Xeno Kovah
@xenokovah.bsky.social
Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://ost2.fyi
I'm looking forward to taking this class as a student, since I've always wanted to learn more about QEMU, since lots of security research projects work by augmenting it. And because it’s often used to run firmware too (from UEFI to embedded). If that's you too, take it too!
📢Call for beta testers!📢
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps.bsky.social will begin November 28th. Sign up here: forms.gle/LUXaThn4YSYS...
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps.bsky.social will begin November 28th. Sign up here: forms.gle/LUXaThn4YSYS...
Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!
Enter the email you have used / will use when registering for beta.ost2.fyi. This will be used to enroll you in the beta class if you are selected. If your account does not exist at the time enrollmen...
forms.gle
November 14, 2025 at 12:43 PM
I'm looking forward to taking this class as a student, since I've always wanted to learn more about QEMU, since lots of security research projects work by augmenting it. And because it’s often used to run firmware too (from UEFI to embedded). If that's you too, take it too!
Reposted by Xeno Kovah
📢Call for beta testers!📢
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps.bsky.social will begin November 28th. Sign up here: forms.gle/LUXaThn4YSYS...
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps.bsky.social will begin November 28th. Sign up here: forms.gle/LUXaThn4YSYS...
Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!
Enter the email you have used / will use when registering for beta.ost2.fyi. This will be used to enroll you in the beta class if you are selected. If your account does not exist at the time enrollmen...
forms.gle
November 14, 2025 at 12:10 PM
📢Call for beta testers!📢
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps.bsky.social will begin November 28th. Sign up here: forms.gle/LUXaThn4YSYS...
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps.bsky.social will begin November 28th. Sign up here: forms.gle/LUXaThn4YSYS...
Reposted by Xeno Kovah
Squeeeee 🥳 I'll be teaching my Advanced Linux Malware Reverse Engineering class at RE//verse conference in 2026!! MORE Linux APT insides and peculiarities😍🥰🤩Pls share if you can🙃
shop.binary.ninja/products/re-...
shop.binary.ninja/products/re-...
RE//verse 2026 Training - Advanced Linux Malware Reverse Engineering with Marion Marschalek
This fast-paced 3-day training explores Linux internals and Linux binary analysis techniques, before jumping right in with common Linux malware. Work through advanced samples, Linux software protectio...
shop.binary.ninja
November 12, 2025 at 6:59 PM
Squeeeee 🥳 I'll be teaching my Advanced Linux Malware Reverse Engineering class at RE//verse conference in 2026!! MORE Linux APT insides and peculiarities😍🥰🤩Pls share if you can🙃
shop.binary.ninja/products/re-...
shop.binary.ninja/products/re-...
‘The finding suggests that at current scales, language models treat “2+2=4” more like a memorized fact than a logical operation.”
Same, AI, same… I did really good in HS math, through calculus 2, because I’m really good at memorization. Linear algebra for EE in college proceeded to kick my ass…
Same, AI, same… I did really good in HS math, through calculus 2, because I’m really good at memorization. Linear algebra for EE in college proceeded to kick my ass…
November 11, 2025 at 11:31 AM
‘The finding suggests that at current scales, language models treat “2+2=4” more like a memorized fact than a logical operation.”
Same, AI, same… I did really good in HS math, through calculus 2, because I’m really good at memorization. Linear algebra for EE in college proceeded to kick my ass…
Same, AI, same… I did really good in HS math, through calculus 2, because I’m really good at memorization. Linear algebra for EE in college proceeded to kick my ass…
Got the slides down from 350 to a lean 173! Finally going the right direction! I suspect I’ll land around 160+talking fast…
Added 24 summary slides to see how much work I have left to do…current slide count is 266. Thoughts and prayers appreciated 💀 (but realistically this deck will form the basis for a future “RE like me: Realtek edition” class)
The good news is also the bad news: 2 days of slide-making and I’m over 100 slides…to describe the first 5 days of the work 😬 There’s no way I’m going to be able to include everything in the talk. I’ll post a “Kovah Cut” on the DarkMentor website like in the past, but may have to break into 2 talks
November 10, 2025 at 8:58 PM
Got the slides down from 350 to a lean 173! Finally going the right direction! I suspect I’ll land around 160+talking fast…
Real-talk: I’ve gone from updating every half-year to almost 1.5 years! I’ll need people to start submitting pull requests for changes to add or update new talks, or it’s very likely this timeline will come to an end. Anyone who’d like to join as a co-maintainer should LMK.
