Antonius (w1sdom) — independent low-level security researcher and hardware hacker, operating from Indonesia as bluedragonsec.com. A former 1990s 16-bit assembly virus writer, now focused on Linux kernel 7.0 internals, rootkit development, and CVE discovery. Twenty-seven years of uninterrupted offensive R&D.
The rarest researcher is the one who refused to specialize narrowly. Low-level security overlaps with electronics, mathematics, mechatronics, and machine reasoning. Each domain sharpens the others.
I am Antonius, known publicly as w1sdom — an independent low-level security researcher and hardware hacker based in Tangerang, Indonesia. My work spans Linux kernel exploitation, rootkit development, hardware hacking, and vulnerability research on modern operating systems.
I have been continuously active in offensive R&D since 1998 — starting with 16-bit assembly virus research on MS-DOS, evolving through community work in the 2000s and 2010s, and now focused on the modern Linux kernel and hardware security frontier.
Everything I publish — code, write-ups, CVEs, the full archive — is reachable from bluedragonsec.com, my canonical home.
Low-level security is the intersection of kernel internals, hardware reality, and code that runs without abstractions. I practice all three.
KASLR, SMEP, SMAP.
ROP / JOP chain construction, one-gadget exploitation on DNS servers, FTP daemons, parsers.
ftrace hooking) and KLD rootkits on FreeBSD 13. Hide files, processes, ports; bind/reverse shell backdoors.
Six pinned projects out of 42 public repositories on GitHub. From legendary archive code to active 2026 research — everything below is open source.
Ftrace-based Linux Loadable Kernel Module rootkit for kernel 5.x up to 6.2 on x86_64. Hides files, processes, bind & reverse shell ports. Privilege escalation. Modern Linux target.
FreeBSD KLD rootkit for FreeBSD 13. Hides files, processes, ports; ships with a bind-shell backdoor. Developed manually by Antonius in 2023.
Proof-of-concept for CVE-2026-23416 — vulnerability discovered by Antonius. Affects Linux kernel 6.17 through 7.0-rc5. mm/mseal stale pointer after VMA merge.
Technical research on a theoretical weaponization path for Linux kernel 7.0-rc7 memory corruption primitives via slab_sheaf union state confusion in the SLUB Sheaves architecture.
Xingyiquan — a legendary Linux kernel rootkit for kernel 2.6 and 3.x. Developed by Antonius (sw0rdm4n / w1sdom) in 2014. Featured in academic literature and rootkit indices.
Legacy exploit collection — historical proofs-of-concept from the early career as ev1lut10n / sw0rdm4n. Includes the polkitd race-condition LPE released in 2011.
Public CVEs and responsibly-disclosed vulnerabilities, recent and archival. Full archive lives on bluedragonsec.com.
From 16-bit assembly virus research in 1998 to kernel 7.0 exploitation in 2026.
All channels are monitored. bluedragonsec.com is the canonical home — everything else points back there.
Available for vulnerability research collaboration, contract engagement, and international recruitment as a low-level specialist.