gengstah

gengstah

Exploring the spaces between specs — where weird machines live and exploits are born

Joined the OSEE club

2 minute read

Published:

Joined the OSEE club

For the past few months, I have been juggling work and studying for the OSEE exam. Today, I finally got an email from OffSec saying that I passed 🎉

I took the exam on 14 November to 16 November and I remember about 6 hours in the exam, I fully completed one of the two challenges. I then continued to work on the other challenge.

About 24 hours in the exam, I was able to solve half of the other challenge to get me to 75% and pass the exam. However, since I got plenty of time left on the clock, I worked on the remaining part of challenge vigorously and was able to successfully complete both challenges at 48 hours in the exam.

The latter part of that challenge is quite complex, at least to me, but when I figured out the solution, it was actually doable and just needs extra patience. It took me 24 hours to complete that last part alone.

While I was doing the exam, I was writing the report simulataneously, using the report document as my scratch pad of sort and actually writing what I did on every screenshots I pasted in. My report was not pretty by any means but I was able to complete it around noon of 16 November so I did not need the additional 24 hours of time allocated for reporting.

I am so happy and proud of what I accomplished. See my OffSec OSEE certificate.

I just want to share this accomplishment and do not want to dive in with the details of the training nor the exam. There are already a lot of great resources from people smarter than me, such as Connor McGarr’s Blog.

Special thanks goes to @b1nary1 for helping me through the lab.

What now?

I plan to look out for Microsoft Patch Tuesday every month and patch diff reported vulnerabilities for the coming months until I am confident and skillful enough to find my own zero days. From this experience, I can see that OSEE holders have the capability to do great things, however, we still need to bridge the gap between what we are capable of now and modern Windows protection and must certainly be up-to-date with the latest trends in the exploitation scene.

Aside from Microsoft Windows exploitation, I am also interested in Linux, MacOS, Android and iOS exploitation so if there’s an opportunity where I can learn more about these topics, I’m in.

I’m hoping I can write blogs more often and share the knowledge I will gain in the future. Until then, hack the planet!

You May Also Enjoy

December 2025 Patch Tuesday

3 minute read

Published:

CVE-2025-62221 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

A Windows Cloud Files Mini Filter Driver (cldflt.sys) bug (CVE-2025-62221) is being actively exploited this month and has been patched in this month’s Patch Tuesday. In October, there was a TOCTOU bug (CVE-2025-55680) patched in the same driver. This time around, the bug is a Use-after-Free (UaF). I looked at the patch made to the driver and shared my findings in this blog.

November 2025 Patch Tuesday - CLFS

4 minute read

Published:

Patch Diffing

Patch diffing is the process of generating a diff or the difference or changes made to a file or software as a whole, by comparing the bytes of an old and new version of the same file. This process is used by attackers and defenders alike to find out what changes are made in the software in question. In cybersecurity, more often than not, this process is used to find out what flaw/s the new version of the software patched.