Nikita Tarakanov
Cyber Security

Nikita Tarakanov

Current position
Independent Security Researcher
Operating Systems


Nikita Tarakanov is an independent information security researcher. He has worked as an information security researcher in Positive Technologies, Vupen Security, CISS, Intel corporation.

He likes writing exploits, especially for Windows NT Kernel. He won the PHDays Hack2Own contest in 2011 and 2012. He has published several papers about kernel mode drivers and their exploitation. He is currently engaged in reverse engineering research and vulnerability search automation.

Research Interests:

  • Vulnerability discovery
  • Automation of vulnerability discovery,
  • Vulnerability exploitation


Independent Security Researcher
Jul 2015 – Present

Security Researcher
Mar 2014 – Jul 2015

Independent Security Researcher
Jan 2012 – Nov 2013

Researcher/Reverse Engineering
CISS (Center of Innovative Security Solutions)
May 2010 – Dec 2011

Security Researcher
Jul 2009 – Nov 2009

Security Engineer
Positive Technologies
Jun 2008 – Jun 2009

Senior Developer
Aug 2006 – May 2008

Senior Developer
Jul 2005 – Jul 2006


Moscow Mathematic College
BS in Computer Science and Systems
2003 – 2007


  • SASV
    The System of Automatic Searching for Vulnerabilities (SASV) is a system that finds vulnerabilities automatically. This framework (SASV) was developed based on the integration of IDA Pro and BitBlaze. The key mechanism of SASV is to implement taint propagation algorithms

  • Direct Kernel Object Header Manipulation
    The technique of exploitation Kernel Pool Overflows vulnerabilities in Windows kernel, that previously were counted as unexploitable

  • Data-only Pwning Microsoft Windows Kernel: Exploiation of Kernel Pool Overflows on Microsoft Windows 8.1
    The technique of exploitation Kernel Pool Overflows with very interesting effect: elevating privileges without executing any kernel shellcode or using ROP

Conference Talks

  • beVX 2018
    “Exploiting Kernel Pool Overflows on Windows 10 RS4”
    Sep 2018

  • OPCDE 2017
    “Stranger Danger: Research of One Dating Social Network/Application”
    Apr 2017

  • Zer0con 2017
    “Exploiting Pool Overflows on Windows 10”
    Apr 2017

  • ZeroNights 2015
    “Direct X – Direct Way to Microsoft Windows Kernel”
    Nov 2015

  • Positive Hack Days 2015
    “Exploiting Memory Corruptions: From Sandbox to SMM”
    May 2015

  • BlackHat USA 2014
    “Data-only Pwning Microsoft Windows Kernel: Exploitation of Kernel Pool Overflows on Microsoft Windows 8.1”
    Aug 2014

  • POC 2013
    “Exploiting Windows Kernel Vulnerabilities in Hard Conditions”
    Nov 2013

  • Hack In The Box 2013
    “Exploiting Hardcore Pool Corruptions in Microsoft Windows Kernel”
    Apr 2013

Honors & Awards

  • Positive Hack Days 2011
    Won the competition Hack2Own, coworker and I demonstrated 0day vulnerability (CVE-2011-0222) in the latest version of Safari for Windows and took the first prize

  • Positive Hack Days 2012
    Won the competition Hack2Own, I demonstrated 0day kernel vulnerability (CVE-2013-1334) in the fully patched Windows XP SP3


  • Magazine "Xakep" (151 or 8/2011). Pages: 60-64
    "Look for vulnerabilities in modern browsers, or how to find 0-day the easy way"
    2011 | Moscow, Russia

  • Magazine "Xakep" (144 or 1/2011). Pages: 64-70
    "Advanced fuzzing"
    2010 | Moscow, Russia

  • Magazine "Xakep" (143 or 12/2010). Pages: 48-54
    "Kernel Pool Overflow"
    2010 | Moscow, Russia

  • Magazine "Xakep" (142 or 11/2010). Pages: 68-73
    "Vulnerability in AV drivers"
    2010 | Moscow, Russia

Request free information about Harbour.Space
1 minute to complete and fast response time

Thank you!
We call soon
Keep an eye out for an activation email in your inbox. Once you’ve followed the link in our email.
Log in

Forgot your password?

New To Harbour.Space?
I Already Have An Account
Create an account to get the access to the application process and more.

Password recovery
Enter your email and we’ll get back to you right away.
Thank you.
You're almost there.
Keep an eye out for an activation email in your inbox. Once you’ve followed the link in our email, you're all set.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt.