1. Overview

In this short article, we’ll learn the difference between the terms exploit and payload in computer security.

2. What Is an Exploit?

An exploit is a code that is written to take advantage of a specific vulnerability in a system.

Examples of exploits include web application exploits, denial of service exploits, remote code execution exploits, and so on.

3. What Is a Payload?

A payload is a code that is written to be executed after a system is successfully exploited. They can provide an interactive shell to the attacker, create a backdoor, or execute a particular piece of code.

Examples of payloads include the Meterpreter shell, keyloggers, reverse shells, and so on.

4. What Is the Difference?

The exploit delivers the payload while the payload is the code that performs the actual work. Without an exploit, there’ll be no way to deliver a payload and run code on a system. Without a payload, nothing will be done after exploiting a system:

exploit

5. Summary

In this article, we learned the difference between an exploit and a payload.