Metasploit Project
The Metasploit Project is an open source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research.
Phenoelit
Custom built network tools designed to take advantage of the exploits within many network hardware systems. Also the home of the k0ld LDAP brute force utility. A must have for many professional penetration testers.
Basics of Win32 Shatter Attacks
Step by step guide to privilege escalation using shatter attacks. Shatter Attacks use flaws within the Windows API call SetWindowLong() as well as others.
UnderGroundBG's official web
Security related materials, exploits, etc, also the official web of UnderGroundBG
Exploiting Caller ID
The Software Orange Box is a free proof-of-concept tool which can spoof most forms of North American Caller ID.
0-Day Exploits and Tutorials
DataStroghold.com Unveils how exploits and other hacking techniques are performed, in a clear and concise method. Frequently updated and always interesting.
Deny.de
A large exploit forum, with customized exploit tools and 0-day downloads. An active community where help is just a post away.
FrSIRT Exploits Archive
Archive of current 0day exploits from European and Asian sources. French and English language content provided.
Hack A Day
A hardware hack every day.
Ill Mob
Home of a number of 0-day exploit authors. Many creative Trojan droppers and methods are released here.
Canvas Exploit Platform
A commercial exploit platform similar to metasploit. Has built in memory resident shells that are cleared when the machine is rebooted. Perfect for cleaning up after a penetration test.
Ethical Hacking Course
Commercial hacker training course on how to write and use exploits.
Fyodor's Exploit World
A large and descriptive exploit archive organized by affected operating systems.
malware.com
A group that develops as well as discloses software exploits on many of the security mailing lists. Mainly specializing with Microsoft Office and Internet Explorer Vulnerabilitys.
milw0rm.com
Exploit database separated by exploit type (local, remote, DoS, etc.)
Network Security Archive
A collection of mailing list archives dealing with exploits, vulnerability development and hacking
NGS Research
Series of papers on how to write exploits and discover vulnerabilities
PacketStorm Security
Packet Storm is a non-profit organization comprising computer security professionals that are dedicated to providing the information necessary to secure the networks world-wide. It publishes new security information on a global network of websites. The organization offers an abundant resource of up-to-date and historical security tools, exploits, and advisories. It provides network security professionals, researchers, and all other interested individuals with the ability to analyze and learn from the tools, processes and mindsets of their opponents, as well as offering the tools needed to build and test defenses against them.
Phrack.org Archives
Phrack is an underground ezine made by and for hackers that has been around since November 17, 1985. The magazine is open for contributions by anyone. Topics of interest are security, hacking, phreaking, anarchism, cryptography, spying, radio broadcasting, coding, conspiracy, and world news.
PullThePlug WarGames
Place for Programmers and Hackers to hone their technical skills by completing challenging wargames and Programming Challenges. Including Network Programming, Defeating PaX, Buffer/Heap Overflows, Format Strings etc.
Rosiello Security
Advisories, exploits, shellcodes, whitepapers, free software.
SecuriTeam.com
Beyond Security® will help you expose your security holes and will show you what the bad guys already know about your hosts and network. Use our Automated Scanning service to perform a full security audit of your site, and find the latest security news and tools on Beyond Security®'s SecuriTeam™ web site.
Security-Protocols Exploit News
A up to date security and exploit portal, provides commentary on many popular exploits as they develop in the wild.
Security Focus
SecurityFocus is the most comprehensive and trusted source of security information on the Internet. SecurityFocus is a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
Security Tracker
Archive of exploits and security advisories
SecWatch - Keeping An Eye On Security
SecWatch - A site dedicated to the latest in security - all the latest and archived exploits and vulnerabilities.
The Hacker's Choice
Website for various exploits and hacking tools (such as hydra)
Trivia Security Exploits Archive
Latest Security Exploits and codes. Updated daily.
|