In-Reply-To: <[EMAIL PROTECTED]> Well, CANVAS has only one 0day exploit currently: It has a really nice remote in RealServer. I think having good 0day remotes is the only way to really test how an organization will react to a real intrusion. What's the point in testing your response systems if your reaction team can just search on GOOGLE to find out everything they need to know? So some new vulnerabilities do go into CANVAS - the IIS MediaServer bug was in CANVAS before it came out, for example.
In addition, certain bugs that have been relesed, such as the Microsoft RPC bug that just came out, or the IIS WebDav bug, get put into CANVAS long before the exploits become public. Even though the RPC bug is not "0day" - as they say, "It's 0day to you." If you're trying to convince your CIO to invest in patches or HIDS, or migration to Linux, you can use CANVAS to do so TODAY, and not wait for LSD to release their POC code. And you can do it with a command prompt on the mail server, which many CIOs find very convincing, instead of waiting for the inevitable Microsoft worm to disable your entire network. Immunity also offers, for larger companies, a service where you can learn about other research Immunity has done, or is currently working on. This is as close to an "0day" service as anything in the market. A lot of this research is driven from Immunity's SPIKE protocol analysis suite (GPLed). More information on the Immunity Vulnerability Sharing Club, Immunity CANVAS product, and SPIKE are available from http://www.immunitysec.com/. Thanks, Dave Aitel CEO Immunity, Inc. "It's 0day to you." :> >canvas has some 0day exploits and i think it is worth a buy, >but another good product is core impact. >they made a good product full of reliable exploits, for the >latest bugs in major daemons. it's not very cheap, but worthy >for that what u might searching for. > >cheers, >frank > > >----- Original Message ----- >From: "Jesse Bessette" <[EMAIL PROTECTED]> >To: "Box" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> >Sent: Monday, July 21, 2003 8:18 PM >Subject: Re: exploits, good exploits > > >> Im thinking that your looking for exploits to be delivered to you before >> they are delivered to anyone else??? Dont you think we all want that same >> thing?? >> >> Hackers, script kiddies and the like all subscribe to lists as well..They >to >> have exploits delivered to them as soon as there out in the wild..Get in >> line >> >> >> ----- Original Message ----- >> From: "Box" <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]> >> Sent: Sunday, July 21, 2002 10:12 AM >> Subject: exploits, good exploits >> >> >> > Hello, >> > >> > Maybe somebody knows commercial database/service or somthing, where is >> > posible to buy subscription for good (0day or somehting) exploits. >> > How i can find in free resources (SecuriTeam, pulhas, security focus and >> > others) it's only not very useful exploits (i don't speak about WebDav >and >> > MSSQLudp exploits). >> > >> > Only one way to get good exloits it's to trade in hackers IRC chanells? >> > >> > >> > Gabriel Rain, >> > StaForIT Security Consulting >> > >> > >> > >> > >> > >> > >> >> -------------------------------------------------------------------------- >> - >> >> -------------------------------------------------------------------------- >> -- >> > >> > >> >> >> -------------------------------------------------------------------------- >- >> -------------------------------------------------------------------------- >-- >> > > >--------------------------------------------------------------------------- >---------------------------------------------------------------------------- > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
