Zero-Day: Vulnerability Research & Discovery

Systematic methodology for finding novel, undisclosed vulnerabilities in source code, compiled binaries, and live systems. This skill guides the research process from intelligence gathering through proof-of-concept development to responsible disclosure.

This is the discovery skill - it finds vulnerabilities nobody has catalogued yet. For exploiting known weaknesses on live systems, use lockpick. For scanning code against known vulnerability patterns, use security-audit.

Target versions: May 2026 snapshot. Read references/target-versions.md before pinning static analysis, reversing, fuzzing, or debugger tooling.

When to use

Hunting for undisclosed vulnerabilities in a codebase, binary, or running service
Variant analysis after a CVE is published (finding similar bugs in related code)
Patch diffing - analyzing what a security update fixed to find nearby issues
Developing proof-of-concept exploits for discovered vulnerabilities

zero-day

Zero-Day: Vulnerability Research & Discovery

When to use

More from iuliandita/skills

databases

code-review

prompt-generator

ci-cd

skill-refiner

docker