ORSYS le mag 2025 logo

The training and skills medium

Home > Cybersecurity glossary > Exploit πŸ”΄ Tool

Exploit πŸ”΄ Tool

A operation at cyber security is a code, technique or tool designed for operate a vulnerability a specific part of a computer system, software, network or device. Its purpose is to take advantage of a security vulnerability to carry out unauthorised actions, such as taking control of a system, stealing data, installing malwareor disrupt services.

 

Key features

  • Targets a vulnerability a design, configuration or coding error (e.g. : buffer overflow, SQL injectionvulnerabilities zero-day)
  • Mechanism of action transforms a theoretical weakness at concrete attack
  • Dual use :
    • Malicious used by hackers to infiltrate systems.
    • Ethics used by security researchers to test and strengthen defences (pentesting).

 

πŸ‘‰ Types of exploits

Category Description Examples
Remote Exploit Exploits a vulnerability remotely, without physical access to the system. Attacks via the Internet (eg: EternalBlue for WannaCry).
Local Exploit Requires prior access to the system (e.g. limited user account). Elevation of privileges (PrivEsc) on Linux/Windows.
Zero-Day Exploit Targets an unpatched, publicly unknown vulnerability. Stuxnet (zero-day vulnerabilities in SCADA).
Client-Side Exploit Uses user-side software (browsers, PDF readers, etc.). Flaw in Adobe Flash or an obsolete plugin.
Metasploit Open-source framework of ready-to-use exploits. Modules such as MS17-010 (EternalBlue).

 

 

Typical operation of an exploit :

  1. Discovering vulnerability Identification of a vulnerability (via reverse engineering, fuzzing, etc.).
  2. Development of payload creation of malicious code adapted to the vulnerability (e.g. shell code to open a backdoor).
  3. Execution : triggering the exploit to compromise the system.
  4. Post-operation : maintaining access (persistence), lateral movement, data exfiltration.

 

Famous examples

  • EternalBlue exploits a flaw in the Windows SMB protocol (MS17-010), used by WannaCry and NotPetya.
  • Heartbleed Exploiting a vulnerability in OpenSSL to steal data from memory.
  • Log4Shell (CVE-2021-44228) : exploitation of a flaw in the Log4j library to execute code remotely.
  • Pegasus zero-day exploits on iOS/Android to install a spyware.

 

Protection against exploits

  • Regular updates apply patches (patch management).
  • Proactive detection : solutions EDR, IDS/IPS, sandboxing.
  • Hardening Reducing the attack surface (disabling unnecessary services).
  • Training raise awareness of attacks by phishing (a common vector for triggering exploits).
  • Watch Monitoring vulnerability databases (CVE, NVD) and exploit databases (Exploit-DB).

 

Current issues

  • Exploits as a Service (EaaS): marketing exploits on the dark web (eg: cybercriminal groups like Conti).
  • Cyber weapons use of exploits by governments (cyberwarfare, espionage).
  • Race against the clock Publishers must correct vulnerabilities before they are exploited.
Back to Glossary

field of training

ο€­

Cybersecurity

associated training



Systems and network security, level 1



Hacking and security, level 1



Information systems security, summary

BEST

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity