Penetration Testing mailing list archives
Re: Different methods of obtaining exploits
From: "Ali Akbar" <aakbar19 () gmail com>
Date: Sat, 28 Jan 2006 21:47:11 -0000
On Fri, 27 Jan 2006 01:45:43 -0000, yawgmoth7 <yawgmoth7 () gmail com> wrote:
I've always wondered about this, I do not know why. But just the different ways that pen-testers get their exploits/vullnerabilities. I think it would go something like this: 50% From online security sites 25% Find their own 25% From their friends Have I left any out? If so, go ahead and add it, this is just about what I think it would be. This has always interesting me for some reason. See ya -- gurusnetwork.org Gurus'Network - Are you a guru? ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on yourwebsite. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Hi"25% find their own" does that mean they search arbitrarily? And/or does it mean making their own? Anyways, if your point was ment for the latter description, then I think the list is rational! I mean how else someone would obtain an exploit if it was not from a database/site, or making their own, or receiving it from someone?!
-- Ali Akbar | aakbar19 () gmail com ------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Different methods of obtaining exploits yawgmoth7 (Jan 28)
- Re: Different methods of obtaining exploits Ali Akbar (Jan 30)
- RE: Different methods of obtaining exploits security (Jan 30)
- Re: Different methods of obtaining exploits FocusHacks (Jan 30)
- Re: Different methods of obtaining exploits Dharmendra (Jan 31)
- Re: Different methods of obtaining exploits Roman Medina-Heigl Hernandez (Jan 31)
- <Possible follow-ups>
- Re: Different methods of obtaining exploits barcajax (Jan 30)