🧵⬇️Low level security timeline update!⬆️ 2025-11-09 Part 1
After over a year, I've finally updated the Low Level PC/Server Attack & Defense Timeline! darkmentor.com/timeline.html The 2025 talks are in this thread, and pre-2025 will be next time.
👇
After over a year, I've finally updated the Low Level PC/Server Attack & Defense Timeline! darkmentor.com/timeline.html The 2025 talks are in this thread, and pre-2025 will be next time.
👇
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:30 AM
Real-talk: I’ve gone from updating every half-year to almost 1.5 years! I’ll need people to start submitting pull requests for changes to add or update new talks, or it’s very likely this timeline will come to an end. Anyone who’d like to join as a co-maintainer should LMK.
🧵⬇️Low level security timeline update!⬆️ 2025-11-09 Part 1
After over a year, I've finally updated the Low Level PC/Server Attack & Defense Timeline! darkmentor.com/timeline.html The 2025 talks are in this thread, and pre-2025 will be next time.
👇
After over a year, I've finally updated the Low Level PC/Server Attack & Defense Timeline! darkmentor.com/timeline.html The 2025 talks are in this thread, and pre-2025 will be next time.
👇
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
🧵⬇️Low level security timeline update!⬆️ 2025-11-09 Part 1
After over a year, I've finally updated the Low Level PC/Server Attack & Defense Timeline! darkmentor.com/timeline.html The 2025 talks are in this thread, and pre-2025 will be next time.
👇
After over a year, I've finally updated the Low Level PC/Server Attack & Defense Timeline! darkmentor.com/timeline.html The 2025 talks are in this thread, and pre-2025 will be next time.
👇
Reposted by Xeno Kovah
November 5, 2025 at 7:08 PM
New life philosophy (x.com/xenokovah/st...) is helping me understand my general anti-CTF sentiment and why I feel like CTFs are a waste of peoples’ lives: “Solve *problems*, not puzzles”. If they’re the same, great. But I’ve seen lots of CTF *puzzles* which don’t teach problem solving.
November 5, 2025 at 10:32 PM
New life philosophy (x.com/xenokovah/st...) is helping me understand my general anti-CTF sentiment and why I feel like CTFs are a waste of peoples’ lives: “Solve *problems*, not puzzles”. If they’re the same, great. But I’ve seen lots of CTF *puzzles* which don’t teach problem solving.
It's awesome to see companies like @binarly.bsky.social helping support OST2 so it can keep bringing free training to the world! (This could/should be your company too! :))
We are happy to announce that @binarly.bsky.social has renewed their 🥇Gold-level sponsorship of #OST2!
Learn more about what they do in firmware & supply chain security here: ost2.fyi/Sponsor_Bina...
Learn more about what they do in firmware & supply chain security here: ost2.fyi/Sponsor_Bina...
November 3, 2025 at 11:59 AM
It's awesome to see companies like @binarly.bsky.social helping support OST2 so it can keep bringing free training to the world! (This could/should be your company too! :))
We finally have a place to put all the firmware security & related classes, regardless of whether the firmware is server, desktop, embedded, or mobile!
This year @binarly.bsky.social has also expanded their sponsorship to the creation of a new #OST2 Firmware Security Learning Path!
ost2.fyi/OST2_LP_FWSE...
ost2.fyi/OST2_LP_FWSE...
November 3, 2025 at 11:55 AM
We finally have a place to put all the firmware security & related classes, regardless of whether the firmware is server, desktop, embedded, or mobile!
@districtcon.bsky.social looks like it has a pretty great lineup of talks and speakers this year (districtcon.org). I’ll be there too, talking about my new Realtek Bluetooth chip RE work
October 28, 2025 at 10:36 AM
@districtcon.bsky.social looks like it has a pretty great lineup of talks and speakers this year (districtcon.org). I’ll be there too, talking about my new Realtek Bluetooth chip RE work
Reposted by Xeno Kovah
You could use the OST1 Rootkits class (opensecuritytraining.info/Rootkits.html) as a starting template, since that's the whole point of making the materials under CC licenses. Xeno Kovah isn't planning on updating it as he's off in Bluetooth world now.
Rootkits
opensecuritytraining.info
October 27, 2025 at 11:24 AM
You could use the OST1 Rootkits class (opensecuritytraining.info/Rootkits.html) as a starting template, since that's the whole point of making the materials under CC licenses. Xeno Kovah isn't planning on updating it as he's off in Bluetooth world now.
Reposted by Xeno Kovah
Periodic call for volunteers: We're looking for someone to teach classes on stealth malware, such as rootkits, bootkits, and other security-evading software.
October 27, 2025 at 11:23 AM
Periodic call for volunteers: We're looking for someone to teach classes on stealth malware, such as rootkits, bootkits, and other security-evading software.
