Our service correlates exploitability information with detected vulnerabilities when known exploits are published by third party vendors and/or publicly available sources. Exploitability information enables you to perform risk-oriented analysis of vulnerabilities and to further prioritize remediation plans. Our service constantly correlates exploitability information from real-time feeds to provide up to date references to exploits and related security resources.

Tell me about where exploitability info comes from

Exploitability information is currently obtained from the following providers: Core Security, Immunity (and their partners Agora, Dsquare, Enable Security, White Phosphorous), Metasploit, and The Exploit-DB.

What is the black hat (Black hat icon indicating exploitibility.)?

This appears on the KnowledgeBase page to indicate that exploitability information is available for the vulnerability.