This year at RSAC 2014, Stuart McClure and myself did a talk titled Hacking Exposed: Art of Deterrence. During this talk, we announced various botnet vulnerabilities which had not been previously disclosed and some that had been. Here I will document some of them.
Dexter, the POS malware was the botnet in the primary focus of the talk. There were 2 exploits released prior to RSAC, with slightly different objectives.
Madness Pro is a botnet focused on denial of service attacks. The exploit for this botnet is not yet public as it is still very effective and there are still major versions of this botnet at large. This exploit can be released upon request.