@Ange

3.3K Followers
196 Following
786 Posts
Reverse engineer, file formats expert.
Corkami, CPS2Shock, PoC||GTFO, Sha1tered, Magika...
Security engineer @ Google. He/him.
Githubhttps://github.com/angea
Githubhttps://github.com/corkami
Pronounshe/him
AngeSep 5, 2025
Grab your @phrack copy (beautiful 150 page color print) at @nullcon’s registration booth!
AngeApr 2, 2025

"Polyglot files are unnatural and never existed in the wild", they say.

Aperture cards are punched cards with a microfiche, indexing 'analogue' images with punched cards data on the same medium.
A standard polyglot document IRL defined in the 1960s.

AngeApr 1, 2025
You’re making a PDF about weird file formats and PDF… and the PDF doesn’t let you write “file”… very meta.
AngeApr 1, 2025

The craziest file I made & visualized recently was combining the Doom PDF with a DOS & Windows (EXE & PE) polyglot.

Now you can run Doom on Microsoft operating systems from 1993 until today, and also under Chrome-based PDF viewers!

Naturally, it's hard to to cover everything for such a complex file in a single page - so I didn't make it an HTML polyglot that would run Doom as JavaScript: trivial, but no more room on that page! (3/3)

AngeMar 29, 2025
In PagedOut 6, I showed many PDF tricks by dissecting a crazy yet fully working handmade “Hello World” PDF file.
AngeMar 29, 2025
I made in PagedOut 6 an illustration on the basics of the PDF format.
AngeFeb 20, 2025
The livestream on PDF file structure is up.
Following the PDF basics livestream, it covers all kinds of PDF structures that you can see in the wild and how to convert them to a classic and accessible form.
https://www.youtube.com/live/9XNdTAPUI68?si=8uZMetcHFdf0R6t9
23 PDF file structures

YouTube
AngeFeb 20, 2025
I just pushed an update to logparse to detect the near-collision blocks (w/ no difference) of TextColl.
Thanks Marc!
https://github.com/corkami/collisions
GitHub - corkami/collisions: Hash collisions and exploitations

Hash collisions and exploitations. Contribute to corkami/collisions development by creating an account on GitHub.

GitHub
AngeFeb 20, 2025
The livestream on hashcolls mitigations is up.
Covering the hashcoll tag in VT, specific file format structures, defanging files, Stevens' DetectColl, safe hashes...
https://www.youtube.com/live/1D6C6z_25cE?si=GmDi17uII1xj7rUi&t=33
22 Hash-collisions mitigations

YouTube
AngeFeb 19, 2025
J’espère bien !
J’aurais l’air de quoi si je n’avais plus que des fichiers normaux ?!