Definition

What is Exploit?

A piece of software, command sequence, or technique that leverages a known vulnerability to cause unintended or unauthorized behavior in a target system. Exploits range from proof-of-concept code that demonstrates a vulnerability is genuine and exploitable, to fully weaponized tools enabling persistent access, lateral movement, or data exfiltration. In penetration testing, demonstrating a working exploit proves real business risk rather than theoretical exposure.

Related terms

Payload →

The component of an attack that performs the attacker's intended malicious action after a vulnerability has been triggered.

Zero-Day Vulnerability →

A software vulnerability that has been discovered but not yet publicly disclosed or patched by the vendor, leaving affected systems with no available fix at the time it is known or exploited.

Remote Code Execution (RCE) →

A critical vulnerability class that allows an attacker to execute arbitrary commands or code on a target system from a remote location, typically without requiring physical access or prior authentication.

Common Vulnerabilities and Exposures (CVE) →

A public catalog of disclosed security vulnerabilities, each assigned a unique identifier in the format CVE-YEAR-NUMBER (e.g., CVE-2021-44228 for Log4Shell).

Put this into practice

Multi-step attack chain simulation →

See how Penetrify's autonomous AI agents find and validate this class of security issue in your application.