Re: Different methods of obtaining exploits

From: Neil (neil@voidfx.net)
Date: Tue Jan 31 2006 - 15:52:29 EST

• Next message: Neil Kathok: "Re: Question: FTP via alternate port"
• Previous message: Lars Troen: "RE: Strange replies on closed port"
• In reply to: FocusHacks: "Re: Different methods of obtaining exploits"
• Next in thread: kish_pent@yahoo.com: "Re: Re: Different methods of obtaining exploits"
• Maybe reply: kish_pent@yahoo.com: "Re: Re: Different methods of obtaining exploits"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I agree. Actually finding exploitable vulns in applications is a time
consuming job, and I think you'll find more people who do that working
under the title "Security Researcher" than pen-tester.

Neil

On 1/29/2006 9:49 AM, FocusHacks wrote:
> I'd say 100% of pen testers use exploits found on mailing lists and
> security sites, and I would be willing to bet a good 25% of them are
> getting exploits from friends and other limited-distribution channels
> on top of using published exploits.
>
> Honestly I'd bet the number of pen-testers actively finding holes to
> exploit is probably in the single-digit percentages. There may be 25%
> who take an advisory and reverse engineer the app to code an exploit
> for it, or re-vamp some POC code to be useable in the field, but I
> doubt 25% are actually finding the bugs to begin with.
>
> On 1/26/06, yawgmoth7 <yawgmoth7@gmail.com> wrote:
>> I've always wondered about this, I do not know why. But just the
>> different ways that pen-testers get their exploits/vullnerabilities. I
>> think it would go something like this:
>> 50% From online security sites
>> 25% Find their own
>> 25% From their friends
>>
>> Have I left any out? If so, go ahead and add it, this is just about
>> what I think it would be. This has always interesting me for some
>> reason.
>>
>> See ya
>> --
>> gurusnetwork.org
>> Gurus'Network - Are you a guru?
>>--
Neil.
http://voidfx.net
"...the student skit at Christmas contained a plaintive line: "Give us
Master's exams that our faculty can pass, or give us a faculty that can
pass our Master's exams."
--Paul R. Halmos

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Neil Kathok: "Re: Question: FTP via alternate port"
• Previous message: Lars Troen: "RE: Strange replies on closed port"
• In reply to: FocusHacks: "Re: Different methods of obtaining exploits"
• Next in thread: kish_pent@yahoo.com: "Re: Re: Different methods of obtaining exploits"
• Maybe reply: kish_pent@yahoo.com: "Re: Re: Different methods of obtaining exploits"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:25 EDT