Project Zero is Google's security research team dedicated to finding and fixing zero-day vulnerabilities in software and hardware, aiming to improve the security of the broader internet ecosystem. Security researchers can learn about vulnerability research, exploit development, and responsible disclosure practices to contribute to making the internet safer for everyone.

Project Zero

A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens

On the Effectiveness of Mutational Grammar Fuzzing

A Deep Dive into the GetProcessHandleFromHwnd API

Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529

Bypassing Windows Administrator Protection

A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?

A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby

Welcome to the new Project Zero Blog

Windows Exploitation Techniques: Winning Race Conditions with Path Lookups