Alexander Sotirov

IRL Name: 
Alexander Sotirov

Alexander Sotirov has more than ten years of experience with vulnerability research, reverse engineering and advanced exploitation techniques. His works include exploiting MD5 collisions to create a rogue Certificate Authority, bypassing the exploitation mitigations on Windows Vista and developing the Heap Feng Shui browser exploitation technique. His professional experience includes positions as a security researcher at Determina and VMware. He is a regular speaker at security conferences around the world, including CanSecWest, BlackHat and Recon. Alexander served as a program chair of the USENIX Workshop on Offensive Technologies and is one of the founders of the Pwnie Awards.


Well known for his discovered ANI vulnerabilty (MS07-017 - Critical)