Re: Different methods of obtaining exploits

From: Ali Akbar (aakbar19@gmail.com)
Date: Sat Jan 28 2006 - 16:47:11 EST

• Next message: security@calculateddecision.com: "RE: Different methods of obtaining exploits"
• Previous message: david: "RE: Article: "Security Testing Demystified""
• In reply to: yawgmoth7: "Different methods of obtaining exploits"
• Next in thread: security@calculateddecision.com: "RE: Different methods of obtaining exploits"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, 27 Jan 2006 01:45:43 -0000, yawgmoth7 <yawgmoth7@gmail.com> wrote:

> I've always wondered about this, I do not know why. But just the
> different ways that pen-testers get their exploits/vullnerabilities. I
> think it would go something like this:
> 50% From online security sites
> 25% Find their own
> 25% From their friends
>
> Have I left any out? If so, go ahead and add it, this is just about
> what I think it would be. This has always interesting me for some
> reason.
>
> See ya
> --
> gurusnetwork.org
> Gurus'Network - Are you a guru?
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts,
> forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>

Hi

"25% find their own" does that mean they search arbitrarily? And/or does
it mean making their own? Anyways, if your point was ment for the latter
description, then I think the list is rational! I mean how else someone
would obtain an exploit if it was not from a database/site, or making
their own, or receiving it from someone?!

-- 
Ali Akbar | aakbar19@gmail.com
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: security@calculateddecision.com: "RE: Different methods of obtaining exploits"
• Previous message: david: "RE: Article: "Security Testing Demystified""
• In reply to: yawgmoth7: "Different methods of obtaining exploits"
• Next in thread: security@calculateddecision.com: "RE: Different methods of obtaining exploits"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:25 EDT