About me

Mateusz Jurczyk

I am Mateusz Jurczyk, also known as j00ru. I have been interested in reverse engineering, operating system internals and offensive vulnerability research for over 15 years. I currently work as a security researcher at Google Project Zero (see our blog and bug tracker); before that, I worked as an Information Security Engineer at Google (2011–2014), and as a security researcher/malware analyst at Hispasec Sistemas (2009–2011).

You can contact me via e-mail or find me on Twitter, LinkedIn or GitHub.

Dragon Sector

I play security CTFs and co-founded the Dragon Sector CTF team. Together with the team, we have won various competitions around the world, and maintained a top 1-4 standing throughout 2013–2019 as classified by CTFtime.org. We also organized our own CTFs in collaboration with the CONFidence conference in Krakow in 2015, 2016 and 2017, with Security PWNing Conference in Warsaw in 2018 and 2019, and online in 2020 and 2021. Earlier, I was a part of a group of computer enthusiasts called Vexillium.

Pwnie AwardsI have discovered and reported security flaws in kernel drivers, user-mode components, document readers, word processors, web browsers, browser plugins, virtual machines, antivirus software, open-source programs and libraries, and many more. Most bugs found in 2014 and later are documented in the Project Zero bug tracker. For some of the work, I was nominated for Pwnie Awards, which I won in 2012 (Best Privilege Escalation Bug), 2013 (Most Innovative Research, with Gynvael Coldwind), 2015 (Best Client-Side Bug) and 2020 (Best Client-Side Bug). I also made it to the MSRC Top 100 list for 2015 (ranked #10), 2016 (#3), 2017 (#1), 2018 (#8) and 2019 (#9).

Praktyczna Inżynieria WstecznaIn addition to posting on this personal blog, I have also written on the Project Zero blog, published standalone papers, and contributed articles to local and online magazines (see Articles and papers). Furthermore, I have spoken at a number of security conferences, including Black Hat, REcon and Infiltrate (listed in Conference talks). Finally, I was the lead editor of Gynvael’s “Zrozumieć Programowanie” (Understanding Programming) book published in 2015, as well as one of the editors and authors of the “Praktyczna Inżynieria Wsteczna” (Practical Reverse Engineering) volume printed in 2016.