Tripti Joshi (Editor)

Alexander Sotirov

Updated on
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Other names  Alex Sotirov
Fields  Computer Science
Alma mater  University of Alabama
Role  Researcher
Name  Alexander Sotirov

Alexander Sotirov httpswwwsoldierxcomsystemfileshdb220pxAl

Citizenship  United States, Bulgaria
Known for  Pwnie award organizer, Black Hat Briefings Review Board Member

The Exploit Development Process

Alexander Sotirov is a computer security researcher. He has been employed by Determina and VMware. In 2012, Sotirov co-founded New York based Trail of Bits with Dino Dai Zovi and Dan Guido, where he currently serves as Chief Scientist.

Alexander Sotirov Alexander Sotirov Wikipedia

He is well known for his discovery of the ANI browser vulnerability as well as the so-called Heap Feng Shui technique for exploiting heap buffer overflows in browsers. In 2008, he presented research at Black Hat showing how to bypass memory protection safeguards in Windows Vista. Together with a team of industry security researchers and academic cryptographers, he published research on creating a rogue certificate authority by using collisions of the MD5 cryptographic hash function in December 2008.

Sotirov is a founder and organizer of the Pwnie awards, was on the program committee of the 2008 Workshop On Offensive Technologies (WOOT '08), and has served on the Black Hat Review Board since 2011.

He was ranked #6 on Violet Blue's list of The Top 10 Sexy Geeks of 2009.


Alexander Sotirov Wikipedia