Omri Herscovici

"Humans have proven they have not evolved to deal with Pointers"


I am currently a Principal Engineer and Offensive Security Researcher at Intel Corporation, where my focus lies on bug hunting in x86 CPU microarchitecture.

Before my tenure at Intel, I led the vulnerability research team at Check Point Software Technologies. My work there was oriented towards establishing Check Point as a thought leader in cybersecurity, and increasing the research group visibility with external publications and conference talks in several domains, including reverse engineering, binary exploitation, malware analysis, networking, fuzzing, web applications, penetration testing, and good ol' stunt hacking.

In the past, I served 6 years as an officer and R&D team leader in the Israeli intelligence technological unit, which laid the foundation for my journey in cybersecurity.

With over 15 years of experience, I have contributed to various industry conferences as a speaker, and my expertise spans across software development, exploit and vulnerability research, and security architecture.

I hold a B.Sc. in Computer Science and Economics, alongside a B.A. in Liberal Arts and Philosophy from Tel-Aviv University.

Omri Herscovici


You can find me on Twitter, Linkedin, or contact me directly: omriher [at] gmail.

(Selected) Publications\Talks

E-Learning Platforms Getting Schooled – Multiple Vulnerabilities in WordPress’ Most Popular Learning Management System Plugins
[paper] [demo]
Omri Herscovici, Sagi Tzadik

Hacked in Translation – from Subtitles to Remote Code Execution
[paper] [talk] [demo]
Omri Herscovici, Omer Gull
Presented in Syscan360 Seattle, Shakacon, HITCON, Syscan360 Beijing, Ekoparty, BSides-TLV

Inside Nuclear’s Core: Analyzing the Nuclear Exploit Kit Infrastructure
[Part I] [Part II]
Check Point Research

Too Much Freedom is Dangerous: Understanding IE 11 CVE-2015-2419 Exploitation
[paper] [code]
Omri Herscovici, David Oren

Microsoft Word Intruder RTF Sample Analysis
Omri Herscovici

Diving into a Silverlight Exploit and Shellcode – Analysis and Techniques
Omri Herscovici, Liran Englender

Presented in CARO 2016 Conference: Next Gen Exploit Kit – Traffic Distribution Mechanism
Presented in CARO 2014 Conference: Exploiting the Kit: Neutrino Exploits Scraping
CARO talks are restricted so papers are not publicly available.


CapTipper is a Python tool designed to analyze, explore and revive HTTP malicious traffic.
CapTipper sets up a web server that acts exactly as the server in the PCAP file,
and includes internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found.
CapTipper was presented in Black Hat USA\Asia 2015 Arsenal
The tool is included in the REMnux linux distro.

See more projects in my GitHub.


Below is a selection of press coverage where I discuss research findings conducted by my former team at Check Point Research:

Other Stuff

My academic and professional journey has allowed me to explore and elucidate the intersections between philosophical and artistic ideas and the dynamic realm of contemporary technology from which I come from. Should you be intrigued, I warmly invite inquiries regarding these essays:

Warning: They are long, and in Hebrew ;)