Skip to content
Avatar
🐲
Developing an exploit
🐲
Developing an exploit
215 followers · 23 following · 26

Achievements

Arctic Code Vault Contributor

Achievements

Arctic Code Vault Contributor

Organizations

@tohackit
Block or Report

Block or report VoidSec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
VoidSec/README.md

About Voidsec 👋

Paolo Stagno (aka VoidSec) has worked as a Penetration Tester for a wide range of clients across top tier international banks, major tech companies and various Fortune 1000 industries.

At ZeroDayLab, he was responsible for discovering and exploiting new unknown vulnerabilities in applications, network infrastructure components, IoT devices, protocols and technologies.

He is now a freelance Security Researcher & Exploit Developer focused on Windows offensive application security (kernel and user-land). He enjoys understanding the digital world we live in, disassembling, reverse engineering and exploiting complex products and code.

In his own research, he discovered various vulnerabilities in software of multiple vendors and tech giants like eBay, Facebook, Fastweb, Google, HP, McAfee, Microsoft, Oracle, Paypal, TIM and many others.

Since the beginning of his career, he has enjoyed sharing his expertise with the security community with his website and blog (voidsec.com).

He is also an active speaker in various security conferences around the globe like: Typhooncon, Hacktivity, SEC-T, Droidcon, HackInBo, TOHack and M0leCon.

A list of public vulnerabilities and CVEs that I have discovered can be found here.

Contact me

Statistics



visitor badge

Pinned

  1. Exploit-Development

    Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

    Python 31 11

  2. ioctlpus

    Forked from jthuraisamy/ioctlpus

    IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).

    C# 8

  3. CVE-2020-1472

    Exploit Code for CVE-2020-1472 aka Zerologon

    Python 206 40

  4. CVE-2020-1337

    CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch

    9 1

  5. CVE-2019-5624

    A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)

    13 6

  6. WebRTC-Leak

    Check if your VPN leaks your IP address via the WebRTC technology

    JavaScript 136 34

406 contributions in the last year

May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Mon Wed Fri
Learn how we count contributions
Less More
Activity overview
Contributed to VoidSec/Exploit-Development, VoidSec/CVE-2020-1472, VoidSec/voidsec and 5 other repositories

Contribution activity

May 2021

Created 10 commits in 1 repository
Created 1 repository
24 contributions in private repositories May 1 – May 12

Seeing something unexpected? Take a look at the GitHub profile guide.