ABOUT US
Our Experience
Vulns Security provides full spectrum capabilities from finding vulnerabilities in targeted systems to orchestrating a global infrastructure. We offer expertise in the field of Tool development, Reverse engineering, malware analysis, vulnerability research, and advanced operational capabilities that expand across multiple domains.
Why Us?
Vulns Security will join less than a handful of companies who offer similar services. However, Vulns Security will distinguish itself from potential competitors by developing close working relationships with clients.
Our Approach
Vulns Security provides both confidentiality and confidence to both developer and buyer, offering independent broker's makes it a reliable and confidential source for buying or selling (licensed) software.
Join our team of researchers?
Our exploitation techniques exceed the capabilities of today’s malicious actors which means our customers
are prepared for future threats. Our tools allow users to prove or disprove claims made by defensive
products while always being mindful of evasiveness.
We focus heavily on discovering and exploiting vulnerabilities in business-critical software like enterprise
solutions, browser, operating systems, mobile devices and email clients/servers.
Exploit Acquisition Program Payouts
WE ARE VULNS SECURITY PREMIUM ACQUISITION PROGRAM ONLY FOR ZERO-DAY EXPLOITS AND ADVANCED CYBERSECURITY RESEARCH.
FC = Full-Chain
P-RCE = Pre-Authenticated Remote Code Execution
RCE = Remote Code Execution
LPE = Local Privilege Escalation
SBX = Sandbox Escape
SCADA PLC
Siemens (RCE) | $30,000+ |
Honeywell (RCE) | $30,000+ |
Mitsubishi (RCE) | $20,000+ |
OMRON (RCE) | $10,000+ |
ABB (RCE) | $10,000+ |
Schneider (RCE) | $10,000+ |
Other (RCE) | $5,000+ |
NETWORK DEVICES
Juniper (RCE) | $75,000+ |
Cisco (RCE) | $75,000+ |
FortiNet (RCE) | $75,000+ |
Citrix (RCE) | $75,000+ |
Sophos (RCE) | $75,000+ |
Sonicwall (RCE) | $75,000+ |
F5 (RCE) | $75,000+ |
HP (RCE) | $50,000+ |
IBM (RCE) | $50,000+ |
Huawei (RCE) | $50,000+ |
ASUS (RCE) | $5,000+ |
ZyXEL (RCE) | $5,000+ |
Netgear (RCE) | $5,000+ |
D-Link (RCE) | $5,000+ |
TP-Link (RCE) | $5,000+ |
Other (RCE) | $5,000+ |
IPMI
Sun SSP (RCE) | $100,000+ |
Dell DRAC (RCE) | $100,000+ |
HP iLO (RCE) | $100,000+ |
Supermicro IPMI (RCE) | $100,000+ |
Cisco CIMC (RCE) | $100,000+ |
VNC, TeamViewer, Radmin (RCE) | $100,000+ |
Other | $50,000+ |
MOBILE DEVICES
SMS/MMS (RCE+LPE) (Any Mobile OS) | $7,000,000+ |
Apple iOS (FC) | $5,000,000+ |
Apple iOS (RCE, SBX) | $3,500,000+ |
Apple iOS (LPE) | $200,000+ |
Android (FC) | $5,000,000+ |
Android (LPE) | $500,000+ |
Wi-Fi (RCE+LPE) (Any Mobile OS) | $500,000+ |
WatchOS (LPE, RJB) | $200,000+ |
Sandbox Escape (Any Mobile OS) | $100,000+ |
PERIPHERAL DEVICES
CCTV (RCE) | $30,000 |
Printers (RCE) | $25,000 |
Scanners (RCE) | $10,000 |
OPERATING SYSTEMS
Windows Server (RCE, SBX) | $500,000+ |
Windows 7/8.1/10/11 (LPE, SBX) | $100,000+ |
MacOS(M1/M2) (LPE, SBX) | $150,000 |
MacOS (Intel) (LPE, SBX) | $80,000+ |
Linux Desctop/Server (LPE) | $50,000+ |
Virtual Machine Escape | $50,000+ |
DATABASE SOFTWARE
MS SQL Server (RCE) | $150,000+ |
Oracle Database (RCE) | $150,000+ |
MangoDB (RCE) | $30,000+ |
MySQL (RCE) | $30,000+ |
PRODUCTIVITY APPS
MS Office Word, Exel, PP (RCE, SBX) | $150,000+ |
Adobe PDF Reader All (RCE, SBX) | $150,000+ |
Antivirus (RCE, LPE) | $50,000+ |
MESSENGERS
Telegram | $50,000+ |
