Skip to content
Developing an exploit
Developing an exploit


Block or Report

Block or report VoidSec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

About Voidsec 👋

Paolo Stagno (aka VoidSec) has worked as a Penetration Tester for a wide range of clients across top tier international banks, major tech companies and various Fortune 1000 industries. He was responsible for discovering and exploiting new unknown vulnerabilities in applications, network infrastructure components, IoT devices, protocols and technologies.

He is now a freelance Vulnerability Researcher & Exploit Developer focused on Windows offensive application security (kernel and user-land). He enjoys understanding the digital world we live in, disassembling, reverse engineering and exploiting complex products and code.

In his own research, he discovered various vulnerabilities in software of multiple vendors and tech giants like eBay, Facebook, Fastweb, Google, HP, McAfee, Microsoft, Oracle, Paypal, TIM and many others.

Since the beginning of his career, he has enjoyed sharing his expertise with the security community with his website and blog ( He is also an active speaker in various security conferences around the globe like: HITB, Typhooncon, Hacktivity, SEC-T, Droidcon, HackInBo, TOHack and M0leCon.

A list of public vulnerabilities and CVEs that I have discovered can be found here.

Contact me


visitor badge


  1. Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

    Python 113 29

  2. Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks

    Python 150 30

  3. ioctlpus Public

    Forked from jthuraisamy/ioctlpus

    IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).

    C# 36 3

  4. Exploit Code for CVE-2020-1472 aka Zerologon

    Python 316 55

  5. CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch

    14 2

  6. WebRTC-Leak Public

    Check if your VPN leaks your IP address via the WebRTC technology

    JavaScript 163 41

214 contributions in the last year

Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Mon Wed Fri
Activity overview

Contribution activity

August 2022

Created 1 commit in 1 repository

Seeing something unexpected? Take a look at the GitHub profile guide.