/>

About us

The Russian-based zero-day purchase platform paying for offensive security research and products

Operation Zero is the only official Russian zero-day purchase platform. Created by information security professionals and for professionals, the platform provides its clients unprecedented technologies for offensive and defensive operations in cyberspace.

  • Individual approach for each researcher

  • Payments that match worlds standards in the field

  • Simple and clear zero-day acquisition process

  • Availability of all required permits

  • No risk of exploits falling into the wrong hands

Targets and categories

learn more
Desktops Mobiles Servers Virtualization Software Routers Baseband

Our clients

Our clients are Russian private and government organizations only. If you represent a company based in Russia and want to get access to the cutting edge zero-day technologies, we would be glad to answer your questions at contact

contact@opzero.ru

Acquisition process

  • Contact

    A researcher sends us a brief description of his product

  • Assessment

    We analyze the description, ask the researcher some clarifying questions if needed, and then make an initial offer

  • Code sharing

    The researcher sends us source codes of the exploit

  • Verification

    We check the exploit within a working week

  • Payment

    We pay the researcher

Vacancies

  • Carry out tasks assigned to the team, including the Windows OS security research, the reverse engineering of closed source components, the development of static and dynamic analysis tools, the verification of existing vulnerabilities and proof-of-concepts for exploitability, the writing of fully functional exploits, and the chaining of exploits.
  • Participate in the testing process of finished exploits, modify and update them as new software versions are released.
  • Offer insights to the team and participate in discussions on new developments and research.
Learn more

  • Carry out tasks assigned to the team, including the research of one of modern browsers, the verification of existing vulnerabilities and proof-of-concepts for exploitability, the writing of fully functional exploits, and the chaining of exploits.
  • Participate in the testing process of finished exploits, modify and update them as new software versions are released.
  • Offer insights to the team and participate in discussions on new developments and research.
Learn more

Events

Watch more

UnderConf 2025

Moscow, Quattro Space

Organizer: UnderConf

28 September 2025

OFFZONE 2025

Moscow, GOELRO Hall

Organizer: BI.ZONE

21-22 August 2025

UnderConf 2024

Moscow, Holiday Inn Sokolniki Hotel

Organizer: UnderConf

29 September 2024

OFFZONE 2024

Moscow, ZIL Cultural Center

Organizer: BI.ZONE

22-23 August 2024

OFFZONE 2023

Moscow, GOELRO Hall

Organizer: BI.ZONE

24-25 August 2023

Press

learn more

101 Chrome Exploitation — Part 0: Preface

This will be an introductory course to exploiting browsers. Not just covering a few JIT bugs and common renderer process exploits, we'll take an in-depth look at the entire browser structure, security layers and understand how a chain is built, how to assemble each part and turn memory corruptions or invalid states into exploits. And […]