Account [RegistrationRole [Anonymous] Researcher: 40 Advisories: 79 Documents: 0 Videos: 0 Date: 13.11.2019 TZ: 11:02

Subscribe to the Shared Vulnerability Feed

The Government-Lab APT Core Security Team is providing 2 types of licenses (researcher & customer). Advanced & Expert customer accounts can view all provided details in the laboratory index and can access the special customer section where specific commercial zero-day advisories/vulnerabilities are listed.

Customers of the Government Laboratory

- Penetration Tester/Researchers/Analysts/Exploiters
- Security Offices, Information & Vulnerability Assesment Agencies
- Vendor of Products & Software or Security Companies
- Monitoring- Vulnerability Services or Information/Notification Services
- IPS (Internet Prevention System) & Security Appliances Listings
- Security Events, Journalists or Tech Magazines
- Bug Bounty Programs

Allowed: DE, RU, ES, CH, AT, IT, GR, IR, CN, EG, FI, FR, HK, SA, SE, JP, TK, USA & UK ...
Notice: No sanctioned countries & criminal organisations

3 Month Account - Researchers

The researcher can watch and request all INDEX details ... Articles, Videos, Documents, Resource, Advisories & 0 Day Vulnerabilities. The researcher section & community is a good and attractive place to learn, share experience, exchange information or upgrade your personal software/application/frameworks/feed with fresh data or information. Government Laboratory provide 3 month pass for researchers.

3 Month Account - Customers

The customer can watch and request all index & private customer section details ... articles, videos, documents, resources, advisories & zero-day vulnerabilities. The customer section provides a special private feed only for laboratory customers with weekly new 0day vulnerabilities and advisories or bug reports. Customers can use the laboratory data for analysis, presentations, talks, workshops, listings, appliances, stats, security products & of course to secure the own terrain. The customer pass is very attractive to buy for isp, security companies, hosting services, product vendors, developers/manufaturer, penetration testers, analysts and advanced groups or security teams.

How can i pay the Researcher or Customer Account ... ?

1. Official Banking Account - (Sparkasse or Deutsche Bank)

2. Direct Transfer via Online Bank & ID - (Reisebank or West Union)

3. Online Banking (3rd Party) - (Paypal or Wire-Transfer)

4. Anonymous Online Payment (3rd Party) - (Paysafe Card)

What details, resources, and data are provided in the advisories?
We provide the following details, resources & references on our zero-day advisory feeds ...

Title: (Title of Advisory/Vulnerability)
Date: (Release Date of Advisory)
References: (Reference Direct Links - CWE/CVE ID or VL Links)
VL-ID: (Internal Vulnerability-Laboratory ID)
Introduction: (Product/Service/Website description of vendor with source)
Abstract: (Short abstract information about the Vulnerability/Advisory)
Report-Timeline: (Impacts: B-Report;V-Notification;Vendor Response;Vendor Fix; Public & Customer Disclosure)
Status:(Impacts:Pending on Laboratory;Verified Laboratory;Accepted by Vendor;Published-C & Published-IX)
Exploitation-Technique: (Remote or Local)
Severity: (Impacts: Critical Flag(red), Elevated Flag(orange), Medium Flag(yellow), Low Flag(green)
Affected: (Version & Product Description)
Details: (Technical Details & Location of the Vulnerability/Bug)
Proof of Concept: (PoC, Exploit, Reference Links or Step by Step Description)
Solution: (Fix or Patch)
CVSS: (Common Vulnerability Scoring System)
Risk: (Risk level description of author)
Credits: (Author of the security advisory)
Disclaimer: (Copyrights, Law & Information)
Attachment: (Debug Logs, Dumps, Error logs, Exception Logs, PoC, Test Session Logs, Pictures, Docs or Vids)

We detect the following type of Vulnerabilities & Design flows

Notice: Vulnerabilities (CVE)
Cross Site Scripting (Persistent) Vulnerabilities
Cross Site Request Forgery
Click-Jacking & Cam-Jacking
Unrestricted & unauthorized Local/Remote File Include
Directory Traversal / Path Traversal
Auth, Filter or Exception Bypass
SQL Injection & Blind SQL Injection
Input Validation Vulnerabilities (Persistent/Non-Persistent)
Stack / Buffer / Heap / Integer / Unicode -Overflows
Local/Remote Privilege Escalation
Format Strings
Memory Corruption
Division/Devide by Zer0 Bugs
Pointer Vulnerabilities (... Null Pointer, Access Violation, Read, Write ;)
Local/Remote Command Execution
Local/Remote Code Execution
Denial of Service & stable Firmware Freeze + Blocks
Information Leaking & Information Disclosure

Notice: Weakness (CWE)
Weak Algorythm, weak Encryption & weak Chiffre
Misconfiguration of OS, Systems & Applications
Structure & Design Errors/Flows
Kernel Panic / Black & Blue Screens
Stable Application- & Software- Crashs

In the following available issue classes ...

Web Application Vulnerabilities (Open Source) (Remote)
Web Application Vulnerabilities (Closed Source) (Remote)
Web Application Online Services Vulnerabilities (Remote)

Local Software Vulnerabilities (Open Source) (Windows & Linux)
Local Software Vulnerabilities (Closed Source)(Windows & Linux)
Local OS Vulnerabilities (Closed Source) (Windows)
Local Kernel Vulnerabilities (Open Source) (Linux)
Local Device & Controls Vulnerabilities (Hardware)

Remote Software Vulnerabilities (Open Source)
Remote Software Vulnerabilities (Closed Source)
Remote OS Vulnerabilities (Closed Source) (Windows)
Remote Kernel Vulnerabilities (Open Source) (Linux)
Remote Device & Controls Vulnerabilities (Hardware)



[ Search ] [ News ] [ Submit ] [ Stats ] [ Team ] [ Partner ] [ Talks & Workshop ] [ Subscribe ] [ Customer ] [ Contact ] [ Impressum ]

[Statistics] [November] 0 Critical: 0 High: 0 Medium: 0 Low: 0 Best Researcher: [GOV SEC TEAM] Threat: