From: Justin Ferguson (jnferguson@gmail.com)
Date: Wed Nov 07 2007 - 23:59:38 EST
any of the places you'd expect to find that type of thing, aka what
has already been mentioned; however if you're actually trying to do
something like determine exploitability for trending or whatever then
its best to either diy or hire one of the many outside firms that do
that sort of thing.
On 11/7/07, Joey Peloquin <joeyp@cotse.net> wrote:
> Walsh, Leo wrote:
> > I don't personally know of any place that tracks CVE to exploit code nor
> > a place that tracks all exploit code.
>
> http://milw0rm.com/ is an exploit repository.
>
> http://www.osvdb.org/ is a vulnerability db, staffed by volunteers, who
> research disclosed vulns, and document them thoroughly, citing the many
> disparate sources of vuln information around the world. CVE and milw0rm are
> just a couple sources researched when mangling a vuln.
>
> -jp
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:12 EDT