Penetration Testing mailing list archives
RE: Different methods of obtaining exploits
From: <security () calculateddecision com>
Date: Sat, 28 Jan 2006 16:03:06 -0600
I guess you're kinda screwed if you don't have any friends then, huh? Maybe this fits under one of your headings already, but not too long ago everyone was talking about the vendor patches themselves pointing out vulns. The attacker/tester diffing the before and after to find out what changed and then building something towards that. - Anthony Towry -----Original Message----- From: yawgmoth7 [mailto:yawgmoth7 () gmail com] Sent: Thursday, January 26, 2006 7:46 PM To: pen-test () securityfocus com Subject: Different methods of obtaining exploits I've always wondered about this, I do not know why. But just the different ways that pen-testers get their exploits/vullnerabilities. I think it would go something like this: 50% From online security sites 25% Find their own 25% From their friends Have I left any out? If so, go ahead and add it, this is just about what I think it would be. This has always interesting me for some reason. See ya -- gurusnetwork.org Gurus'Network - Are you a guru? ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 1/27/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 1/27/2006 ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Different methods of obtaining exploits yawgmoth7 (Jan 28)
- Re: Different methods of obtaining exploits Ali Akbar (Jan 30)
- RE: Different methods of obtaining exploits security (Jan 30)
- Re: Different methods of obtaining exploits FocusHacks (Jan 30)
- Re: Different methods of obtaining exploits Dharmendra (Jan 31)
- Re: Different methods of obtaining exploits Roman Medina-Heigl Hernandez (Jan 31)
- <Possible follow-ups>
- Re: Different methods of obtaining exploits barcajax (Jan 30)