Razer rzpnk.sys IOCTL 0x22a050 ZwOpenProcess (CVE-2017-9769)

Today SecureState is releasing the second and more serious of two unpatched vulnerabilities identified within drivers used in the gaming […]

Razer rzpnk.sys IOCTL 0x226048 OOB Read (CVE-2017-9770)

Today SecureState is releasing the first of two unpatched vulnerabilities identified within drivers used in the gaming peripheral company Razer’s […]

A Beginner’s Guide to the CVE process

Before I got into the security field full time, I made it my goal to someday discover a previously unpublished […]

Compromise a DCOS Server through a Docker Container

Ever wonder how you can use a docker container to compromise the host? There is a simple process to do so, if […]

Crontab One Time Payload Execution

Recently, I was writing an exploit for a vulnerability that I had discovered in a Linux based server application. The […]

Building a Vulnerable Box – HFS Revisted

A few months ago, in the Building a Vulnerable Box series, I wrote a walkthrough for putting together and compromising […]