Penetration Testing mailing list archives

Re: Different methods of obtaining exploits

From: Roman Medina-Heigl Hernandez <roman () rs-labs com>
Date: Mon, 30 Jan 2006 11:54:09 +0100

yawgmoth7 wrote:

I've always wondered about this, I do not know why. But just the
different ways that pen-testers get their exploits/vullnerabilities. I
think it would go something like this:
50% From online security sites
25% Find their own
25% From their friends


I suppose "friends" probably means underground. So add:

5% Stolen (hacker been hacked :-))
5% From some honeypot

Ups, that's 110%! ;-)

Cheers,
-Roman

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Different methods of obtaining exploits yawgmoth7 (Jan 28)
- Re: Different methods of obtaining exploits Ali Akbar (Jan 30)
- RE: Different methods of obtaining exploits security (Jan 30)
- Re: Different methods of obtaining exploits FocusHacks (Jan 30)
- Re: Different methods of obtaining exploits Dharmendra (Jan 31)
- Re: Different methods of obtaining exploits Roman Medina-Heigl Hernandez (Jan 31)
- <Possible follow-ups>
- Re: Different methods of obtaining exploits barcajax (Jan 30)