ABOUT US

Our Experience

Vulns Security provides full spectrum capabilities from finding vulnerabilities in targeted systems to orchestrating a global infrastructure. We offer expertise in the field of Tool development, Reverse engineering, malware analysis, vulnerability research, and advanced operational capabilities that expand across multiple domains.

Why Us?

Vulns Security will join less than a handful of companies who offer similar services. However, Vulns Security will distinguish itself from potential competitors by developing close working relationships with clients.

Our Approach

Vulns Security provides both confidentiality and confidence to both developer and buyer, offering independent broker's makes it a reliable and confidential source for buying or selling (licensed) software.

Join our team of researchers?

Our exploitation techniques exceed the capabilities of today’s malicious actors which means our customers are prepared for future threats. Our tools allow users to prove or disprove claims made by defensive products while always being mindful of evasiveness.
We focus heavily on discovering and exploiting vulnerabilities in business-critical software like enterprise solutions, browser, operating systems, mobile devices and email clients/servers.

Exploit Acquisition Program Payouts

WE ARE VULNS SECURITY PREMIUM ACQUISITION PROGRAM ONLY FOR ZERO-DAY EXPLOITS AND ADVANCED CYBERSECURITY RESEARCH.

FC = Full-Chain
P-RCE = Pre-Authenticated Remote Code Execution
RCE = Remote Code Execution
LPE = Local Privilege Escalation
SBX = Sandbox Escape

SCADA PLC

Siemens (RCE) $30,000+
Honeywell (RCE) $30,000+
Mitsubishi (RCE) $20,000+
OMRON (RCE) $10,000+
ABB (RCE) $10,000+
Schneider (RCE) $10,000+
Other (RCE) $5,000+

NETWORK DEVICES

Juniper (RCE) $75,000+
Cisco (RCE) $75,000+
FortiNet (RCE) $75,000+
Citrix (RCE) $75,000+
Sophos (RCE) $75,000+
Sonicwall (RCE) $75,000+
F5 (RCE) $75,000+
HP (RCE) $50,000+
IBM (RCE) $50,000+
Huawei (RCE) $50,000+
ASUS (RCE) $5,000+
ZyXEL (RCE) $5,000+
Netgear (RCE) $5,000+
D-Link (RCE) $5,000+
TP-Link (RCE) $5,000+
Other (RCE) $5,000+

IPMI

Sun SSP (RCE) $100,000+
Dell DRAC (RCE) $100,000+
HP iLO (RCE) $100,000+
Supermicro IPMI (RCE) $100,000+
Cisco CIMC (RCE) $100,000+
VNC, TeamViewer, Radmin (RCE) $100,000+
Other $50,000+

MOBILE DEVICES

SMS/MMS (RCE+LPE) (Any Mobile OS) $7,000,000+
Apple iOS (FC) $5,000,000+
Apple iOS (RCE, SBX) $3,500,000+
Apple iOS (LPE) $200,000+
Android (FC) $5,000,000+
Android (LPE) $500,000+
Wi-Fi (RCE+LPE) (Any Mobile OS) $500,000+
WatchOS (LPE, RJB) $200,000+
Sandbox Escape (Any Mobile OS) $100,000+

PERIPHERAL DEVICES

CCTV (RCE) $30,000
Printers (RCE) $25,000
Scanners (RCE) $10,000

OPERATING SYSTEMS

Windows Server (RCE, SBX) $500,000+
Windows 7/8.1/10/11 (LPE, SBX) $100,000+
MacOS(M1/M2) (LPE, SBX) $150,000
MacOS (Intel) (LPE, SBX) $80,000+
Linux Desctop/Server (LPE) $50,000+
Virtual Machine Escape $50,000+

DATABASE SOFTWARE

MS SQL Server (RCE) $150,000+
Oracle Database (RCE) $150,000+
MangoDB (RCE) $30,000+
MySQL (RCE) $30,000+

PRODUCTIVITY APPS

MS Office Word, Exel, PP (RCE, SBX) $150,000+
Adobe PDF Reader All (RCE, SBX) $150,000+
Antivirus (RCE, LPE) $50,000+

