Welcome to the CyberExploits blog
What this blog covers — exploit research, vulnerability analysis, detection engineering, and notes on the data behind CyberExploits.
CyberExploits indexes public exploits, proof-of-concepts and shellcodes, each pinned to its source commit and cross-linked to CVE, CWE, MITRE ATT&CK, EPSS and the CISA KEV catalog. This blog is where we write up the research and engineering around that dataset.
What you'll find here
We publish three kinds of posts: deep-dives into individual vulnerabilities and the exploits that target them, detection-engineering notes (Sigma, YARA, and behavioural rules), and changelog-style updates about the platform and its data sources.
Research, not weaponization
Every write-up is framed for defenders and researchers. We link to source rather than rehosting payloads, and we favour reproducibility — commit SHAs, affected versions, and references — over shock value.
Following along
Each locale has its own RSS feed, and the full catalogue is available to language models via /llms.txt. If you maintain detections or track a particular vendor, the tag pages are the fastest way to subscribe to a slice of the firehose.