https://github.com/pungrumpy/zero-day-exploit-hands-on

🪲 A vulnerability that is unknown to the developers and the public. It is exploited by hackers before the developers become aware of it and fix it.
https://github.com/pungrumpy/zero-day-exploit-hands-on

Last synced: about 1 month ago
JSON representation

🪲 A vulnerability that is unknown to the developers and the public. It is exploited by hackers before the developers become aware of it and fix it.

• Host: GitHub
• URL: https://github.com/pungrumpy/zero-day-exploit-hands-on
• Owner: PunGrumpy
• Created: 2023-07-18T17:31:23.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-07-18T17:37:24.000Z (over 2 years ago)
• Last Synced: 2025-01-27T06:32:16.309Z (about 1 year ago)
• Homepage:
• Size: 1000 Bytes
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          


    
Hands-on Zero Day Exploit

    

    


    


        Zero Day Exploit is a vulnerability that is unknown to the developers and the public. It is exploited by hackers before the developers become aware of it and fix it.

    



## The Zero-day Predicament

The term "zero-day" originally referred to the number of days since a new piece of software was released to the public. Zero-day software could be obtained by developers who would pay a premium price to get the software first. The term was later applied to the vulnerability itself, and to the kind of exploit that was used to attack it.

### What Are Zero-day Attacks and How Do Zero-day Attacks Work?

A zero-day attack is a cyberattack that occurs on the same day a weakness is discovered in software. At that point, it's exploited before a fix becomes available from its creator. This type of attack exploits the lack of time (the "zero-day" part) available to prevent the attack or mitigate its effects.

### Who Carries Out Zero-day Attacks?

- **Cybercriminals** - Hackers whose motivation is usually financial gain.

- **Hacktivists** - Hackers motivated by political or social causes who want the attacks to be visible to draw attension to their cause.

- **Corporate Espionage** - Hackers who spy on companies to gain information about them

- **Cyberwarfare** - Countries or political actors spying on or attacking another country's cyberinfrastructure.

### Who Are the Targets of Zero-day Exploits?

- Operating systems

- Web browsers

- Office applications

- Open-source components

- Hardware and Firmware

- Internet of Things (IoT)

## How to Identify Zero-day Attacks

### How to Protect Yourself Against Zero-day Attacks

- Keep all and operating systems up to date

- Use only essential applications

- Use a firewall

- Within organizations, educate users

- Use a comprehensive antivirus software solution

- A solution based on behavior analysis could be another way of protection

- Monitoring unusual program behavior keeps information systems and software secure