RE: Exploit Repositories and Due Diligence

["Carl Tucker" <manuscity () hotmail com>]

Does anyone know where there is a good repository of capture files outside 
of whats mentioned below?

CT

> From: "Jeff" <jb () jbware net>
> Reply-To: <jb () jbware net>
> To: <pen-test () securityfocus com>
> Subject: Exploit Repositories and Due Diligence
> Date: Thu, 9 Jun 2005 21:19:52 -0400
>
> I have a question regarding the use of exploit repositories (including
> projects like Metaploit, and compliations on bootable distros like 
> Whoppix).
> With all of the large exploit repositories used to make pen testing faster
> and easier, what methods do you use to ensure you've done your due 
> diligence
> in not unleashing something actually harmful on your clients?  I have my 
> own
> thoughts, such as googling and superficial|deep code reviews, but 
> ultimately
> my concern is over the malcious hiding of intentions.  Thanks for any
> insights and suggestions.
>
> - Jeff

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/