$50,000+ | |
Wire | $50,000+ |
Facebook messenger | $30,000+ |
$20,000+ | |
Viber | $20,000+ |
IMO | $10,000+ |
Line | $10,000+ |
WEB SERVERS
Microsoft IIS (P-RCE) | $250,000+ |
MS Exchange Server (RCE) | $250,000+ |
Nginx (RCE) | $250,000+ |
Appache Server (RCE) | $250,000+ |
Open SSL (RCE) | $100,000+ |
Lotus Domino (RCE) | $50,000+ |
JBoss | $50,000+ |
Appache Tomcat (RCE) | $50,000+ |
WEB Browser
TOR Browser (RCE+SBX) | $500,000+ |
Google Chrome (RCE+SBX) | $500,000+ |
MS Edge (RCE+SBX) | $500,000+ |
Apple Safar OSX (RCE+SBX) | $350,000+ |
Mozilla Firefox (RCE+SBX) | $350,000+ |
EMS
Micrasoft SharePoint | $250,000+ |
IBM FileNet | $100,000+ |
Oracle WebCenter | $100,000+ |
FTP
Filezilla (RCE) | $50,000+ |
Titan (RCE) | $30,000+ |
Serv-U (RCE) | $20,000+ |
net2ftp (RCE) | $20,000+ |
CMS
Wordpress (RCE) | $150,000+ |
1C Bitrix (RCE) | $100,000+ |
Wix (RCE) | $75,000+ |
Joomla (RCE) | $40,000+ |
Drupal (RCE) | $25,000+ |
FORUMS
IP.Board (RCE) | $75,000+ |
vBulletin (RCE) | $75,000+ |
Lithim communities (RCE) | $50,000+ |
MyBB (RCE) | $50,000+ |
PHPbb (RCE) | $25,000+ |
IP.Suite (RCE) | $25,000+ |
XenForo | $25,000+ |
Woltlab BB (RCE) | $25,000+ |
PLM and EPR
SAP | $250,000+ |
Siemens Teamcenter | $250,000+ |
Oracle ERP | $200,000+ |
Oracle Agile PML | $200,000+ |
SPTC Windchill PLM | $200,000+ |
MentorGraphics HyperLynx SI PLM | $100,000+ |
Enovia PLM | $50,000+ |
MAIL SERVERS
Microsoft Outlook OWA (RCE) | $250,000+ |
Semdmail (RCE) | $50,000+ |
IBM Lotus Domino (RCE) | $50,000+ |
Horde (RCE) | $50,000+ |
Roundcube (RCE) | $50,000+ |
Squirellmail (RCE) | $50,000+ |
Other mail servers (RCE) | $25,000+ |
HOSTING PANELS
cPanel (RCE) | $100,000+ |
Plesk (RCE) | $50,000+ |
Derect Admin (RCE) | $50,000+ |
Other (RCE) | $25,000+ |
RULES
How to sell us your 0 Days and Rules of Representation
We constantly buy 0 day and N day vulnerabilities and exploits. We do not pay for hypothetical
vulnerabilities.
Please provide a brief technical description of the vulnerabilities and exploits on our form to our e-mail:submit@vulns-sec.com
Your vulnerability will be analyzed and evaluated by us within 48 hours. Remuneration can be paid in cash,
bank transfers or anonymous transfers using crypto conversions. We are considering an additional premium for
exclusive conditions for us in the form of additional quarterly payments to researchers before disclosure of
the vulnerability.
Prices 0 days can be higher than indicated in the table all depends on the quality of the exploits, we are ready to negotiate the price on a bilateral basis.
If you have any counter proposals regarding the acquisition process, you can always contact us. We can organize a personal meeting with you in practical any country in the world to personally discuss all the issues personally.
SUBMIT
Vulnerability Opportunities
Depending on the technical information submitted, a price will be presented to you (the researcher) which you can then accept or counter. Once submitted we will respond with an offer which may be accepted or rejected.
In addition to vulnerabilities, we are interested in obtaining various research results, such as:
- Deanonimization of TOR network resources
- Bypassing ASLR, DEP, UAC and other security mechanism
- Attack vectors for remote code execution on devices via GSM, Bluetooth and WiFi
- Vulnerabilities on mobile chipsets
- Innovative detour of antiviruses
- Other research results and technical information