Re: Exploit Archive

[Jacob Uecker <jacob () juecker net>]

I don't personally have an exploit library per se but you can check out 
www.packetstormsecurity.org  They post exploits as they are published. 
As far as methodology is concerned, take a look at 
http://www.isecom.org/projects/osstmm.shtml

VMware is good for some applications, but it doesn't allow you the guest 
OS control over the hardware like you could have if you were running it 
right off the box.  A lot of people use KNOPPIX on their Windows boxes.

Regards,
        Jacob

DeMott Jared wrote:

> Gang:
>
> I was wondering if anyone has a nice archive of Windows, Unix, etc.
> exploits (fully functional) they'd be willing to share.  I'm about to do
> the first pen-test of our network.  I know that I can identify
> "potential" flaws using Nessus, but my boss has asked that I prove to
> him each and every "potential" weakness.  I've been told that you can
> find many exploits out on the web, but it's been such a hassle trying to
> find all of what I'm looking for!
>
> Also, I've been reading the discussion about methodology some people
> have been having:
>
> 1.) Vulnerability Assessment                  2.) Penetration Test
>     -Gather data                                            -Pretend not
> to know data
>     -Assess potential weakness                      -Try to Hack into
> the network
>     -Determine what current patch levels are   -Report successes or
> failures
>      (does someone have this data?)
>     -Recommend all necessary corrections
>
> Does anyone have a more complete methodology paper?  I've been hearing
> some of the pros and cons of the above two.  Do you normally do both, or
> just whatever people what?  I assume the first is more difficult and
> time consuming; is that true?
>
> The approach is certainly important, but even more intimidating:  I feel
> like I need to know everything about varying brands of firewalls,
> routers, switches/hubs, VLANs, VPNs, Web Applications, Windows, Unix,
> Netware, etc., etc., etc.!  I'm pretty experienced in Unix and
> Firewalls, but does anyone have any advise on dealing with the shear
> magnitude of data necessary?  Also, from the more practical tools stand
> point, do you guys just have everything loaded on one "attack" laptop.
> Dual boot, or VmWare?
>
> Thanks so much!
>
> Jared DeMott
> Vulnerability Analyst
> Booz | Allen | Hamilton


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
-------------------------------------------------------------------------------