Satoshi's Avatar

Satoshi

@satoshi-tanda.bsky.social

Software security engineer and trainer @ tandasat.github.io

99 Followers  |  43 Following  |  19 Posts  |  Joined: 17.01.2024  |  1.9016

Latest posts by satoshi-tanda.bsky.social on Bluesky

Impressive

06.06.2025 15:28 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Laptop and class materials with a microphone

Laptop and class materials with a microphone

Just wrapped up teaching my hypervisor development class. Always refreshing to work with sharp folks from diverse backgroundsβ€”and rewarding to help them get started.

The next class will be in person at @hexacon.bsky.social. Check out the conference page if you're interested.

21.05.2025 04:19 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

The registration is open now. See you in Paris!

06.05.2025 00:42 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Voyage Below the OS: SMM Isolation on the Intel Platform | Satoshi Tanda
YouTube video by Kaspersky Tech Voyage Below the OS: SMM Isolation on the Intel Platform | Satoshi Tanda

My talk about the recent SMM architecture and security at #TheSAS2024: youtube.com/watch?v=AIGj...

The conference was well organized and had plenty of networking opportunities. Though, the best thing was the venue :) It is at a beautiful resort again this year, so you will love it.

03.05.2025 23:09 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

This is like "VT-x 101". The essence of HW-assisted VT, everything needed to virtualize Windows on-the-fly, and a bit of security in 2 days.

It misses a ton of fun discussions and exercises that are in my 4 days class, but I am giving back to the community that helped me learn.

18.04.2025 13:19 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Training course title and trainer's picture

Training course title and trainer's picture

I am thrilled to be back and offer the in-person training once again at Hexacon, the fabulous conf. in Paris
hexacon.fr/trainer/tanda/

Get hands-on experience with virtualization and learn real-world applications and bugs of them!

The tickets will be available for purchase soon.

16.04.2025 03:44 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 1

πŸ¦€ Hello World!

The Rust project now has an official presence on Bluesky! ✨

We'll be posting the same on our Mastodon and Bluesky accounts, so you won't miss anything on either platform.

05.04.2025 10:51 β€” πŸ‘ 1492    πŸ” 292    πŸ’¬ 32    πŸ“Œ 25
What keeps kernel shadow stack effective against kernel exploits? This post introduces one of the virtualization features needed to keep kernel-mode shadow stack functional against kernel exploits: supervisor shadow stack restrictions / supervisor shadow-stack contr...

The new blog post on supervisor shadow stack restrictions / supervisor shadow-stack control

tandasat.github.io/blog/2025/04...

02.04.2025 14:39 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Intel SDM rev 87 was out. Updates? Good luck with diffing 5000+ pages of PDF files. @intel forgot to update the Documentation Changes file.

02.04.2025 14:24 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
dump_cfguard_bitmap.js - Pastebin.com Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.

WinDbg script to check kCFG target function validity, and also to dump actual cfguard bitmap (which can be quite different from what's specified in the image GFIDS, needs more research): pastebin.com/64kujJNb.

!check_cfguard "nt!longjmp"

!dump_cfguard_bitmap "nt", "C:/cfguard_bitmap_ntoskrnl.bin"

31.03.2025 04:07 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Great talk! It's very encouraging to see more big players like MSFT adopting Rust rapidly and widely

I was using C/C++ for 10+ years, but now I code almost exclusively in Rust and am happy about that. It is more productive and enjoyable.

27.02.2025 20:59 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

and check out BigInt and Template literals if you write Windbg extensions. They make JavaScript programming a little more bearable.

developer.mozilla.org/en-US/docs/W...
developer.mozilla.org/en-US/docs/W...

18.02.2025 15:31 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Demo

Demo

Added AMD support to hvext, the windbg extension for reversing Hyper-V!
github.com/tandasat/hvext

You can check what SVM features are enabled, which MSRs and IO ports are accessible, and how nested page table looks like, for NT, SK and regular VMs.

18.02.2025 15:31 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
microphone and laptop

microphone and laptop

The new microphone setup for my next remote class!

Not that you pay for my clear voice :D but this will improve the learning experience

Btw, more than 1/3 of the seats were sold, so do not wait too long. Remote classes become full well before early-bird ends

06.02.2025 14:59 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
System Programming Lab The next public class is May 12-13 and 19-20 (4 days) via Zoom

Excited to announce that registration for my hypervisor class in May is open! tandasat.github.io

This class teaches you how hypervisors can be used for security and research, including hardening, fuzzing, and reversing, as well as their design options and vulnerabilities.

21.01.2025 16:12 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Hyper-V arrowed the child partition VM to write this MSR and modifying the setting system-globally. This virtualization support addresses this issue.

04.01.2025 21:17 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Both Intel SDM v86 and Instruction Set Extensions Programming Reference v56 are out.
intel.com/sdm

SDM updates are minor. The other adds proper virtualization of IA32_SPEC_CTRL (on top of mask/shadow added before).

04.01.2025 21:17 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

I had a blast doing the research for Part 2 of my series on using JTAG to debug Hypervisor-Managed Linear Address Translation (HLAT): www.asset-intertech.com/resources/bl.... In this blog, I used SourcePoint to pinpoint where in the boot flow HLAT is enabled on Alder Lake performance cores.

30.12.2024 20:20 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

My first pull request to the Rust community got merged. If you find trivial errors, just make pull requests.

29.12.2024 16:15 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 2.0.0 Β· dtolnay/thiserror Breaking changes Referencing keyword-named fields by a raw identifier like {r#type} inside a format string is no longer accepted; simply use the unraw name like {type} (#347) This aligns thiserro...

The thiserror crate started to support no_std. Good news for low-level/embedded devs
github.com/dtolnay/this...

19.12.2024 16:50 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
BlueHat 2024: S09: Pointer Problems – Why We’re Refactoring the Windows Kernel
YouTube video by Microsoft Security Response Center (MSRC) BlueHat 2024: S09: Pointer Problems – Why We’re Refactoring the Windows Kernel

Important news: Microsoft is working to bring SMAP into Windows

www.youtube.com/watch?v=-3jx...

Great talk by Joe Bialek from MORSE team

16.12.2024 04:29 β€” πŸ‘ 18    πŸ” 7    πŸ’¬ 1    πŸ“Œ 0

Can recommend Satoshi's training as well, rarely had a training that was such hands-on.

14.12.2024 17:25 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

Happy to hear that!

14.12.2024 17:04 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 1
system-programming-lab groups.io Group Accouchement-only mailing list for the courses byΒ System Programming Lab (Satoshi Tanda). ONLY MODERATORS CAN POST to this group.

I updated all host, exercise, and demo setups of my hypervisor class to the latest version of OSes (Ubuntu 24, Windows 11 24H2, and macOS 15).

If you are interested in taking my future courses, you can subscribe the schedule announcement only mailing list at groups.io/g/system-pro...

26.11.2024 03:43 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@satoshi-tanda is following 20 prominent accounts