Calle Svensson
@zetatwo.bsky.social
Security Engineer @ XTX. MSc in eng. physics & CompSci, dev & gamer. ❤️ music & long distance running. Wanna do a PhD sometime. Same U/N on all other sites
I have now been a year in the UK. It's been pretty cool so far. Let's see what the next one holds in store.
November 3, 2025 at 2:18 PM
I have now been a year in the UK. It's been pretty cool so far. Let's see what the next one holds in store.
Finally managed to sit down this weekend and finish #flareon12. The last one was a bit of a struggle and I made a lot of mistakes but got there in the end. Thanks a lot Nick Harbour and team for another successful edition. Looking forward to write-ups.
October 19, 2025 at 1:15 AM
Finally managed to sit down this weekend and finish #flareon12. The last one was a bit of a struggle and I made a lot of mistakes but got there in the end. Thanks a lot Nick Harbour and team for another successful edition. Looking forward to write-ups.
I needed a bit more oomph for #flareon12 challenge 9.
October 10, 2025 at 8:30 PM
I needed a bit more oomph for #flareon12 challenge 9.
Mark published some really nice analysis of the @livectf.bsky.social AI solves, check it out!
Finally ran my own experiment on 2 LiveCTF challenges after seeing an AI bot beat top players on them.
Granted, these are the 2 we saw AI solve, but I was still surprised by the success of current models with a single prompt.
Sharing so others can try it themselves: seeinglogic.com/posts/livect...
Granted, these are the 2 we saw AI solve, but I was still surprised by the success of current models with a single prompt.
Sharing so others can try it themselves: seeinglogic.com/posts/livect...
The Beast Opens its Eye: AI at LiveCTF 2025
In the most recent LiveCTF event, we witnessed a turning point: a player brought a custom AI bot that beat both human competitors to the punch… and in the two matches that the bot won, it wasn’t even ...
seeinglogic.com
October 9, 2025 at 1:11 PM
Mark published some really nice analysis of the @livectf.bsky.social AI solves, check it out!
In case you haven't tried it yet: Time-Travel Debugging + @binary.ninja Binary Ninja integration is such a ridiculously powerful reverse engineering method.
October 6, 2025 at 1:06 PM
In case you haven't tried it yet: Time-Travel Debugging + @binary.ninja Binary Ninja integration is such a ridiculously powerful reverse engineering method.
Come check out the latest issue containing my article on crypto code obfuscation and lots of other great entries!
pagedout.institute ← we've just released Paged Out! zine Issue #7
pagedout.institute/download/Pag... ← direct link
lulu.com/search?page=... ← prints for zine collectors
pagedout.institute/download/Pag... ← issue wallpaper
Enjoy!
Please please please share to spread the news - thank you!
pagedout.institute/download/Pag... ← direct link
lulu.com/search?page=... ← prints for zine collectors
pagedout.institute/download/Pag... ← issue wallpaper
Enjoy!
Please please please share to spread the news - thank you!
October 4, 2025 at 10:52 AM
Come check out the latest issue containing my article on crypto code obfuscation and lots of other great entries!
We're hiring! Specifically we're looking for a software engineer for our finance technology team for our office in London. Read more: www.xtxmarkets.com/job/?role=So... AMA about the company, living in London, etc.
Job Description | XTX Markets
XTX Markets is a leading algorithmic trading firm which uses state-of-the-art machine learning technology to produce price forecasts for over 50,000 financial instruments across equities, fixed income...
www.xtxmarkets.com
September 3, 2025 at 4:29 PM
We're hiring! Specifically we're looking for a software engineer for our finance technology team for our office in London. Read more: www.xtxmarkets.com/job/?role=So... AMA about the company, living in London, etc.
Fantastic article! Just a few months ago, I actually asked a large group of security professionals what the current up-to-date recommendation for this what. Sadly their responses varied mostly from "uh, idk" to "I still recommend CSRF tokens".
Very nice to have a clear, well reasoned reference.
Very nice to have a clear, well reasoned reference.
I edited my Cross-Site Request Forgery countermeasures research into a stand-alone article, including recommendations reusable by other projects.
tl;dr: no need for tokens or keys, modern browsers tell you if a request is cross-origin!
words.filippo.io/csrf
tl;dr: no need for tokens or keys, modern browsers tell you if a request is cross-origin!
words.filippo.io/csrf
Cross-Site Request Forgery
Cross-Site Request Forgery countermeasures can be greatly simplified using request metadata provided by modern browsers.
words.filippo.io
August 22, 2025 at 4:06 PM
Fantastic article! Just a few months ago, I actually asked a large group of security professionals what the current up-to-date recommendation for this what. Sadly their responses varied mostly from "uh, idk" to "I still recommend CSRF tokens".
