— RED TEAM OPERATIONS

WE FIND
WHAT OTHERS
MISS

Exploit Lab is an offensive security research group focused on web application penetration testing, vulnerability discovery, and security tooling. We break systems so you can fix them.

ENGAGE US VIEW TOOLS
Exploit Lab Logo

5+

Years Active

4+

Team Members

12+

Tools Built

BUILT BY
PRACTITIONERS

Exploit Lab is an offensive security research group operating under the belief that real security comes from understanding how attacks work — not just patching CVEs and hoping for the best.

We combine hands-on penetration testing with tooling development and vulnerability research. Everything we publish is tested against real targets, in authorized environments.

Our work spans web application security, recon automation, AI/LLM attack surfaces, and CVE research. We operate independently, publish openly, and take on client engagements where our depth adds real value.

— MORE CAPABILITIES

WHAT WE DO

01 /

WEB APP PENTESTING

IDOR, XSS, SQL auth bypass, business logic flaws. Structured assessments with reproducible PoCs.

Multi-target Interactive shell
02 /

API SECURITY TESTING

REST, GraphQL, and gRPC. Auth flaws, injection, broken object-level authorization, mass assignment.

Threaded Port + HTTP
03 /

EXTERNAL ATTACK SURFACE

Full external perimeter assessment. Asset discovery exposure analysis, and risk prioritization.

Comprehensive Risk-driven
04 /

ACTIVE DIRECTORY & INTERNAL

Kerberoasting, pass-the-hash, privilege escalation, lateral movement, domain compromise.

Domain takeover Multi-stage
05 /

RED TEAM SIMULATION

Full-scope adversary simulation. C2 infrastructure, exfil, phishing and multi-stage intrusion chains.

Operations
06 /

CLOUD SECURITY PENTESTING

AWS, Azure, GCP misconfigurations. IAM privilege escalation, storage exposure, and cloud-native attack paths.

Cloud-focused

— OPEN SOURCE

TOOLS WE SHIP

RESEARCH // XSS TESTING

XSSVAULT

XSS payload mutation and contextual rendering analysis platform. Tests filter evasion techniques across diverse injection contexts. Live testing environment for XSS vulnerability validation.

Web Platform Live testing XSS payloads
VISIT PLATFORM →
RECON // FINGERPRINTING

SNIFFER

Website technology and fingerprinting detection tool.

Python Tech detection Fingerprinting
VIEW ON GITHUB →
RECON // WEB CRAWLING

XTRA

Web reconnaissance and site crawling tool for data extraction.

Bash Web crawling Data extraction
VIEW ON GITHUB →
RECON // FRAMEWORK

RECONOPS

Reconnaissance framework for attack surface discovery and mapping.

Framework Methodology Education
VIEW ON GITHUB →
RECON // LIVENESS DETECTION

FELIX

Subdomain liveness checker and verification tool.

Bash Subdomain checking POSIX compliant
VIEW ON GITHUB →
SCANNING // DETECTION

CPANEL-CHECKER

cPanel detection and scanning tool for target enumeration.

Python Multi-threaded Detection
VIEW ON GITHUB →
SECURITY // RESEARCH

CP-BYPASS

Security research and testing tool for vulnerability assessment.

Python CRLF Injection Auth bypass
VIEW ON GITHUB →

WHO'S
BEHIND IT

Tremor

TREMOR

@EXPLOITLAB

Red Team Lead. Web app pentesting, recon automation, exploit development, AI security research.

Khoded

KHODED

@EXPLOITLAB

Red Team Operator. Internal network penetration testing, Active Directory attacks, lateral movement.

Catalyst

CATALYST

@EXPLOITLAB

Vulnerability Researcher. CVE analysis, PoC development, responsible disclosure.

Nishant

NISHANT

@EXPLOITLAB

Red Team Operator. Web application security, bug bounty hunting, attack surface enumeration.

Catalyst

DEV CHUKWUKA

@EXPLOITLAB

Security Engineer. Custom tooling development, automation frameworks, offensive infrastructure.

??

OPEN POSITION

@EXPLOITLAB

We're hiring. Security professionals, researchers, and engineers.

APPLY →

— RESEARCH & WRITEUPS

LATEST DROPS

May 2026

CVE RESEARCH

CVE-2026-41940 — CPANEL & WHM AUTH BYPASS VIA CRLF INJECTION

cpsrvd writes session data to disk before sanitizing CRLF characters. A crafted Authorization header injects attacker-controlled fields directly into the session file — hasroot=1, verified=1 — without any valid credentials. Four stages. No authentication. Full WHM root access.

READ MORE →

May 2026

TOOLING

CPANEL-CHECKER — HIGH-SPEED CPANEL PANEL DETECTION

Multi-threaded scanner for identifying exposed cPanel installations across large target lists. Port scanning, HTTP endpoint checks, header fingerprinting.

VIEW TOOL →

2026

BUG BOUNTY

BUILDING EXPLOZA — AI-POWERED BUG BOUNTY AUTOMATION

How we built an end-to-end intelligence engine that handles recon, vulnerability testing, and evidence packaging in a single pipeline.

FOLLOW UPDATES →

Coming

UPCOMING

MORE RESEARCH INCOMING

We publish regularly on CVE research, tooling development, attack techniques, and security automation. Subscribe or follow our GitHub for updates.

SUBSCRIBE →

WORK WITH
EXPLOIT LAB

We take on web application penetration testing engagements, security assessments, and freelance security work.

If you need someone who actually understands the attack surface, reach out.

GITHUB github.com/expl0itlab
EMAIL info@exploitlab.com
LINKEDIN linkedin.com/company/exploitlab
TELEGRAM Expl0itlab