Skip to content
cyberexploits

Welcome to the CyberExploits blog

What this blog covers — exploit research, vulnerability analysis, detection engineering, and notes on the data behind CyberExploits.

Published on 1 min read

CyberExploits indexes public exploits, proof-of-concepts and shellcodes, each pinned to its source commit and cross-linked to CVE, CWE, MITRE ATT&CK, EPSS and the CISA KEV catalog. This blog is where we write up the research and engineering around that dataset.

What you'll find here

We publish three kinds of posts: deep-dives into individual vulnerabilities and the exploits that target them, detection-engineering notes (Sigma, YARA, and behavioural rules), and changelog-style updates about the platform and its data sources.

Research, not weaponization

Every write-up is framed for defenders and researchers. We link to source rather than rehosting payloads, and we favour reproducibility — commit SHAs, affected versions, and references — over shock value.

Following along

Each locale has its own RSS feed, and the full catalogue is available to language models via /llms.txt. If you maintain detections or track a particular vendor, the tag pages are the fastest way to subscribe to a slice of the firehose.