501(c)3 Nonprofit providing Open Source and Open Access computer security training material. #OST2 re-launched July 2021! OpenSecurityTraining2@infosec.exchange
Joined November 2011
- Tweets 782
- Following 17
- Followers 9,674
- Likes 332
39 Photos and videos
Pinned Tweet
📣New OST2 class release!📣
The TPM trilogy is complete! "TC1103: Advanced TPM usage" by Dimi Tomov is now public at ost2.fyi/TC1103! Learn about advanced TPM policy access controls, protecting external keys in a TPM, implementing maximum security TPM-backed FDE, and more!
3
19
5,200
📢Outage alert📢
Our Open edX LMSes at p.ost2.fyi and beta.ost2.fyi will be taken down tomorrow (June 12th) for upgrade (so as to not cause any course completion progress loss while the update is in flight.)
1
1
13
1,918
The servers are now back up, but there are bound to be a few small issues with the transition (especially with the new dark theme option). Please let us know as you encounter issues so we can fix them!
1
196
The servers are now back up, but there are bound to be a few small issues with the transition (especially with the new dark theme option). Please let us know as you encounter issues so we can fix them!
📢Outage alert📢
Our Open edX LMSes at p.ost2.fyi and beta.ost2.fyi will be taken down tomorrow (June 12th) for upgrade (so as to not cause any course completion progress loss while the update is in flight.)
2
591
@OpenSecTraining is one of the most underrated free resources in security research.
30 courses. x86-64 assembly. Windows kernel internals. WinDbg from intro to advanced. IDA. Ghidra. Binary Ninja. UEFI firmware. Windows kernel exploitation. Fuzzing. Symbolic analysis. Reverse engineering C binaries. TPM internals.
Structured learning paths for malware analysis, firmware security, vulnerability research, exploit development, and Windows security.
All free. No paywall. No login wall. Just world-class training.
YouTube: youtube.com/@OpenSecurityTra…
Courses: p.ost2.fyi/
Learning Paths: opensecuritytraining.info/Le…
Authors include @XenoKovah @Intel80x86 and many more.
#ReverseEngineering #MalwareAnalysis #InfoSec
6
34
162
5,306
Well over 36k students learning at OST2 now! 🥳
Thanks for your help spreading the word!
1
4
48
2,537
Ever wanted to eavesdrop on the conversation between your CPU and its firmware chip? Grab a logic analyzer and sniff SPI bus traffic! "Hardware 1101: Intel SPI Analysis" ost2.fyi/HW1101 by @XenoKovah
9
33
1,870
Open-source firmware is the future. Learn coreboot from scratch: design principles, boot process & building for QEMU. Chromebooks run it, you should know it! Architecture 4031: Introductory coreboot ost2.fyi/Arch4031 by @pietrushnic
11
49
2,712
OpenSecurityTraining2 retweeted
May 25
🧵Long overdue things I got done on the OpenSecurityTraining2 beta server this past weekend (with Claude's help): Adding OAuth login via Google & Github,…
1
2
14
1,479
Uninitialized data use, race conditions (TOCTOU), Use-After-Free (UAF), type confusion & info leaks: Vulnerabilities 1002 ost2.fyi/Vulns1002 by @XenoKovah teaches real CVEs, not fake toy examples. Real exploit walkthroughs included. Level up your 'sploity sense!
2
13
76
4,022
OpenSecurityTraining2 retweeted
May 22
tons of great content on ost2 in general. especially if you’re self starting — it’s slept on frfr
3
5
48
4,795
OpenSecurityTraining2 retweeted
May 22
So glad I could help! btw some other excellent resources for doing real world binexp I’d recommend - Vulnerabilities 1001 & 1002 by @XenoKovah p.ost2.fyi/courses/course-v1…
4
24
182
14,149
C binaries are notoriously hard to reverse. This class by Gal Zaban @0xgalz teaches you to map them clearly in IDA. Reverse Engineering 3011: Reversing C Binaries ost2.fyi/RE3011
18
121
7,788
OpenSecurityTraining2 retweeted
May 14
In the spirit of helping others learn and enjoy this fascinating technology, I have been working on free materials. Hopefully, I can start the beta this year, and you will find it helpful.
x.com/OpenSecTraining/status…
18 Apr 2025
We wanted to point out specifically the update to the System Security Learning Path that the excellent low level engineer & researcher Satoshi Tanda @standa_t has agreed to create our long-desired 'Architecture 3001: Intel Virtual Machine Extensions (VMX)' class!
