ZeroPort
Verified seller
Trusted Middleman
Exploit Developer
Exploit Scripter
Shell Coder
Software Vendor
Tool Seller
Trusted
Elite
Zero Day Hunter
Exploit Tester
- Joined
- Dec 25, 2020
- Messages
- 11,673
- Reaction score
- 9,238
- Escrow Deals
- 1273
- Total Purchases
- $ 46258
- Total TradeVolume
- $ 1754152
- Deposit
- $ 72500
ZERO-DAY Private Cloud & Kernel Exploit Portfolio — Hypervisor Escapes, Container Breakouts, Priv-Esc Chains
Direct-Source Vendor | One-Shot Access | No Mirrors | Escrow on Request
Why You’re Here
Tools are for script kids.
We provide the holes they don’t know exist.
Our catalogue contains exclusively non-public, privately researched Zero-Days with working PoC or fully weaponised deploy-kits. Every vector is live-tested against current builds and shipped with step-by-step docs or a live session walkthrough.
We sell access, not PDFs.
What’s on the Table
Focus Areas:
Pricing Matrix
Price flexes with: patch ETA, blast radius & exclusivity window.
Purchase Terms
• One client per exploit variant — no mass resale
• Delivery: PoC repo + compile guide or live shell via tmux session
• Optional “we-run-it-for-you” model (access-as-a-service)
• Strict NDAs; leaks void all future business
Accepted Coins
BTC | XMR | USDT (ERC-20 / TRC-20)
Fiat/PayPal? Not happening.
Escrow available via vetted forum middlemen.
Contact Channels
Telegram (end-to-end): @RobbertCash
XMPP/OMEMO: czdrops@exploit.im
Forum PM: slower, but monitored
PGP key provided on kick-off.
Why Work with Us
Research done in-house — zero re-brokered leaks
Live demo before coin moves
Weekly inventory refresh; patched items pulled instantly
Client vetting keeps lifespan long — we sell longevity, not hype
Spotlight Inventory (1-slot each)
[VMWARE][vSphere 8] — vCenter SOAP deserialisation → root on all ESXi — $14 000
[AWS][IAM] — Lambda ENTITLEMENT chain → Org-root STS token (PoC + SDK) — $22 000
[LINUX][6.6] — BPF/out-of-bounds → kernel R/W, SELinux bypass — $6 500
[K8S][1.29] — ValidatingWebhook logic gap → cluster-admin via “dry-run” — $9 800
[WINDOWS][11 23H2] — win32k callback race → SYSTEM from Low, bypass WinDef — $7 200
Final Notes
No recycled CVEs — everything under active embargo
We cap sales to max 1–2 buyers per vuln chain
No “free scans,” no screenshot teasers, no tire-kickers
Post vetting questions below or DM for the full slate.
Professionals only. Tourists will be ignored.
Direct-Source Vendor | One-Shot Access | No Mirrors | Escrow on Request
Why You’re Here
Tools are for script kids.
We provide the holes they don’t know exist.
Our catalogue contains exclusively non-public, privately researched Zero-Days with working PoC or fully weaponised deploy-kits. Every vector is live-tested against current builds and shipped with step-by-step docs or a live session walkthrough.
We sell access, not PDFs.
What’s on the Table
Focus Areas:
- Cloud & Virtualisation
• AWS / Azure / GCP privilege pivot (instance-wide or account-wide)
• VMware ESXi / vCenter remote code execution & datastore exfil
• Hyper-V & KVM guest-to-host escapes (ring-0 shell)
• Terraform backend takeover (state-file injection) - Containerisation & Orchestration
• Docker daemon socket abuse → root on host
• Kubernetes (RBAC bypass → cluster-admin)
• Istio side-car escape → east-west traffic sniff
• CI/CD runners (GitLab, GitHub Actions) sandbox breakouts - Kernel & Driver Chains
• Linux (5.15 → 6.6) LPE via BPF & io_uring race
• Windows 11 / Server 2022 token swap (SYSTEM in <1 s)
• macOS 14 root via EndpointSecurity double-free
• Signed driver abuse for EDR kill & kernel implant - Enterprise SaaS & SSO
• Okta SCIM mis-sync → shadow admin
• AzureAD device code hijack (MFA-less)
• Atlassian Confluence OGNL RCE (pre-patch)
• ServiceNow MID-server reverse tunnel
Pricing Matrix
Severity | Scope | Starting Price |
---|---|---|
Local Priv-Esc (single host) | read/write | $4 000 |
Lateral / Cross-Tenant | multi-host | $9 000 |
Hypervisor Escape / Cloud Root | full execute | $18 000 |
Chain Packs (2-3 linked vulns) | turn-key | POA |
Price flexes with: patch ETA, blast radius & exclusivity window.
Purchase Terms
• One client per exploit variant — no mass resale
• Delivery: PoC repo + compile guide or live shell via tmux session
• Optional “we-run-it-for-you” model (access-as-a-service)
• Strict NDAs; leaks void all future business
Accepted Coins
BTC | XMR | USDT (ERC-20 / TRC-20)
Fiat/PayPal? Not happening.
Escrow available via vetted forum middlemen.
Contact Channels
Telegram (end-to-end): @RobbertCash
XMPP/OMEMO: czdrops@exploit.im
Forum PM: slower, but monitored
PGP key provided on kick-off.
Why Work with Us
Research done in-house — zero re-brokered leaks
Live demo before coin moves
Weekly inventory refresh; patched items pulled instantly
Client vetting keeps lifespan long — we sell longevity, not hype
Spotlight Inventory (1-slot each)
[VMWARE][vSphere 8] — vCenter SOAP deserialisation → root on all ESXi — $14 000
[AWS][IAM] — Lambda ENTITLEMENT chain → Org-root STS token (PoC + SDK) — $22 000
[LINUX][6.6] — BPF/out-of-bounds → kernel R/W, SELinux bypass — $6 500
[K8S][1.29] — ValidatingWebhook logic gap → cluster-admin via “dry-run” — $9 800
[WINDOWS][11 23H2] — win32k callback race → SYSTEM from Low, bypass WinDef — $7 200
Final Notes
No recycled CVEs — everything under active embargo
We cap sales to max 1–2 buyers per vuln chain
No “free scans,” no screenshot teasers, no tire-kickers
Post vetting questions below or DM for the full slate.
Professionals only. Tourists will be ignored.