Razer rzpnk.sys IOCTL 0x22a050 ZwOpenProcess (CVE-2017-9769)

Today SecureState is releasing the second and more serious of two unpatched vulnerabilities identified within drivers used in the gaming […]

Razer rzpnk.sys IOCTL 0x226048 OOB Read (CVE-2017-9770)

Today SecureState is releasing the first of two unpatched vulnerabilities identified within drivers used in the gaming peripheral company Razer’s […]

Making Raw Syscalls on Windows From Python

Often times while writing a proof of concept for an exploit or doing vulnerability research its necessary to make a […]

An Analysis of MS16-098 / ZDI-16-453

This past patch Tuesday, Microsoft released MS16-098, a patch for multiple vulnerabilities in “Kernel-Mode Drivers”. Within this patch, the vulnerability identified […]

Leveraging MS16-032 with PowerShell Empire

It’s not very often in the life of a pentester that you find a point-and-click exploit that works right out […]

Crontab One Time Payload Execution

Recently, I was writing an exploit for a vulnerability that I had discovered in a Linux based server application. The […]