- by x32x01 ||
Most beginners think Vulnerability and Exploit are the same - but they’re not. Let’s break it down 
Vulnerability = A weakness or flaw in a system (bug, misconfiguration, weak policy).
Exploit = A technique or method used to abuse that weakness.
Impact = The actual damage caused (data leak, privilege escalation, downtime).
Examples:
Weak password policy (Vulnerability) → Brute force attack (Exploit) → Account takeover (Impact).
Misconfigured S3 bucket (Vulnerability) → Automated scanner finds it (Exploit) → Customer data exposed (Impact).
Outdated WordPress plugin (Vulnerability) → SQL Injection payload (Exploit) → Database dumped (Impact).
Defence Tips:Patch & update software regularly.
Apply least-privilege access controls.
Audit cloud configs & enforce secure defaults.
Monitor logs for unusual activity.
Run vulnerability scans often.
Quick Formula:Vulnerability (weakness) → Exploit (attack method) → Impact (breach/loss)
Knowing this difference helps defenders fix the root cause instead of just blocking the exploit.