space

Magnificence in the Abyss

This blog post is about getting started in astrophotography. I have spent an entire lifetime fascinated by space. I'd like to think that, if my early life had taken a different path, I would have ended up in a space-focused career. Still, I one day hope to take

computer vision

Appendix: Higher Framerate Perception

This post is an appendix to High Framerate Perception, you should read that first. Going forward, I have plans for various features and experiments related to performance. Some of these are just ideas, others are works in progress, and all will hopefully pan out enough to warrant future posts. For

computer vision

High Framerate Perception

In my previous post, I covered the design of the Atheon vision engine. In this post, I will talk about how Atheon and Mobius layer a portfolio of optimizations throughout various systems and sub-systems to achieve speeds between 100x and 500x faster than my legacy implementations. This post is a

computer vision

Let There be Sight

In this post, I'm going to explain the design behind the computer vision engine that Chronos uses. That engine–named Atheon–is tailored to perform computer vision tasks against computer generated interfaces. Working in such a narrow domain enables powerful optimizations and designs which wouldn't make

software architecture

Dissection of a Bot Platform

For almost a decade, I've been quietly developing a modular computer vision based automation platform. Recently I realized that the platform–Chronos–had slowly taken over as my largest personal project. The core idea behind Chronos was to create a generic bot, one that was not designed around

hacking

Demystifying Epic Games Store Spyware

Over the past few weeks, I've seen a lot of discussion about whether or not the Epic Games' store is spyware. Unfortunately, the "proof" and "research" that has been shared is far from either of those things, and can only be described as

ctf

CSAW Write-Up: shell->code

It's been a few weeks since me and the Mechasheep played CSAW, but that doesn't mean there's nothing left to write about. The first and easiest pwn challenge I encountered during the competition was called shell->code, a baby-class challenge. The simplicity of

ctf

CSAW Write-up: Turtles

This past weekend, me and my team played CSAW CTF after taking quite a long break. We managed to hold top-20 for a good portion of the competition, even going as high as 12th place. Even though we lost our breath by the final day and finished in 40th, I

ctf

PlaidCTF Write-up: Shop

To warm up for DEFCON quals, my team and I decided to give PlaidCTF a shot. We knew it was going to bring some hard, fun challenges, and it did not disappoint. I immediately jumped into my comfort zone by tackling a pwn challenge, and got my first flag of

electrical engineering

Hardware Hacking: Automating a USB3 Switch

When I'm working from home, I like to feel comfortable on my regular battlestation. My work has to be done on a company machine, however. To keep the familiarity of my setup while on my work laptop, I decided to use a KVM Switch. The KVM Switch has

game hacking

Throwbacks Part 1: The Effects of Bots on Online Games

> This is the introduction to a multi-part series where I will be refreshing and reposting content which I've written before the days of this blog. An introduction to the series and topic is here [https://nickcano.com/throwbacks-0]. Back when I was writing my book, I intended

nobanner

Throwbacks Part 0: Introduction

> This is the introduction to a multi-part series where I will be refreshing and reposting content which I've written before the days of this blog. You can check out the first installment here [https://nickcano.com/throwbacks-1-bots-tibia]. Over the years, I've written heaps of content

pc build

New Dual Loop Build

Over the holiday break, I took a night to rebuild my computer. My previous build was actually pretty fresh, with a Ryzen 7 1800x and 32GB of ram, but the older R9 290 cards weren't pulling their weight in a gaming build pushing two 4k screens. I decided

hacking

TUCTF Write-up: Temple of Malloc

It's been a few months since me and my team started practicing CTF again, and we finally played in a live CTF over the weekend. It was a a fun CTF, and we actually managed to place above PPP with a team of only three people. I mean,

ctf

Pwnables Write-up: FSB

I'm on vacation in Mexico this week, which essentially means blow off pool time and hack stuff. I decided a relatively simple challenge would be a good starting point for the week, since I've never CTFed on this laptop and I was expecting to be constantly

ctf

Pwnables Write-up: Note

And there goes another night spent honing my CTF skills. This time, I decided to tackle pwnables [http://pwnable.kr] Note challenge for 200 points. > Check out my SECURITY PATCH for mmap(). despite no-ASLR setting, it will randomize memory layout. so it will contribute for exploit mitigation. wanna try

ctf

Pwnables Write-up: Malware

Recently, me and Vadim [https://twitter.com/vadimkotov] decided to tag-team a 500 point challenge on pwnable [http://pwnable.kr] called malware: I have no respect for writing malware but I do have respect for writing cool malware lets find a way to beat ANUBIS (https://anubis.iseclab.org) download

ctf

Pwnables Write-ups (October 2017)

It's been nearly a year since I played my last competitive Capture The Flag (CTF); life has kept me busy and I haven't had time to practice much. Recently, me and a buddy decided to start practicing again so that we could get back to competing

game hacking

Hooking LuaJIT

If you've been around the gaming industry even a little, you've almost definitely heard of Lua [https://www.lua.org/]. This potent scripting language has found itself embedded in thousands of video games, acting as an API for engineers to easily add functionality to game clients

game hacking

Reversing the League of Legends Client

> DISCLAIMER: This is for information and learning purposes only, I do not endorse or recommend using this information to make any unofficial tools which can result in bans (or worse). Back when League of Legends' client was still written in Adobe AIR, I reverse engineered it, located the

game hacking

Bot Architecture Part 2: Versions & Updates

This is the second installment in a multi-part series about the architecture and design of XenoBot. An introduction to the series and topic is here and the first post is here. One peculiar aspect of bot development is the frequent out-of-cycle updates that will inevitably drive you insane. You see,

windows

Quitting Windows 7 Necromancy

My OS install for my main Desktop is going on 6 years now. Since it's advent, it has undergone a slew of changes. Off the top of my head, I know it started on an HDD, moved to an SSD with the system reserved partition on an HDD

game hacking

Bot Architecture Part 1: Threading

> This is the first installment in a multi-part series about the architecture and design of XenoBot. An introduction to the series and topic is here [https://nickcano.com/bot-architecture-0/] and the next post is here [https://nickcano.com/bot-architecture-2/]. The core code of XenoBot exists withing the memory space

game hacking

Bot Architecture Part 0: Introduction

> This is the introduction to a multi-part series about the architecture and design of XenoBot. You can check out the first installment here [https://nickcano.com/bot-architecture-1/]. Before I dive into the nitty-gritty of XenoBot's architecture, I think it's appropriate to introduce XenoBot at a