Exploring Security, Fuzzing
& Fun Breaks
DiffRays Engine
DiffRays is a research-oriented tool for binary patch diffing, designed to aid in vulnerability research, exploit development, and reverse engineering. It leverages IDA Pro and the IDA Domain API to extract pseudocode of functions and perform structured diffing between patched and unpatched binaries.
Recent Advisories
View AllBuffer overflow vulnerability in the Net-SNMP library residing in the conditional check of the snmp_input function during parsing of incoming trap messages.
Race condition use-after-free vulnerability in Windows AFD driver (afd.sys) allowing local privilege escalation to SYSTEM.
Out-of-bounds memory read vulnerability in the Windows Common Log File System (CLFS) driver due to insufficient bounds checking in ClfsGetFirstRecord().
Open Source Engineering
Tools and libraries we build to accelerate vulnerability research.
Collection of proof‑of‑concept exploits for various CVEs and vulnerabilities.
Pwning notes: tutorials, examples & challenge solutions for binary exploitation.
Deep dives and tools focused on Windows heap internals and exploitation techniques.
Staying top of the latest security related commits.
A pwning toolkit to simplify exploit development workflows.
PowerShell script to identify LOLDrivers that bypass HVCI policy in BYOVD scenarios.
A Python script to fetch, analyze, and report on Microsoft Security Updates (Patch Tuesday releases) from the MSRC API.
Proof-of-Concept exploits for vulnerable Windows drivers. Contains PoCs for various driver vulnerabilities including elevation of privilege and remote code execution.