| | | [FORUM] [NEWS] [VIDEO]
Account [Registration]   Role [Anonymous] Researcher: 232 Advisories: 322 Documents: 17 Videos: 65 Date: 18.05.2012 TZ: 22:42

[ Home ] [ Upcoming ] [ Web-Application ] [ Vendor ] [ Remote ] [ Local ] [ Mobile ] [ Websites ] [ Documents ] [ Videos ] [ ? ]

Subscribe to Customer Section/Area

The Vulnerability-Lab Security Team is providing 2 types of licenses on 3 categories(beginner, advanced, expert). Advanced & Expert customer accounts can view all provided details in the laboratory index and can access the special customer section where specific commercial zero-day advisories/vulnerabilities are listed.

Customers of the Vulnerability-Laboratory

- Trusted PenetrationTester/Researcher/Analysts
- Security Offices & Vendor Product Companies
- Monitoring- & Vulnerability-Services
- IPS (Internet Prevention System)
- Security/WarGaming Events & Security Magazines
- Bug Bounty Awards & official Contests/Competitions

Allowed: DE, RU, ES, CH, AT, IT, GR, IR, CN, EG, FI, FR, HK, SA, SE, JP, TK, USA & UK ...
Notice: No sanctioned countries & criminal organisations

 

License Types & Categories of Vulnerability-Laboratory

Overview
 Beginner Advanced Expert(Single) Expert(Multi)
View All Content (Index)
Laboratory Mail Support (Customer)
View All Content (Customer) - Monitoring, IPS&IDS
Proof of Concept
Resources (Pictures, Dumps, Logs, Reports & Co.)
Laboratory Phone Support (Customer)
Researcher Support (Customer)
Use/Reuse vulnerability information
(Only internally (To secure your products))
Use/Reuse vulnerability information
(Internally and for your customers)

 

 

We detect the following type of Vulnerabilities & Design flows

Notice: Vulnerabilities (CVE)
Cross Site Scripting (Persistent) Vulnerabilities
Cross Site Request Forgery
Click-Jacking & Cam-Jacking
Unrestricted & unauthorized Local/Remote File Include
Directory Traversal / Path Traversal
Auth, Filter or Exception Bypass
SQL Injection & Blind SQL Injection
Input Validation Vulnerabilities (Persistent/Non-Persistent)
Stack / Buffer / Heap / Integer / Unicode -Overflows
Local/Remote Privilege Escalation
Format Strings
Memory Corruption
Division/Devide by Zer0 Bugs
Pointer Vulnerabilities (... Null Pointer, Access Violation, Read, Write ;)
Local/Remote Command Execution
Local/Remote Code Execution
Denial of Service & stable Firmware Freeze + Blocks
Information Leaking & Information Disclosure

Notice: Weakness (CWE)
Weak Algorythm, weak Encryption & weak Chiffre
Misconfiguration of OS, Systems & Applications
Structure & Design Errors/Flows
Kernel Panic / Black & Blue Screens
Stable Application- & Software- Crashs

 

What details, resources, and data are provided on an advisory?
We provide the following details, resources & references on our zero-day advisory feeds ...

Title: (Title of Advisory/Vulnerability)
Date: (Release Date of Advisory)
References: (Reference Links - CWE/CVE ID)
VL-ID: (Internal Vulnerability-Laboratory ID)
Introduction: (Product/Service/Website description of vendor with source)
Abstract: (Short abstract information about the Vulnerability/Advisory)
Report-Timeline: (Impacts: B-Report;V-Notification;Vendor Response;Vendor Fix; Public & Customer Disclosure)
Status:(Impacts:Pending on Laboratory;Verified Laboratory;Accepted by Vendor;Published-C & Published-IX)
Exploitation-Technique: (Remote or Local)
Severity: (Impacts: Critical Flag(red), Elevated Flag(orange), Medium Flag(yellow), Low Flag(green)
Affected: (Version & Product Description)
Details: (Technical Details & Location of the Vulnerability/Bug)
Proof of Concept: (PoC, Exploit, Reference Links or Step by Step Description)
Solution: (Fix or Patch)
Risk: (Risk level description of author)
Credits: (Author of the security advisory)
Disclaimer: (Copyrights, Law & Information)
Attachment: (Debug Logs, Dumps, Error logs, Exception Logs, PoC, Test Session Logs, Pictures, Docs or Vids)

 

How does the Role System work for customers ?
We are providing a special role system for the vulnerability laboratory access & section restrictions ...

Laboratory Role > Anonymous
Anonymous users can just view restricted details of the vulnerabilities/advisories in the Laboratory.

Laboratory Role > Lab User
A lab user is a registered user in the Laboratory and can view all advisory details on the index.

Laboratory Role > Customer
Customers can view all provided details in the laboratory index and can access the customer area where specific commercial zero-day advisories are listed. Customers have all rights to use the advisories for their automatic notification, management, or IPS systems. We have two types of C-licenses: 1. view all content 2. Use and duplicate all content. On both of them we provide a single and a multi license.

Laboratory Role > Manager
Managers can view all index listed advisories and can view/access the customer area. Manager accounts for trusted and stable researchers/exploiters/analysts. Managers have their own panel to implement new advisories to the vulnerability laboratory timeline.

Laboratory Role > Administrator
The Administrators are controlling the service, implementing updates, and verifying advisories.

 

To subscribe the private payed zero-day vulnerability feed ... contact our < Support Team >
[ Search ] [ News ] [ Submit ] [ Reward ] [ Stats ] [ Team ] [ Partner ] [ Subscribe ] [ Customer ] [ Contact ] [ Impressum ] [ Dev ]


Advisories [May]: 24 Critical: 9 High: 7 Medium: 8 Low: 0 Best Researcher [the storm] Productivity: