RE: Exploit Repositories and Due Diligence

From: Carl Tucker (manuscity@hotmail.com)
Date: Mon Jun 20 2005 - 19:49:07 EDT


Does anyone know where there is a good repository of capture files outside
of whats mentioned below?

CT

>From: "Jeff" <jb@jbware.net>
>Reply-To: <jb@jbware.net>
>To: <pen-test@securityfocus.com>
>Subject: Exploit Repositories and Due Diligence
>Date: Thu, 9 Jun 2005 21:19:52 -0400
>
>I have a question regarding the use of exploit repositories (including
>projects like Metaploit, and compliations on bootable distros like
>Whoppix).
>With all of the large exploit repositories used to make pen testing faster
>and easier, what methods do you use to ensure you've done your due
>diligence
>in not unleashing something actually harmful on your clients? I have my
>own
>thoughts, such as googling and superficial|deep code reviews, but
>ultimately
>my concern is over the malcious hiding of intentions. Thanks for any
>insights and suggestions.
>
>- Jeff
>
>

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:26 EDT