Home
trickster0's Nest
Cancel

Custom ReadMemory API

After the great job and inspiration by x86matthew and his blogpost I decided to play with it as well for x64 bit. The NTAPI function in this method is RtlFirstEntrySList from ntdll.dll. Its definit...

Halo's Gate Evolves -> Tartarus' Gate

A while ago in my twitter, I have mentioned what a huge fan I am of Hell’s Gate and Halo’s Gate. Hell’s Gate originally is a very creative way to fetch the syscall numbers by parsing the InMemoryOr...

Solving the BFS Ekoparty 2019 Exploitation Challenge

This is a quick write up about how one of our team members, Thanasis, solved the challenge for EkoParty 2019. This was a fun challenge and thanks to Lukas and Nico from Blue Frost Security for maki...

EarlyBird APC Queue Injection With a ProcessStateChange Twist

Relatively recently, Yarden Shafir made a blog post about a new way to evade the EDRs for process injection. In the blog post, Yarden mentions that there are new added features in the recent Window...

HEVD: Kernel Stack Buffer Overflow in Rust!

Hello, so this is a real quick explanation of the kernel buffer overflow showcasing rust programming language. Hacksys driver has a buffer overflow because it doesn’t check the size of the copied i...

Linux Kernel Exploitation: Null Pointer Dereference

Hello everyone, this will be a solution for a root-me challenge. The challenge is null pointer dereference in linux kernel through a module. I grabbed this opportunity to make this in rust, so i c...

Finally OSEE Certified!

Well everyone, I finally did it and achieved this majestic certificate! What a journey this was… This exam was the most fun and challenging thing i have done in my life. So this challenge for the...

Hack The Box Mischief Story

Hello everyone, this is the creator of the Mischief machine. First of all thank you for all your amazing comments about my machine. I really appreciate them. Here are a few comments that i have see...

AWE Course Review By Offensive-Security

Hello everyone, it has been a while since i have posted but life and laziness got the better of me. I have been into the army and right after i joined Accenture in Prague. I have great news sin...

EternalBlue NSA Leak Exploit Test!

Hello everyone, sorry i have been away for a while, but i am serving currently in the army. Here is a teaser for the eternalblue exploit that was leaked by the NSA from the shadowbrokers combined w...