DDoSPedia is a glossary that focuses on network and
application security terms with many distributed
definitions. It provides a central place for hard to find web-scattered
definitions on this topic.
An exploit is an implementation of a vulnerability meant to allow one to actually compromise a target. Exploits can be difficult to develop, as most modern vulnerabilities are much more complex than older ones due to the existence of advanced security measures and complicated constructs in modern hardware and software.
Exploits based on previously unknown vulnerabilities, known as “Zero-Day” exploits are highly sought after by hackers and developers and manufacturers alike. By using a zero-day exploit, a hacker can guarantee that his or her attempt to break into a particular computer or device that possesses such vulnerability that the exploit is based on will succeed. Zero-day exploits are traded on both the black market and through legitimate middlemen between legitimate parties from anywhere between $5,000 to $250,000 depending on the effects of the exploit and which system they target. Where a PDF exploit might only fetch a few thousand dollars, a severe exploit targeting the latest version of Apple’s mobile operating system, iOS, might fetch $100,000 or more.