- 0-Day Exploits and Tutorials - DataStroghold.com Unveils how exploits and other hacking techniques are performed, in a clear and concise method. Frequently updated and always interesting.
- Canvas Exploit Platform - A commercial exploit platform similar to metasploit. Has built in memory resident shells that are cleared when the machine is rebooted. Perfect for cleaning up after a penetration test.
- Ethical Hacking Course - Commercial hacker training course on how to write and use exploits.
- Exploiting Caller ID - The Software Orange Box is a free proof-of-concept tool which can spoof most forms of North American Caller ID.
- Fyodor's Exploit World - A large and descriptive exploit archive organized by affected operating systems.
- malware.com - A group that develops as well as discloses software exploits on many of the security mailing lists. Mainly specializing with Microsoft Office and Internet Explorer Vulnerabilitys.
- Metasploit Project - The Metasploit Project is an open source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research.
- milw0rm.com - Exploit database separated by exploit type (local, remote, DoS, etc.)
- Security Focus - Provides security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
- Security Tracker - Archive of exploits and security advisories
- Security-Protocols Exploit News - A up to date security and exploit portal, provides commentary on many popular exploits as they develop in the wild.
- VUPEN Exploits and PoCs - Archive of private exploits and proof-of-concept codes developed in-house by VUPEN Security.
