Xeno Kovah

@[email protected]
191 Followers
12 Following
287 Posts
Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of @OpenSecurityTraining2 https://ost2.fyi
Xeno Kovah7h ago
Periodic reminder that “Embedded Linux is not firmware”.
Xeno Kovah8h ago
OpenSecurityTraining217h ago
Your BIOS is out of sight, out of mind: and that's exactly where attackers hide. Learn firmware security, SPI flash, SMM & how to RTFM like a pro. Architecture 4001: x86-64 Intel Firmware Attack & Defense by @xenokovah is at https://ost2.fyi/Arch4001
Show threadXeno Kovah8h ago
(Purely from stored information). The implication is about how much simple factual Bluetooth information a given model has “memorized”.
Xeno Kovah8h ago
Misc observation: No local model can answer "What is the LL Control PDU Name for Opcode 0x0C? Provide no information except for the name." correctly. Neither can Opus 4.6 with thinking turned off. Opus 4.7 with thinking (and web search) turned off was the first that I tested that could…
Xeno Kovah3d ago
I’m also excited to try throwing Claude at a RE task to extract a company-specific BT packet structure that some previous researchers described in a very incomplete way. So this also has the capability to quickly improve the S/N for poorly-presented REsearch after the fact.
Xeno Kovah3d ago
Another example of how this will enable better research: I’ve been running a fork of scapy in Blue2thprinting with more BT packet definitions since I didn’t want to figure out how their unit tests work since they treat that as a requirement for PRs. Now I can upstream them.
Xeno Kovah3d ago
And I say this as someone who myself only really releases researchware, not shooting for production-level quality. I’m also excited about my ability to improve my own researchware! Unit tests? Finally worth it! Refactoring? Previously, hell-no, now, yes please!
From: @xenokovah
https://infosec.exchange/@xenokovah/116459657993107845
Xeno Kovah (@[email protected])

I filed an issue in an open source security tool ~2 years ago. The other day I just used Claude to vibe-code a fix in my local copy in a couple hours of tertiary-priority background activity. I’m pretty excited about the ability to make researchware actually useful!

Infosec Exchange
Xeno Kovah3d ago
I filed an issue in an open source security tool ~2 years ago. The other day I just used Claude to vibe-code a fix in my local copy in a couple hours of tertiary-priority background activity. I’m pretty excited about the ability to make researchware actually useful!
Xeno KovahApr 20
OpenSecurityTraining2Apr 20
Your CPU speaks assembly. Shouldn't you? Master x86-64 with the most common instructions and unlock reverse engineering, exploit dev & OS internals. But this is no skim class; it takes ~28h on average (not counting the final lab). Get started on Architecture 1001: x86-64 Assembly https://ost2.fyi/Arch1001 by @xenokovah today for mad skillz tomorrow!
Xeno KovahApr 13
OpenSecurityTraining2Apr 13
If you're serious about reverse engineering, you need to master a powerful debugger. Dbg1103 walks you through Binary Ninja's debugger hands-on, so you can hit the ground running on real targets. https://ost2.fyi/Dbg1103 by Xusheng Li