Log inSign up
user avatar
Gynvael Coldwind
@gynvael
security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine@DragonSectorCTFyoutube.com/@GynvaelEN ⁂ ex-Google ⁂ he/him
Zürich, Switzerland
gynvael.coldwind.pl
Joined July 2009
1,327
Following
39.1K
Followers
  • Pinned
    user avatar
    Gynvael Coldwind
    @gynvael
    May 29
    I'm thinking of doing an in-depth Python summer camp? (online live workshop, in English). If you're potentially interested, please add your email to the list: hackArcana.com/summer-python-… (it's just so I can measure interest and have a way to let you know once more info is up).
    1.9K
  • user avatar
    Gynvael Coldwind
    @gynvael
    Apr 15, 2019
    Me coding with ~5y experience: 1. write code Me coding with ~30y experience: 1. read docs for fopen() 2. write 1 line of code 3. check 17 different things in docs/internets about fopen 4. reverse fopen implementation because this one detail... 5. decide to use different function.
  • user avatar
    Gynvael Coldwind
    @gynvael
    Jul 1, 2021
    How to read a file in C according to NETGEAR
    s = popen("cat /proc/l3_neigh_v6", "r"); ... while (fgets(..., s) ...
  • user avatar
    Gynvael Coldwind
    @gynvael
    Aug 10, 2019
    Paged Out! #1 is out! (and it's free to download!) pagedout.institute/?page=issues.p… There are 57 articles in 12 categories: Electronics Programming Assembly Reverse Engineering Sec/Hack Retro File Formats Algorithmics SysAdmin Radio Phreaking OS Internals Enjoy! #PagedOut!
    pagedout.institute
    Paged Out!
    Deeply technical zine. And it's free.
  • user avatar
    Gynvael Coldwind
    @gynvael
    May 2, 2023
    Friday was my last day at Google. I'm saddened to leave behind my team of the last 12+ years, but I know Google's security is in great hands. It's time for a short break and then I'm moving on with plans I've made long ago – my own sec research, consulting, and education company.
    85K
  • user avatar
    Gynvael Coldwind
    @gynvael
    Nov 19, 2023
    My first program in Python! I still find this syntax a bit confusing with no { } etc. def main( line0: print("Hello World!"), line1: print("What's your name?"), line2: (x := input("Name plz: ")), line3: print(f"Your name is: {x}") ): pass
    Linux terminal with Python script "test.py" invocation. It first writes out "Hello World", then "What's your name?", then asks for the name, and writes it back out.
    222K
  • user avatar
    Gynvael Coldwind
    @gynvael
    Oct 11, 2022
    So an AMD engineer and 2 Google engineers walk into a bar... and write an article about how "Hello World" in #Python works. The article turns out to be 26 pages. From Python, through C, WinAPI/Kernel, font rendering, to GPU. Enjoy! gynvael.coldwind.pl/?lang=en&id=754 asawicki.info/news_1762_hell…
    user avatar
    Adam Sawicki
    @Reg__
    Oct 11, 2022
    "Hello World under the microscope" - an article we wrote together with @gynvael and @j00ru! Originally published in issue 100 (1/2022) of the Programista magazine, now available online in Polish and English. asawicki.info/articles/Hello…
  • user avatar
    Gynvael Coldwind
    @gynvael
    Nov 12, 2025
    Here's some blursed Python code for you: a, b, c = {"alice", "has", "a cat"} print(a, b, c)
    First run: has alice a cat Second run: a cat alice has Third run: has alice a cat Fourth run: alice a cat has
    71K
  • user avatar
    Gynvael Coldwind
    @gynvael
    Jul 3, 2019
    A fun and innovative ZIP bomb by David Fifield (and an excellent technical write-up - take a look if you like file format hacks): bamsoftware.com/hacks/zipbomb/ zbsm.zip42 kB→5.5 GB zblg.zip10 MB→281 TB zbxl.zip46 MB→4.5 PB
  • user avatar
    Gynvael Coldwind
    @gynvael
    May 7, 2024
    Python was too hard so I've switched to C++. Here's my first "Hello World"!
    C++ code that creates two classes: A and B. And then multiple classes that use multiple inheritance over first A and B, and later the created classes. Finally the code calls multiple printf with %c, and does a lot of weird pointer casting and subtractions. After compiling and running it prints "Hello World!". The source code is at https://gynvael.coldwind.pl/n/cpp_hello_world_kinda
    Linux terminal with Python script "test.py" invocation. It first writes out "Hello World", then "What's your name?", then asks for the name, and writes it back out.
    user avatar
    Gynvael Coldwind
    @gynvael
    Nov 19, 2023
    My first program in Python! I still find this syntax a bit confusing with no { } etc. def main( line0: print("Hello World!"), line1: print("What's your name?"), line2: (x := input("Name plz: ")), line3: print(f"Your name is: {x}") ): pass
    90K
  • user avatar
    Gynvael Coldwind
    @gynvael
    Jun 14, 2022
    I just randomly found a YouTube channel with 22 videos that explain modern cryptographic algorithms + show how to implement them in Python! Awesome for learning crypto! The channel has 80 subs. Any chance we could show some love to the creator? youtube.com/channel/UCp1rL… Plz RT
    youtube.com
    Cyrill Gössi
    Cryptography is amazing. Cryptography protects the privacy of people by providing secrecy to personal data, or by providing secrecy to information exchanged between people that have never met before....
  • user avatar
    Gynvael Coldwind
    @gynvael
    Aug 15, 2022
    Boss: Hey IT guy, can you program our pharmacy logo to flash or sth? Bob: Say no more! Narrator: Bob, a demoscene veteran, was waiting for this opportunity for 25 years.
    This Post is from an account that no longer exists. Learn more
  • user avatar
    Gynvael Coldwind
    @gynvael
    Dec 25, 2018
    TIL from @q3k and @marcan42: wget saves downloaded file's source URL (and sometimes referrer) in extended attributes. This includes the cases where the URL has a user/password in it 🙃 $ getfattr -d -m - test user.xdg.origin.url="https://user:[email protected]/"
  • user avatar
    Gynvael Coldwind
    @gynvael
    Aug 5, 2021
    Random tip for Windows users: If you are worried about accidentally double-clicking a malicious executable in your Download folder or are worried about random DLLs (carpet bombing / DLL hell), just DISABLE EXECUTION in that folder: icacls Download /deny Everyone:(OI)(IO)(X)