
Nov 16, 2009
Offensive Security Exploit Archive Online
Offensive Security Exploit Database, as well as Vulnerable applications is now Online
After a short and intense setup, we are ready to present the Offsec Exploit Archive. We’ve recreated the milw0rm database, updated it and are now accepting submissions. The purpose of the site is to provide researchers and security enthusiasts a repository of exploits, and when possible, the relevant affected software. We’ve started the party by posting a few new exploits of our own – namely a Novell eDirectory 8.8 SP5 iConsole Buffer overflow exploit and a HP Power Manager Administration Universal Buffer Overflow Exploit.
You can visit the archive here: https://www.exploit-db.com/
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec

Research & Tutorials
CVE-2025-29306 – Unauthenticated Remote Code Execution in FoxCMS v1.2.5 via Unserialize Injection
Discover details about CVE-2025-29306, a critical RCE vulnerability in FoxCMS 1.2.5. Learn how unsafe use of PHP’s unserialize() function enables remote attackers to execute arbitrary system commands.
Jul 3, 2025
2 min read

Research & Tutorials
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php
Discover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project ≤ 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.
Jun 26, 2025
2 min read

OffSec News
What It Really Means to “Try Harder”
Discover how OffSec’s “Try Harder” mantra evolved into a mindset, and how it helps learners build grit, creativity, and real-world problem-solving skills.
Jun 23, 2025
7 min read