From: A.R. (r00t@northernfortress.net)
Date: Wed Aug 18 2004 - 16:03:41 EDT
On Tue, 2004-08-17 at 13:43, DeMott Jared wrote:
> I know that I can identify
> "potential" flaws using Nessus, but my boss has asked that I prove to
> him each and every "potential" weakness. I've been told that you can
> find many exploits out on the web, but it's been such a hassle trying to
> find all of what I'm looking for!
Nessus provides you, for each "potential" vulnerability, with the
Bugtraq ID (BID) of the vulnerability itself. With that ID, you only
have to look for the vulnerability description on securityfocus.com,
where you can find the relative public exploits.
Other places where to look for more exploits have already been suggested
;)
Hope this helps
Alberto Revelli
Northern Fortress Inc.
-- "The Church is near but the road is icy. The bar is far away but I will walk carefully." -- Russian Proverb ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:59 EDT