Skip to content
View tobiaskocur's full-sized avatar
🎯
Focusing
🎯
Focusing
4 followers · 2 following
  • Slovakia
  • 20:41 (UTC +01:00)

Sponsoring

@mrexodia

Achievements

Achievement: StarstruckAchievement: Public SponsorAchievement: QuickdrawAchievement: YOLOAchievement: Pull Shark

Achievements

Achievement: StarstruckAchievement: Public SponsorAchievement: QuickdrawAchievement: YOLOAchievement: Pull Shark

Block or report tobiaskocur

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
tobiaskocur/README.md

Tobias | Systems & Security Engineer

πŸ‡ΈπŸ‡° Slovakia β€’ System Security β€’ Kernel Development β€’ Reverse Engineering

"Security through opacity is not security. I break systems to build them stronger."





πŸ”¬ Technical Arsenal

Core Engineering System Internals Analysis & Debugging







BSOD
POV: You acquired the spinlock at DISPATCH_LEVEL but touched paged memory...

πŸš€ Deep-Dive Projects

πŸ›‘οΈ Aegis | Kernel Protection Driver (PoC)

A kernel-mode driver focused on reducing user-mode tampering against protected processes.

  • Access Control: Uses ObRegisterCallbacks to filter/strip handle permissions.
  • Hardening (WIP): Researching safe kernel telemetry + anti-tamper patterns (no β€œmagic stealth claims”).
  • Stack: C, WDK, Kernel synchronization, IRQL-aware code

πŸ“± Mindly | iOS Protocol Tooling

A digital detox tool that interfaces with iOS devices over USB to enforce restriction profiles.

  • Protocol work: Exploring iOS configuration / MDM-related workflows via libimobiledevice.
  • Implementation: Desktop UX using ImGui, device control via USB stack.
  • Stack: C++, Reverse engineering mindset, USB protocols

🌐 Sajko.sk | Session Replay Platform

Enterprise-grade session replay & analytics platform with a real-time event pipeline.

  • Pipeline: Ingest β†’ process β†’ store β†’ replay user sessions.
  • Stack: TypeScript, Next.js, PostgreSQL, WASM (encoding experiments)

⚑ Current Research & Deep Dives

I learn systems security by debugging real artifacts and writing tooling around them:

  • Windows Internals: scheduler, EPROCESS/KTHREAD, handle tables, callbacks
  • Kernel dev: WDK, IRQL rules, sync primitives, IOCTL design
  • RE practice: static + dynamic analysis, patching, small PoCs
  • Reading / notes: turning findings into writeups (planned: blog repo)

🧩 Code Glimpse

#include <ntddk.h>

NTSTATUS DriverEntry(_In_ PDRIVER_OBJECT DriverObject, _In_ PUNICODE_STRING RegistryPath) {
    UNREFERENCED_PARAMETER(RegistryPath);

    DriverObject->DriverUnload = NULL; // Set later in real projects
    DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_INFO_LEVEL, "Aegis: Driver loaded.\n");

    return STATUS_SUCCESS;
}

πŸ“« Uplink


Pinned Loading

  1. aegis aegis Public

    Kernel-mode process protection driver with user GUI

    C++ 32 1

  2. mindly_dock mindly_dock Public

    Dumb Phone method for iOS written in C++, leveraging libimobiledevice and iOS profiles

    C++ 1

  3. sajko-tracker sajko-tracker Public

    Forked from sajkoapp/sajko-tracker

    Advanced session replay and analytics for modern web apps

    TypeScript

  4. sajkoapp/sajko-tracker sajkoapp/sajko-tracker Public

    Advanced session replay and analytics for modern web apps

    TypeScript 1

  5. fitspace fitspace Public

    Objective-C

  6. cryptoweb cryptoweb Public

    JavaScript