Advisories, Proof of Concepts, Exploits.

About Our Ethics


BlackH is an independent security research and development team.
We work with vendors and enterprises to pinpoint and eradicate security flaws, using penetration testing and source code review.

Our practice focus areas are advanced applications built with PHP, JavaScript MySQL and any other web technologies.


Our releases include, but are not limited to:

We follow a strict release process to ensure the security of vulnerable softwares' users.
We contact the softwares's authors as soon as vulnerabilities are found, with a non-disclosure offer.

If we didn't get any reply from authors within 1 (one) week or if they decline our non-disclosure offer, the vulnerabilies are disclosed to the public through popular mailing lists (such as FullDisclosure) and published on our website.

Contact us

We would be happy to work with you, just send us an email.

view sources