Exploit
What is Exploit?
ExploitA piece of code, data, or technique that takes advantage of a vulnerability to cause unintended behaviour such as code execution, privilege escalation, or information disclosure.
An exploit is the practical realization of a vulnerability — the recipe that turns a theoretical bug into a working attack. It may be a short script, a malicious document, a crafted network packet, or a complex multi-stage chain. Exploits are classified by purpose (remote code execution, local privilege escalation, denial of service, info-leak), by target (kernel, browser, IoT, web app) and by maturity (PoC, functional, weaponized, in-the-wild). Defenders study public exploits to validate patches, simulate attacks via penetration testing, build detection signatures, and prioritize remediation. Exploit databases such as Exploit-DB and Metasploit modules accelerate both offensive and defensive work.
● Examples
- 01
A Metasploit module that exploits EternalBlue (CVE-2017-0144).
- 02
A malicious PDF that exploits a JavaScript engine bug to run shellcode.
● Frequently asked questions
What is Exploit?
A piece of code, data, or technique that takes advantage of a vulnerability to cause unintended behaviour such as code execution, privilege escalation, or information disclosure. It belongs to the Vulnerabilities category of cybersecurity.
What does Exploit mean?
A piece of code, data, or technique that takes advantage of a vulnerability to cause unintended behaviour such as code execution, privilege escalation, or information disclosure.
How do you defend against Exploit?
Defences for Exploit typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Exploit?
Common alternative names include: Exploit code.