Very nice to have a clear, well reasoned reference.
Very nice to have a clear, well reasoned reference.
I'm kinda tired of restaurants having 100 options and customisations, etc. I want to go to a 0 choice restaurant. I tell them that I'm allergic to peanuts and don't drink alcohol and then I just get served something. Would be amazing.
August 6, 2025 at 4:21 PM
I'm kinda tired of restaurants having 100 options and customisations, etc. I want to go to a 0 choice restaurant. I tell them that I'm allergic to peanuts and don't drink alcohol and then I just get served something. Would be amazing.
Haven't listened to Yungblud before but got introduced to Zombie (via Anthony Vincent) and OMG, listening to that song is like being transported back to being 17. Absolutely beautiful video as well.
August 5, 2025 at 3:38 PM
Haven't listened to Yungblud before but got introduced to Zombie (via Anthony Vincent) and OMG, listening to that song is like being transported back to being 17. Absolutely beautiful video as well.
After 1400 days I'm dropping my German Duolingo streak. It definitely helped me with the basics while I lived in Switzerland but that motivation is now gone. On to learning other things instead.
June 22, 2025 at 10:36 PM
After 1400 days I'm dropping my German Duolingo streak. It definitely helped me with the basics while I lived in Switzerland but that motivation is now gone. On to learning other things instead.
Reposted by Calle Svensson
Had a great time talking with @zardus.bsky.social about getting started in cybersecurity: www.youtube.com/watch?v=n9QW...
Primary thrust: Try something that interests you, then keep trying things.
Every time, you'll either succeed, learn something, or meet new people, and this builds over time.
Primary thrust: Try something that interests you, then keep trying things.
Every time, you'll either succeed, learn something, or meet new people, and this builds over time.
seeinglogic and zardus talk about getting into the cybersecurity industry
YouTube video by pwn.college
www.youtube.com
June 20, 2025 at 2:55 PM
Had a great time talking with @zardus.bsky.social about getting started in cybersecurity: www.youtube.com/watch?v=n9QW...
Primary thrust: Try something that interests you, then keep trying things.
Every time, you'll either succeed, learn something, or meet new people, and this builds over time.
Primary thrust: Try something that interests you, then keep trying things.
Every time, you'll either succeed, learn something, or meet new people, and this builds over time.
Come join me in the infosec team at XTX Markets! We're hiring for a Security Analyst with focus on compliance to our office in Singapore: www.xtxmarkets.com/job/?id=6616...
Job Description | XTX Markets
XTX Markets is a leading algorithmic trading firm which uses state-of-the-art machine learning technology to produce price forecasts for over 50,000 financial instruments across equities, fixed income...
www.xtxmarkets.com
June 20, 2025 at 1:22 PM
Come join me in the infosec team at XTX Markets! We're hiring for a Security Analyst with focus on compliance to our office in Singapore: www.xtxmarkets.com/job/?id=6616...
Does anyone have recommendations for any high quality discussion groups or communities for defensive security? Security engineering, detection engineering, DFIR, etc? Feels like there's an abundance of offense but not so much other stuff.
June 11, 2025 at 8:44 PM
Does anyone have recommendations for any high quality discussion groups or communities for defensive security? Security engineering, detection engineering, DFIR, etc? Feels like there's an abundance of offense but not so much other stuff.
Saw @gianmarcosoresi.bsky.social (and Liam Nelson) tonight and now like half the muscles in my body hurt from laughing. Thanks for a fantastic performance!
June 5, 2025 at 9:22 PM
Saw @gianmarcosoresi.bsky.social (and Liam Nelson) tonight and now like half the muscles in my body hurt from laughing. Thanks for a fantastic performance!
Reposted by Calle Svensson
After thinking about it for like five years I finally got around to starting learning to draw. Unsurprisingly it's very challenging but I enjoy it.
April 24, 2025 at 10:44 PM
After thinking about it for like five years I finally got around to starting learning to draw. Unsurprisingly it's very challenging but I enjoy it.
Reposted by Calle Svensson
As it turns out, the C compiler orphan-crushing machine offers no benefit: web.ist.utl.pt/nuno.lopes/p...
web.ist.utl.pt
April 22, 2025 at 8:37 PM
As it turns out, the C compiler orphan-crushing machine offers no benefit: web.ist.utl.pt/nuno.lopes/p...
Reposted by Calle Svensson
@livectf.bsky.social just posted their challenges and the solutions from the DEF CON quals: github.com/Live-CTF/Liv...
