Highlight category

In this category published paid 0day exploits / vulnerabilities worthy of your attention. You can buy, sell and highlighted the material in red for sale. A zero-day (or 0day) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, one that developers have not had time to address and patch. It is called a “zero-day” because the programmer has had zero days to fix the flaw (in other words, a patch is not available). Once a patch is available, it is no longer a “zero-day exploit”. It is common for individuals or companies who discover zero-day attacks to sell them to government agencies for use in cyberwarfare.

Malware writers are able to exploit zero-day vulnerabilities through several different attack vectors. Web browsers are a particular target because of their widespread distribution and usage. Attackers can also send e-mail attachments, which exploit vulnerabilities in the application opening the attachment. Exploits that take advantage of common file types are listed in databases like US-CERT. Malware can be engineered to take advantage of these file type exploits to compromise attacked systems or steal confidential data such as banking passwords and personal identity information

An attack that takes place immediately after a security vulnerability is announced. If a user discovers a vulnerability, it might wind up on one or two blogs, and the news travels fast. If a software vendor finds it, the tendency is to keep it under wraps until it has a patch to fix it. However, in many cases, vendors have to announce the flaw because users may be able to avoid the problem by steering clear of a Web site or being sure to not open a certain e-mail attachment

Remote exploits and vulnerabilities category

A “remote exploit” works over a network and exploits the security vulnerability without any prior access to the vulnerable system.

Local exploits and vulnerabilities category

A “local exploit” requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator. Exploits against client applications also exist, usually consisting of modified servers that send an exploit if accessed with client application.

Webapplication (webapps) exploits and vulnerabilities category

This category is full with vulnerabilities, which was found in web projects and web applications.

DOS exploits and vulnerabilities category

PoC DoS (denial of service exploit) it exploits remote steps to check the resistance on the affected server or software denial of service vulnerability. The purpose of these attacks is to check the server or the software for resistance.

PoC (Proof Of Concept exploit) An attack against a computer or network that is performed only to prove that it can be done. It generally does not cause any harm, but shows how a hacker can take advantage of a vulnerability in the software or possibly the hardware.