Exploits are a way of gaining access to a system through a security flaw and taking advantage of the vulnerability. Exploits normally came by the way of a programmed software, piece of code, or a script. They are delivered as a part of a kit which is a collection of exploits.

These exploits can vary in their methodology for instance some exploits allow you to get access to the network and get admin privileges. Other exploits allows you to trap websites with malware and malicious ads to get sensitive information from the website’s traffic. As you can imagine there are hundreds of exploits for many targets of attack. Luckily there is a program meant to identify the vulnerabilities that are well documented and disclosed. All of these vulnerabilities get a unique CVE code to identify the vulnerability usually involving the year it was discovered.

Blackhole 2.0 is one of the most popular toolkits for exploiting vulnerabilities and security holes in many software’s. Kits like this makes it easy for anyone to generate and distribute malware that has a high degree of success. Other methods include tools such as Nmap or Google Dorking to find security holes.

Microsoft is the most common target thanks to how widespread the use of it’s software is. The top exploited vulnerability on the list is CVE-2018-8174. Nicknamed Double Kill, it’s a remote code execution flaw residing in Windows VBScript which can be exploited through Internet Explorer.