Ivan Kwiatkowski

@[email protected]
708 Followers
39 Following
170 Posts
Security Researcher. Writer. Would-be musician. Maintainer of Manalyze and Gepetto. Trolling on a purely personal capacity.
Twitterhttps://twitter.com/JusticeRage
Bloghttps://blog.kwiatkowski.fr
Manalyzehttps://manalyzer.org
GitHubhttps://github.com/JusticeRage
Book (French)https://lechantducygne.fr/gestalt/
Show threadIvan KwiatkowskiJan 12
@catileptic No problem with that, I'm all for direct action and self-empowerment!
I'm just not convinced by the framing that says protests were what drove Musk out of Washington. Still hurt his Tesla sales big time though, that's something!
Show threadIvan KwiatkowskiJan 12

@CrimethInc @catileptic Look, that's a nice sentiment but protests and pressure to Tesla dealerships didn't have much to do with this at all.

Musk was hired with the weird "Special Government Employee" status, which means he can only "work
for the government for 130 days or less in a 365-day period" (source: https://www.eff.org/files/2025/09/03/037-08_exhibit_8._feb._4_washington_post_article.pdf)

Pretending Musk left at the end of the statutory period due to protests is a bit like organizing a march against the night at 5AM and cheering when the sun comes up.

Show threadIvan KwiatkowskiJan 4
@a International law is dead and buried
Ivan KwiatkowskiDec 15

I've been working on a side project for some time: autonomous reverse-engineering powered by Gepetto.

I shared some thoughts here (https://blog.kwiatkowski.fr/gepetto-web), and am looking for beta testers to try out the platform.

DM me or reply below if you are interested!

On autonomous reverse-engineering | Borderline

If there's one thing I've been passionate about throughout my career, it's reverse-engineering. I've also enjoyed teaching reverse-engineering for years, either in-person or when developing online courses. One of the things that struck me as time passed by was how much tooling has changed the way we work.

Ivan KwiatkowskiOct 28
Can someone clarify for me how we went from "don't believe everything you read on the web" to "source: an AI saw it on Twitter"?
Show threadIvan KwiatkowskiOct 16

@dromografos This is not about ego; it's about curation. The good stuff finds its way to the surface, but I just don't have the time to wade through the collective works of hundreds of people.

Make it to my feed often enough (and with good content), that's how you get a follow.

Show threadIvan KwiatkowskiOct 7

@magnetic_tape @f4grx It "just" speeds up reverse-engineering. A lot. But conceptually, it won't end closed-source software any more than IDA Pro did in the past 20 years.

Reading ASM was always an option.

Show threadIvan KwiatkowskiOct 6
@magnetic_tape @f4grx Definitely not. I expose reverse-engineering tooling to the LLM and it is able to autonomously browse the code to understand what it does. This works on any binary, personally I use this for malware analysis
Show threadIvan KwiatkowskiSep 6, 2025
@TheOneDoc That's a clickbait title if I ever saw one
Ivan KwiatkowskiSep 2, 2025

Reverser friends, Gepetto has made huge leaps in the last weeks. I now consider it to be a decent IDA Pro agent.

With zero interaction (gpt-5), it solved a crackme all on its own. I opened IDA, typed in the prompt, and it did everything.

Prompt if you want to try it out: Analyze this crackme, starting from the main function, and using all the tools at your disposal, try to figure out what is the expected password. Rename everything you can in the process.

File: https://crackmes.one/crackme/68b6a36b8fac2855fe6fba66