MESSENGERS

Telegram $50,000+
WhatsApp $50,000+
Wire $50,000+
Facebook messenger $30,000+
WeChat $20,000+
Viber $20,000+
IMO $10,000+
Line $10,000+

WEB SERVERS

Microsoft IIS (P-RCE) $250,000+
MS Exchange Server (RCE) $250,000+
Nginx (RCE) $250,000+
Appache Server (RCE) $250,000+
Open SSL (RCE) $100,000+
Lotus Domino (RCE) $50,000+
JBoss $50,000+
Appache Tomcat (RCE) $50,000+

WEB Browser

TOR Browser (RCE+SBX) $500,000+
Google Chrome (RCE+SBX) $500,000+
MS Edge (RCE+SBX) $500,000+
Apple Safar OSX (RCE+SBX) $350,000+
Mozilla Firefox (RCE+SBX) $350,000+

EMS

Micrasoft SharePoint $250,000+
IBM FileNet $100,000+
Oracle WebCenter $100,000+

FTP

Filezilla (RCE) $50,000+
Titan (RCE) $30,000+
Serv-U (RCE) $20,000+
net2ftp (RCE) $20,000+

CMS

Wordpress (RCE) $150,000+
1C Bitrix (RCE) $100,000+
Wix (RCE) $75,000+
Joomla (RCE) $40,000+
Drupal (RCE) $25,000+

FORUMS

IP.Board (RCE) $75,000+
vBulletin (RCE) $75,000+
Lithim communities (RCE) $50,000+
MyBB (RCE) $50,000+
PHPbb (RCE) $25,000+
IP.Suite (RCE) $25,000+
XenForo $25,000+
Woltlab BB (RCE) $25,000+

PLM and EPR

SAP $250,000+
Siemens Teamcenter $250,000+
Oracle ERP $200,000+
Oracle Agile PML $200,000+
SPTC Windchill PLM $200,000+
MentorGraphics HyperLynx SI PLM $100,000+
Enovia PLM $50,000+

MAIL SERVERS

Microsoft Outlook OWA (RCE) $250,000+
Semdmail (RCE) $50,000+
IBM Lotus Domino (RCE) $50,000+
Horde (RCE) $50,000+
Roundcube (RCE) $50,000+
Squirellmail (RCE) $50,000+
Other mail servers (RCE) $25,000+

HOSTING PANELS

cPanel (RCE) $100,000+
Plesk (RCE) $50,000+
Derect Admin (RCE) $50,000+
Other (RCE) $25,000+

RULES

How to sell us your 0 Days and Rules of Representation

We constantly buy 0 day and N day vulnerabilities and exploits. We do not pay for hypothetical vulnerabilities.

Please provide a brief technical description of the vulnerabilities and exploits on our form to our e-mail:submit@vulns-sec.com

Your vulnerability will be analyzed and evaluated by us within 48 hours. Remuneration can be paid in cash, bank transfers or anonymous transfers using crypto conversions. We are considering an additional premium for exclusive conditions for us in the form of additional quarterly payments to researchers before disclosure of the vulnerability.



Prices 0 days can be higher than indicated in the table all depends on the quality of the exploits, we are ready to negotiate the price on a bilateral basis.



If you have any counter proposals regarding the acquisition process, you can always contact us. We can organize a personal meeting with you in practical any country in the world to personally discuss all the issues personally.

SUBMIT

Vulnerability Opportunities

MacBook Air

Depending on the technical information submitted, a price will be presented to you (the researcher) which you can then accept or counter. Once submitted we will respond with an offer which may be accepted or rejected.


In addition to vulnerabilities, we are interested in obtaining various research results, such as:


  • Deanonimization of TOR network resources
  • Bypassing ASLR, DEP, UAC and other security mechanism
  • Attack vectors for remote code execution on devices via GSM, Bluetooth and WiFi
  • Vulnerabilities on mobile chipsets
  • Innovative detour of antiviruses
  • Other research results and technical information

SPEC SHEET

All questions should have the most detailed answers from this depends on what price we will offer you for your 0day exploit.

Locate Our Spec Sheet Here: Download
When submitting Spec-Sheet & PoC video please encrypt with our PGP Key: Download