY
ahok @ZtlMatt
4 Followers 362 Following
AVA @a1v7a9
7 Followers 1K Following
cheio de ódio 🇵�... @ManchaVia
2K Followers 5K Following «Não penseis que vim trazer paz à terra; não vim trazer paz, mas a espada» Matheus 10:34 @VascodaGama
CyberSecurityTipOfThe... @cstotw
2 Followers 58 Following Cybersecurity tips for professionals. OS Internals, Reversing, Exploitation, Malware. If you live in the debugger, this is for you. 🏴☠️ Code repo: 👇
Yang Yang (John) @CharlieYYang
282 Followers 4K Following Ph.D. Candidate in Fluid Mechanics. High-Performance Computing, Quantum Computing, Differential Geometry, and Mathematical Physics. Multilingual. Piano Player.
0xb1n4ry @0xb1n4ry
0 Followers 867 Following
Zan Nitx @Thet808181
18 Followers 1K Following
Ange @angealbertini
25K Followers 917 Following Reverse engineer, file formats expert. Corkami, CPS2Shock, PoC||GTFO, Sha1tered, Magika... Security engineer @ Google. He/him.
Battle Programmer Yuu @netspooky
21K Followers 1K Following knuck if you buck 日本語/español OK (he/they) @tmpout @binarygolf @[email protected] (fedi) @ https://t.co/mZ77OEN0DV (bsky)
Karsten Hahn @struppigel
26K Followers 782 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
David Buchanan does n... @David3141593
17K Followers 755 Following add my blog to your RSS reader or something. also @[email protected], at://retr0.id
Salvador Mendoza @Netxing
6K Followers 325 Following Security researcher | Payment systems | Trainer & Speaker | Book author | @MetabaseQ R&D team | Free speech doesn’t pay bills: my tweets are my own.
Philippe Lagadec @decalage2
5K Followers 1K Following Author of oletools, olefile, ViperMonkey, ExeFilter, Balbuzard. #DFIR, #malware analysis, maldocs, file formats, #Python. @[email protected]
allthingsida @allthingsida
5K Followers 414 Following All things IDA, security, reverse engineering, programming, AI and more. Friend and fan of Hex-Rays but non-official.
Marc Stevens @realhashbreaker
2K Followers 135 Following Father^2. Cryptologist at CWI Amsterdam @cwinl. Likes theoretical and applied cryptanalysis a lot.
John McMaster @johndmcmaster
15K Followers 173 Following IC reverse engineering, #mtvre, CTO @LabsmoreLLC https://t.co/kTAlHvruKe https://t.co/ICN8cRMGIi
Aurélien Francillon @aurelsec
2K Followers 2K Following Professor (full) of computer insecurity @s3eurecom. Can be seen sometimes procrastinating on Twitter. @[email protected] @aurelsec.bsky.social
Philippe Teuwen @doegox
4K Followers 1K Following If you can't root it you don't own it. doegox infosec exchange
Onthar @Onthar
443 Followers 28 Following Ремонт телефонов и компьютеров, системное администрирование.Trends for United States
You might like
