Payload, Exploit & Vulnerability. You must’ve heard these three words a lot of times in cybersecurity. So what do these three words payload, exploit, and vulnerability mean?
To understand these three words listen to this short story.
Story For Payload, Exploit & Vulnerability
There was an agent named Jack who wanted to keep an eye on a suspect named Phill. So one night, when Phill was sleeping, Jack went to his house to secretly place a spy camera inside the home. But upon arriving there, he finds that every door is locked, so he can’t get in, but then Jack sees a kitchen window is open, so jack manages to get inside Phill’s house using that kitchen window and then secretly places the spy camera and then he leaves. Now Jack can keep an eye on his suspect using that camera.
What Is Payload, Exploit, And Vulnerability?
In this story, Jack is like an exploit that carries the payload to its target, the spy camera. Vulnerability, a hole within the system, is the kitchen window.
So in simple words, a payload is a malicious program or a piece of code placed by an exploit. So exploit is what delivers the payload using the vulnerability discovered in the target’s system and vulnerability is nothing but the hole in the system.
So To Sum Up
Payload: A malicious program or a piece of code that can cause data theft, activity monitoring, delete or modify files, display ads, etc.
Examples of Payload:
Exploit: Exploit is what delivers the payload by taking the advantage of vulnerabilities.
Examples of Exploits:
- GreenFlash Sundown
Vulnerability: Vulnerability is the hole in the system or we can say a flaw or weakness in the system that is mostly caused by coding programs carelessly.
Examples of Vulnerability:
- XML External Entities (XXE)
- Cross-Site Scripting (XSS)
- Insecure Deserialization
- Cryptographic Failures
Click here to see OWASP’s top 10 Vulnerabilities which is the list of Top 10 Vulnerabilites in web applications.
So now you guys must’ve understood what payload, vulnerability, and exploit mean. That’s it for this video. Don’t forget to drop a like. See you in the next one.