Answers to Common Questions People Have for Us

We have not hacked your websites or your software. We collect publicly available exploits from the internet and archive them here.
We do not accept exploits which violate our Exploit acceptance policy or have been tested and found not to work.
Read more on the Submit page.
No, we don’t. We publish what we get, as soon as we possibly can. The only reason we won’t publish an exploit is if it violates our exploit policies.
If you sent us an exploit, and it hasn’t been published yet, it could be due to a couple of reasons – either it has not abided by our submit policy, or it is still in our queue and is awaiting moderation.
We make an effort to verify exploits () in our labs, when possible.
A "non verified" exploit () simply means we did not have the opportunity to test the exploit internally.