Ivan Kwiatkowski

@[email protected]
708 Followers
39 Following
170 Posts
Security Researcher. Writer. Would-be musician. Maintainer of Manalyze and Gepetto. Trolling on a purely personal capacity.
Twitterhttps://twitter.com/JusticeRage
Bloghttps://blog.kwiatkowski.fr
Manalyzehttps://manalyzer.org
GitHubhttps://github.com/JusticeRage
Book (French)https://lechantducygne.fr/gestalt/
Ivan KwiatkowskiDec 15

I've been working on a side project for some time: autonomous reverse-engineering powered by Gepetto.

I shared some thoughts here (https://blog.kwiatkowski.fr/gepetto-web), and am looking for beta testers to try out the platform.

DM me or reply below if you are interested!

On autonomous reverse-engineering | Borderline

If there's one thing I've been passionate about throughout my career, it's reverse-engineering. I've also enjoyed teaching reverse-engineering for years, either in-person or when developing online courses. One of the things that struck me as time passed by was how much tooling has changed the way we work.

Ivan KwiatkowskiOct 28
Can someone clarify for me how we went from "don't believe everything you read on the web" to "source: an AI saw it on Twitter"?
Ivan KwiatkowskiSep 2, 2025

Reverser friends, Gepetto has made huge leaps in the last weeks. I now consider it to be a decent IDA Pro agent.

With zero interaction (gpt-5), it solved a crackme all on its own. I opened IDA, typed in the prompt, and it did everything.

Prompt if you want to try it out: Analyze this crackme, starting from the main function, and using all the tools at your disposal, try to figure out what is the expected password. Rename everything you can in the process.

File: https://crackmes.one/crackme/68b6a36b8fac2855fe6fba66

Ivan KwiatkowskiAug 24, 2025

The plan for Gepetto has always been to go further in the agentic direction. I've started exposing the context of the RE session to the LLM.

It may not look like much right now, but ~soon the model will create structures for you from the CLI and recast variables 🤯

Right now, the only tools available are getting the current EA and a function's decompiled code.

It's still bleeding edge, but try it out!
https://github.com/JusticeRage/Gepetto

Ivan KwiatkowskiJan 28, 2025

One of the most unexpected and important things I learned working in threat intelligence is: governments will go nuts over maps.
Mislabel something or draw the wrong border and they'll hunt you down like a dog.

Whatever the map says goes in real life.

https://www.theguardian.com/technology/2025/jan/28/google-maps-will-rename-gulf-of-mexico-as-gulf-of-america-in-us

Google Maps will rename Gulf of Mexico as Gulf of America in US

Tech firm to make change in line with Trump’s executive order, using both names in world outside US and Mexico

The Guardian
Ivan KwiatkowskiJan 3, 2025
I guess I'm not getting rich this year either.
Ivan KwiatkowskiDec 27, 2024
Alex / catilepticDec 27, 2024

I've published a zine on Relationship Anarchy, subtitled "Dreaming in the Belly of the Whale": https://catileptic.tech/posts/relationship-anarchy/

I'm vibrating from head to toe with excitement that I finally put my thoughts into words, all in one place, and I can offer them to others.

This zine is the result of countless excellent talks with lovely folx. It's also the result of reading Victor Vilisov and Slavoj Žižek, as well as many other texts that expanded my mind and nuanced my thinking.

#relationshipanarchy

Relationship Anarchy. Dreaming In the Belly of the Whale (zine)

This is catileptic. I move slow and fix things. I'm a tech activist, hacker, and a community-building person.

Ivan KwiatkowskiDec 20, 2024
Ivan KwiatkowskiDec 17, 2024
Pass the SALT ConferenceDec 17, 2024

ANNOUNCEMENT
#pts25 will be held from July 1 to 3, 2025 💙

For the location, due to agenda conflict, we won't be able to host the con at #PolytechLille as usually.

BREAKING NEWS: we are so pleased and honored to announce that #pts25 will be hosted by #UniversitéCatholiqueDeLille in their beautiful old buildings in the center of #Lille!

Thanks so much to the University for this opportunity 🙏

👉 https://2025.pass-the-salt.org

Next step: call for papers opening in January 15, 2025!

Pass the SALT 2024

Website of the 2025 edition of the Pass the SALT conference

Ivan KwiatkowskiDec 6, 2024
Alexandre DulaunoyDec 6, 2024

I have this crazy idea: every week, I'll showcase the most bizarre, awkward, ridiculous, or even dark Tor onion websites I come across. What do you think?

#stupididea #tor #onion #threatintel