Re: [PEN-TEST] Where do you go?

["Ex Machina [xm]" <xm () WHILE1 NET>]

SF is simply lacking some exploits. Here's "trash2.c" linked on
packetstorm: http://packetstorm.securify.com/DoS/trash2.c

I couldn't find this anywhere on SF. SecurityFocus seems to contain fewer
implementations of exploits and usually the code is more "Proof of
Concept" oriented. Often, sites like www.hack.co.za simply contain more
powerful exploits (like mass wuftpd2.6.0 exploiters and such).

Another thing important to note was that www.hack.co.za used to have an
"invite only section." Basically, if you added a new exploit to this
section, you would have access to other unreleased exploits. Not very
 kosher.

Ex Machina (xm () while1 net)   http://www.while1.net/~xm/
phone: +1-877-LPT-WHIP   icq: 3387005   aim: ExMachina

On Wed, 13 Dec 2000, Ryan Russell wrote:

> Date: Wed, 13 Dec 2000 15:44:09 -0800
> From: Ryan Russell <ryan () SECURITYFOCUS COM>
> Reply-To: Penetration Testers <PEN-TEST () SECURITYFOCUS COM>
> To: PEN-TEST () SECURITYFOCUS COM
> Subject: Re: [PEN-TEST] Where do you go?
>
> On Wed, 13 Dec 2000, Tim Hirst wrote:
>
> > Once upon a time, when a Penetration Tester needed to get the latest
> > vulnerability information or the most recent exploit code, they had a
> > few good sites to choose from. But now rootshell and insecure.org
> > haven't been updated in eons (in internet time) and packetstorm no
> > longer has the same cutting edge feel that they once had (damn you JP!).
>
> If I may throw in a question (since we host this list :) ), what's missing
> from SecurityFocus.com that makes us not the best place for that kind of
> stuff?
>
>                                       Ryan