Darkfield
Zero-Day Watchtower · public observatory

What's being weaponised right now.

Near-real-time aggregator of emerging-vulnerability signals from public sources: CISA KEV, GitHub PoC drops, Exploit-DB, and vendor PSIRT feeds. Every signal carries the original URL so you can verify in one click.

Honest disclaimer: this is active-exploitation radar, not broker-forum tracking. We don't have invites to XSS or Exploit.in — we aggregate what's publicly observable and triangulate it. With $0 in feed costs.

View

Method. Every 30 minutes we pull each source, normalise to a common shape (vendor / product / CVE / timestamp / URL), and index. Sources are reachable without auth and free. We never paywall the feed — every URL is a permalink.