This means 6⃣ challenges to replay, with solutions from some of the best CTF teams in the world.
Challenge-4 (sokobin) lets you push bits around on the stack to get the flag 🤯
This means 6⃣ challenges to replay, with solutions from some of the best CTF teams in the world.
Challenge-4 (sokobin) lets you push bits around on the stack to get the flag 🤯
GitHub - Live-CTF/LiveCTF-DEFCON33
Contribute to Live-CTF/LiveCTF-DEFCON33 development by creating an account on GitHub.
github.com
April 16, 2025 at 2:46 PM
@livectf.bsky.social just posted their challenges and the solutions from the DEF CON quals: github.com/Live-CTF/Liv...
This means 6⃣ challenges to replay, with solutions from some of the best CTF teams in the world.
Challenge-4 (sokobin) lets you push bits around on the stack to get the flag 🤯
This means 6⃣ challenges to replay, with solutions from some of the best CTF teams in the world.
Challenge-4 (sokobin) lets you push bits around on the stack to get the flag 🤯
Reposted by Calle Svensson
*tap*, *tap* This thing on?
It's that time again! Prepare yourself for another DEF CON CTF qualifiers with a LiveCTF component this weekend! Thanks to @Nautilus_CTF for having us back and running another year! Keep an eye out here and at livectf.com for more details.
It's that time again! Prepare yourself for another DEF CON CTF qualifiers with a LiveCTF component this weekend! Thanks to @Nautilus_CTF for having us back and running another year! Keep an eye out here and at livectf.com for more details.
LiveCTF
Past events:
livectf.com
April 10, 2025 at 9:47 PM
*tap*, *tap* This thing on?
It's that time again! Prepare yourself for another DEF CON CTF qualifiers with a LiveCTF component this weekend! Thanks to @Nautilus_CTF for having us back and running another year! Keep an eye out here and at livectf.com for more details.
It's that time again! Prepare yourself for another DEF CON CTF qualifiers with a LiveCTF component this weekend! Thanks to @Nautilus_CTF for having us back and running another year! Keep an eye out here and at livectf.com for more details.
So, anyone putting together a Switch 2 hacking team and need a competent reverse engineer?
April 8, 2025 at 12:07 PM
So, anyone putting together a Switch 2 hacking team and need a competent reverse engineer?
Finally caught up a bit and got around to watching this. I think Freya is spot on and articulates very well the concerns a lot of us have. Well worth a listen! Thanks for making this!
live in about 10 hours from now - subscribe/mark your calendars/tell your friends/share etc. c:
Generative AI is a Parasitic Cancer
www.youtube.com/watch?v=-opB...
Generative AI is a Parasitic Cancer
www.youtube.com/watch?v=-opB...
Generative AI is a Parasitic Cancer
YouTube video by Freya Holmér
www.youtube.com
March 31, 2025 at 1:32 PM
Finally caught up a bit and got around to watching this. I think Freya is spot on and articulates very well the concerns a lot of us have. Well worth a listen! Thanks for making this!
Check out my article on memory tracing in the latest issue of PagedOut, and all the other cool articles while you are at it.
Paged Out! #6 has arrived! And it's jam-packed with content!
You can download it here:
pagedout.institute?page=issues....
You can download it here:
pagedout.institute?page=issues....
March 29, 2025 at 9:04 PM
Check out my article on memory tracing in the latest issue of PagedOut, and all the other cool articles while you are at it.
Really interesting and inspirational presentation by Markus. Can strongly recommend checking it out. Also I really need to figure out how to get to next year's RE//verse.
Our first video from RE//verse 2025 is live! Part journey of personal discovery, part technical deep-dive, this presentation from Markus Gaasedelen was the highest rated in the feedback survey and is a must-see talk:
RE//verse 2025: Full-stack Reverse Engineering of the Original Microsoft Xbox (Markus Gaasedelen)
Part journey of personal discovery, part technical deep-dive, this presentation from Markus was the highest rated at RE//verse 2025 and is a must-see talk.
youtu.be
March 21, 2025 at 7:32 PM
Really interesting and inspirational presentation by Markus. Can strongly recommend checking it out. Also I really need to figure out how to get to next year's RE//verse.
I'm a Linux kernel noob. I'm creating a very simple CTF challenge and I wanted to allocate some executable memory from a kernel module. This does not seem to be straightforward anymore (reasonable). Is there any somewhat simple workaround?
March 5, 2025 at 8:54 PM
I'm a Linux kernel noob. I'm creating a very simple CTF challenge and I wanted to allocate some executable memory from a kernel module. This does not seem to be straightforward anymore (reasonable). Is there any somewhat simple workaround?