1
6
29
3,237
There's still time to sign up before the next beta of Arch1901 kicks off May 20th!
📢Call for beta testers! (Round 2)📢
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps / @fuzzsociety_org will begin May 20th. Sign up here: forms.gle/rB4mtU4BQtPo7utK8
This class has received a bunch of revisions based on student feedback! This course explores the fascinating world of emulation, guiding learners from the fundamentals of CPU design to the internals of QEMU and advanced instrumentation techniques.
You will start by understanding what emulation truly means—how software can imitate hardware—and progressively build your own 8-bit CPU emulator in Python (SimpleProc-8), extend it with interrupts, I/O, and MMIO, and finally instrument real-world emulators like QEMU.
The course combines hands-on labs, in-browser exercises, and conceptual lectures to bridge theory and practice, preparing students to tackle topics such as system emulation, hardware-assisted execution, and fuzzing of embedded targets.
By the end, you’ll not only understand how emulators work—you’ll be able to build, modify, and analyze them for research, debugging, and vulnerability discovery.
2
9
1,673
Learn to use a debugger that runs *beneath* the OS using Intel VT-x. Hidden hooks, TLB splitting, EPT-based monitoring: reverse engineering's secret weapon. Debuggers 3301: HyperDbg ost2.fyi/Dbg3301 by @Intel80x86
1
16
84
4,974
📢Call for beta testers! (Round 2)📢
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps / @fuzzsociety_org will begin May 20th. Sign up here: forms.gle/rB4mtU4BQtPo7utK8
This class has received a bunch of revisions based on student feedback! This course explores the fascinating world of emulation, guiding learners from the fundamentals of CPU design to the internals of QEMU and advanced instrumentation techniques.
You will start by understanding what emulation truly means—how software can imitate hardware—and progressively build your own 8-bit CPU emulator in Python (SimpleProc-8), extend it with interrupts, I/O, and MMIO, and finally instrument real-world emulators like QEMU.
The course combines hands-on labs, in-browser exercises, and conceptual lectures to bridge theory and practice, preparing students to tackle topics such as system emulation, hardware-assisted execution, and fuzzing of embedded targets.
By the end, you’ll not only understand how emulators work—you’ll be able to build, modify, and analyze them for research, debugging, and vulnerability discovery.
11
44
4,164
Your BIOS is out of sight, out of mind: and that's exactly where attackers hide. Learn firmware security, SPI flash, SMM & how to RTFM like a pro. Architecture 4001: x86-64 Intel Firmware Attack & Defense by @XenoKovah is at ost2.fyi/Arch4001
5
29
1,694
Your CPU speaks assembly. Shouldn't you? Master x86-64 with the most common instructions and unlock reverse engineering, exploit dev & OS internals. But this is no skim class; it takes ~28h on average (not counting the final lab). Get started on Architecture 1001: x86-64 Assembly ost2.fyi/Arch1001 by @XenoKovah today for mad skillz tomorrow!
2
11
145
6,427
OpenSecurityTraining2 retweeted
Soon again the second beta of @OpenSecTraining of From Zero to QEMU course, with free lab downloadable via dockerhub or directly in browse via fuzzsociety.org
Given the huge traction we are fixing details and shipping a new release candidate.
8
37
2,586
If you're serious about reverse engineering, you need to master a powerful debugger. Dbg1103 walks you through Binary Ninja's debugger hands-on, so you can hit the ground running on real targets. ost2.fyi/Dbg1103 by Xusheng Li
1
7
58
2,917