Skip to content
View VoidSec's full-sized avatar
🐲
Developing an exploit
🐲
Developing an exploit

Organizations

@tohackit

Block or report VoidSec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
VoidSec/README.md

About Voidsec 👋

Paolo Stagno (aka VoidSec) has worked as a Penetration Tester for a wide range of clients across top tier international banks, major tech companies and various Fortune 1000 industries.

He worked as a Vulnerability Researcher and Exploit Developer for Exodus Intelligence, where he was responsible for discovering and exploiting unknown vulnerabilities (zero days) in Windows OS, enterprise applications, network infrastructure components, IoT devices, new protocols, and technologies.

He is now the Director of Research at Crowdfense, focused on Windows OS offensive application security (kernel and user-land). He enjoys understanding our digital world, disassembling, reverse engineering and exploiting complex products and code.

In his own research, he discovered various vulnerabilities in software of multiple vendors and tech giants like eBay, Facebook, Fastweb, Google, HP, McAfee, Microsoft, Oracle, Paypal, TIM and many others.

Since the beginning of his career, he has enjoyed sharing his expertise with the security community with his website and blog (voidsec.com). He is also an active speaker in various security conferences around the globe like HITB, Typhooncon, Vulncon, Hacktivity, SEC-T, Droidcon, HackInBo, M0leCon, TOHack and Meethack.

A non-exhaustive list of public vulnerabilities and CVEs that he has discovered can be found at voidsec.com/advisories/

Contact me

Statistics



visitor badge

Pinned Loading

  1. Exploit-Development Public

    Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

    Python 220 52

  2. DriverBuddyReloaded Public

    Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks

    Python 343 50

  3. ioctlpus Public

    Forked from jthuraisamy/ioctlpus

    IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).

    C# 88 12

  4. CVE-2020-1472 Public

    Exploit Code for CVE-2020-1472 aka Zerologon

    Python 382 67

  5. CVE-2020-1337 Public

    CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch

    14 2

  6. WebRTC-Leak Public

    Check if your VPN leaks your IP address via the WebRTC technology

    JavaScript 180 40

19 contributions in the last year

Contribution Graph
Day of Week February March April May June July August September October November December January February
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Less
No contributions.
Low contributions.
Medium-low contributions.
Medium-high contributions.
High contributions.
More

Activity overview

Loading A graph representing VoidSec's contributions from February 18, 2024 to February 18, 2025. The contributions are 100% commits, 0% issues, 0% pull requests, 0% code review.

Contribution activity

February 2025

12 contributions in private repositories Feb 14 – Feb 18
Loading

Seeing something unexpected? Take a look at the GitHub profile guide.