Skip to content
View VoidSec's full-sized avatar
Developing an exploit
Developing an exploit


Block or Report

Block or report VoidSec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

About Voidsec 👋

Paolo Stagno (aka VoidSec) has worked as a Penetration Tester for a wide range of clients across top tier international banks, major tech companies and various Fortune 1000 industries.

He worked as a Vulnerability Researcher and Exploit Developer for Exodus Intelligence, where he was responsible for discovering and exploiting unknown vulnerabilities (zero days) in Windows OS, enterprise applications, network infrastructure components, IoT devices, new protocols, and technologies.

He is now the Director of Research at Crowdfense, focused on Windows OS offensive application security (kernel and user-land). He enjoys understanding our digital world, disassembling, reverse engineering and exploiting complex products and code.

In his own research, he discovered various vulnerabilities in software of multiple vendors and tech giants like eBay, Facebook, Fastweb, Google, HP, McAfee, Microsoft, Oracle, Paypal, TIM and many others.

Since the beginning of his career, he has enjoyed sharing his expertise with the security community with his website and blog ( He is also an active speaker in various security conferences around the globe like HITB, Typhooncon, Vulncon, Hacktivity, SEC-T, Droidcon, HackInBo, M0leCon, TOHack and Meethack.

A non-exhaustive list of public vulnerabilities and CVEs that he has discovered can be found at

Contact me


visitor badge

Pinned Loading

  1. Exploit-Development Exploit-Development Public

    Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

    Python 210 50

  2. DriverBuddyReloaded DriverBuddyReloaded Public

    Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks

    Python 301 47

  3. ioctlpus ioctlpus Public

    Forked from jthuraisamy/ioctlpus

    IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).

    C# 81 12

  4. CVE-2020-1472 CVE-2020-1472 Public

    Exploit Code for CVE-2020-1472 aka Zerologon

    Python 369 66

  5. CVE-2020-1337 CVE-2020-1337 Public

    CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch

    14 2

  6. WebRTC-Leak WebRTC-Leak Public

    Check if your VPN leaks your IP address via the WebRTC technology

    JavaScript 181 44