Not all vulns are created equal.

About AttackerKB

When a new vulnerability prompts discussion on Twitter or hits media outlets, it can be difficult for security teams to wade through all the hype to determine risk and priority. How pervasive is the vulnerability? Is the expected shelf life long enough that it’s worth developing an exploit for? Is it worth dropping everything to patch or mitigate? Does an adversary or threat actor have a desire or motive to exploit the opportunity? Or is it actually...not useful or interesting?

Security researchers and hackers are almost always the first to shed light on the specific conditions and characteristics that make a vulnerability not just exploitable, but actually useful to attackers. AttackerKB was built to capture, highlight, and expand that knowledge for the whole security community.

Here's where you come in:

You each have different perspectives and areas of expertise. Whether you are a pen tester, defender, researcher, consultant, or all of the above, you have hard-won, firsthand experience that’s worth sharing. Both you and the security community can benefit from sharing information.

Have opinions on vulnerability value? Experience leveraging common flaws or misconfigurations to gain privileged access? Thoughts on which CVEs are over-hyped or under-hyped? Share your ratings and technical analysis in a vulnerability assessment to both better inform other practitioners and to receive feedback from the community.

The premise (and the promise!) of AttackerKB is to provide a forum for the security community to share insights and views that might otherwise get lost in all the hype and chaos, or dismissed as merely anecdotal. We believe that providing this additional perspective will help security professionals better understand the risk in their environment and make more informed decisions around prioritization and defense.

AttackerKB is in Beta, and we need your help to make it a success. Please share your feedback (good, bad, and ugly) with our team. This is your chance to influence our roadmap and let us know how we can make AttackerKB valuable for both you and the security community. Use the feedback button or join us on Slack to talk directly to our team.

If you're looking for more information on how to get started, check out our Guide and FAQ page.