Articles and papers

Below is a summary of the external blog posts, articles and papers I have authored or co-authored so far.

Project Zero blog posts

Date	Title
2024	The Windows Registry Adventure #3: Learning resources
2024	The Windows Registry Adventure #2: A brief history of the feature
2024	The Windows Registry Adventure #1: Introduction and research results
2020	MMS Exploit Part 5: Defeating Android ASLR, Getting RCE
2020	MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle
2020	MMS Exploit Part 3: Constructing the Memory Corruption Primitives
2020	MMS Exploit Part 2: Effective Fuzzing of the Qmage Codec
2020	MMS Exploit Part 1: Introduction to the Samsung Qmage Codec and Remote Attack Surface
2020	Part II: Returning to Adobe Reader symbols on macOS
2019	The story of Adobe Reader symbols
2018	Detecting Kernel Memory Disclosure – Whitepaper
2017	Notes on Windows Uniscribe Fuzzing
2016	A year of Windows kernel font fuzzing #2: the techniques
2016	A year of Windows kernel font fuzzing #1: the results
2015	Enabling QR codes in Internet Explorer, or a story of a cross-platform memory disclosure
2015	One font vulnerability to rule them all #4: Windows 8.1 64-bit sandbox escape exploitation
2015	One font vulnerability to rule them all #3: Windows 8.1 32-bit sandbox escape exploitation
2015	One font vulnerability to rule them all #2: Adobe Reader RCE exploitation
2015	One font vulnerability to rule them all #1: Introducing the BLEND vulnerability

Articles in English

Date	Magazine	Title	Co-authors
2019	Paged Out! #1	Building ROP with floats and OpenType
2019	Paged Out! #1	Windows Syscall Quiz
2018		Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking
2014	XAKEP	Windows Kernel Trap Handler and NTVDM Vulnerabilities - Case Study
2013		Identifying and Exploiting Windows Kernel Race Conditions via Memory Access Patterns	Gynvael Coldwind
2012	HITB Magazine	Memory Copy Functions in Local Windows Kernel Exploitation
2012	HITB Magazine	The story of CVE-2011-2018 exploitation (also as a whitepaper)
2011	HITB Magazine	Windows Security Hardening Through Kernel Address Protection (also as a whitepaper)
2011	HITB Magazine	Windows Handle Numeric Allocation in Depth
2011	HITB Magazine	Windows CSRSS Tips & Tricks
2011		Exploiting the otherwise non-exploitable: Windows Kernel-mode GS cookies subverted	Gynvael Coldwind
2010	HITB Magazine	Custom console hosts on Windows 7
2010	HITB Magazine	Reserve Objects in Windows 7
2010	HITB Magazine	Windows Objects in Kernel Vulnerability Exploitation
2010		GDT and LDT in Windows kernel vulnerability exploitation	Gynvael Coldwind

Articles in Polish

Date	Magazine	Title	Co-authors
2022	Programista	Hello World pod lupą	Gynvael Coldwind, Adam Sawicki
2016	Programista	Fuzzing	Gynvael Coldwind
2014	Programista	Zdobyć flagę... DEF CON CTF 2014 - wdub (v2)
2014	Programista	Jak napisać własny debugger w systemie Windows – część 4
2014	PWN	Programistyczne Potknięcia	Gynvael Coldwind
2014	Programista	Jak napisać własny debugger w systemie Windows – część 3
2014	Programista	Jak napisać własny debugger w systemie Windows – część 2
2014	Programista	Jak napisać własny debugger w systemie Windows – część 1
2013	Programista	Bliżej silikonu #2	Gynvael Coldwind
2013	Programista	Bliżej silikonu #1	Gynvael Coldwind
2013	Programista	AddressSanitizer: szybki detektor błędów pamięci
2010	Hakin9	Błędy typu Write-What-Where w jądrze Windowsa
2010	Hakin9	Luki bezpieczeństwa jądra Windows