🧵I created a complimentary repo to Antonio's, that's focused specifically on common security-relevant HCI Vendor-Specific Commands and getting them documented in a useful machine-readable way (Scapy definitions for now) github.com/darkmentorll...
GitHub - darkmentorllc/BT_Security_VSC_DB: This repository contains information about Bluetooth HCI Vendor-Specific Commands (VSCs) which are known to be security-relevant.
This repository contains information about Bluetooth HCI Vendor-Specific Commands (VSCs) which are known to be security-relevant. - darkmentorllc/BT_Security_VSC_DB
github.com
October 27, 2025 at 11:09 AM
🧵I created a complimentary repo to Antonio's, that's focused specifically on common security-relevant HCI Vendor-Specific Commands and getting them documented in a useful machine-readable way (Scapy definitions for now) github.com/darkmentorll...
Reposted by Xeno Kovah
Y'all fantastic news! Save the date, @blackhoodie.bsky.social will be at @districtcon.bsky.social this year 😱 the fantastic crew has offered to host us for a day of Malware Reverse Engineering! @synapticrewrite.bsky.social and myself will be hosting a training for women by women on January 23rd!!
October 26, 2025 at 7:37 PM
Y'all fantastic news! Save the date, @blackhoodie.bsky.social will be at @districtcon.bsky.social this year 😱 the fantastic crew has offered to host us for a day of Malware Reverse Engineering! @synapticrewrite.bsky.social and myself will be hosting a training for women by women on January 23rd!!
🧵A new git repo by Antonio Vazquez Blanco is collecting info about Bluetooth USB dongles. If you have one laying around, please contribute information about it…
github.com/antoniovazqu...
github.com/antoniovazqu...
GitHub - antoniovazquezblanco/Bluetooth-Controllers-Reversing: Reverse engineering Bluetooth controllers to get more out of them!
Reverse engineering Bluetooth controllers to get more out of them! - antoniovazquezblanco/Bluetooth-Controllers-Reversing
github.com
October 24, 2025 at 10:55 AM
🧵A new git repo by Antonio Vazquez Blanco is collecting info about Bluetooth USB dongles. If you have one laying around, please contribute information about it…
github.com/antoniovazqu...
github.com/antoniovazqu...
🧵For those who are curious about the completion time distribution during the beta of my #OST2 BT2222 class, here it is. The average completion time was 8h25m, the median was 8h10m, the min was 3h50m, and the max was 15h22m
October 20, 2025 at 10:41 AM
🧵For those who are curious about the completion time distribution during the beta of my #OST2 BT2222 class, here it is. The average completion time was 8h25m, the median was 8h10m, the min was 3h50m, and the max was 15h22m
Added 24 summary slides to see how much work I have left to do…current slide count is 266. Thoughts and prayers appreciated 💀 (but realistically this deck will form the basis for a future “RE like me: Realtek edition” class)
The good news is also the bad news: 2 days of slide-making and I’m over 100 slides…to describe the first 5 days of the work 😬 There’s no way I’m going to be able to include everything in the talk. I’ll post a “Kovah Cut” on the DarkMentor website like in the past, but may have to break into 2 talks
My new talk on reverse engineering the firmware of Realtek RTL8761B Bluetooth chips has been accepted to @hardwear-io.bsky.social in Amsterdam in November. Abstract in image due to size limits.
October 15, 2025 at 1:01 PM
Added 24 summary slides to see how much work I have left to do…current slide count is 266. Thoughts and prayers appreciated 💀 (but realistically this deck will form the basis for a future “RE like me: Realtek edition” class)
🧵Alright! I pulled off the hat trick 🎩 at hardwear.io this November! I've got a talk on 100% new firmware reverse engineering research (hardwear.io/netherlands-... tagline:SUFFERING BUILDS STRENGTH!)…
October 13, 2025 at 11:51 AM
🧵Alright! I pulled off the hat trick 🎩 at hardwear.io this November! I've got a talk on 100% new firmware reverse engineering research (hardwear.io/netherlands-... tagline:SUFFERING BUILDS STRENGTH!)…
🧵And because apparently I can only thread to 10, the thread continues here!
🔵🦷🔒📈🆙‼️Bluetooth Security Timeline Update 2025-10-11!🧵
11 new talks from 2024-2025 added to the Bluetooth Security Timeline at
darkmentor.com/bt.html
11 new talks from 2024-2025 added to the Bluetooth Security Timeline at
darkmentor.com/bt.html
October 13, 2025 at 11:25 AM
🧵And because apparently I can only thread to 10, the thread continues here!