NEW: security/exploitdb and security/exploitdb-papers

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

NEW: security/exploitdb and security/exploitdb-papers

Sebastian Reitenbach
This is the searchsploit tool, and a local version of the exploit database,
sometimes it's handy to have that offline available.

The Exploit Database is an archive of public exploits and corresponding
vulnerable software, developed for use by penetration testers and
vulnerability researchers. Its aim is to serve as the most comprehensive
collection of exploits, shellcode and papers gathered through direct
submissions, mailing lists, and other public sources, and present them
in a freely-available and easy-to-navigate database. The Exploit
Database is a repository for exploits and Proof-of-Concepts rather than
advisories, making it a valuable resource for those who need actionable
data right away.

any comments, concerns, objections, or even OK?

exploitdb.tar.gz (200K) Download Attachment
exploitdb-papers.tar.gz (38K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: NEW: security/exploitdb and security/exploitdb-papers

Sebastian Reitenbach
Am Mittwoch, Februar 06, 2019 23:21 CET, "Sebastian Reitenbach" <[hidden email]> schrieb:

> This is the searchsploit tool, and a local version of the exploit database,
> sometimes it's handy to have that offline available.
>
> The Exploit Database is an archive of public exploits and corresponding
> vulnerable software, developed for use by penetration testers and
> vulnerability researchers. Its aim is to serve as the most comprehensive
> collection of exploits, shellcode and papers gathered through direct
> submissions, mailing lists, and other public sources, and present them
> in a freely-available and easy-to-navigate database. The Exploit
> Database is a repository for exploits and Proof-of-Concepts rather than
> advisories, making it a valuable resource for those who need actionable
> data right away.
>
> any comments, concerns, objections, or even OK?
The exploitdb itself is in, now only with regard to exploitdb-papers.
Jasper@ suggested to put it under books CATEGORY, as well
as add missing NO_TEST.
However, he was a bit concerned about the distfile size,
well for me it would still be nice to have that contents
for easy install as package offline available, even if not
all contents is super high quality, therefore here's an
updated version again.


anyone else yay or nay?

cheers,
Sebastian

exploitdb-papers.tar.gz (38K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: NEW: security/exploitdb and security/exploitdb-papers

Stuart Henderson
On 2019/02/10 00:05, Sebastian Reitenbach wrote:

> Am Mittwoch, Februar 06, 2019 23:21 CET, "Sebastian Reitenbach" <[hidden email]> schrieb:
>
> > This is the searchsploit tool, and a local version of the exploit database,
> > sometimes it's handy to have that offline available.
> >
> > The Exploit Database is an archive of public exploits and corresponding
> > vulnerable software, developed for use by penetration testers and
> > vulnerability researchers. Its aim is to serve as the most comprehensive
> > collection of exploits, shellcode and papers gathered through direct
> > submissions, mailing lists, and other public sources, and present them
> > in a freely-available and easy-to-navigate database. The Exploit
> > Database is a repository for exploits and Proof-of-Concepts rather than
> > advisories, making it a valuable resource for those who need actionable
> > data right away.
> >
> > any comments, concerns, objections, or even OK?
>
> The exploitdb itself is in, now only with regard to exploitdb-papers.
> Jasper@ suggested to put it under books CATEGORY, as well
> as add missing NO_TEST.
> However, he was a bit concerned about the distfile size,
> well for me it would still be nice to have that contents
> for easy install as package offline available, even if not
> all contents is super high quality, therefore here's an
> updated version again.
>
>
> anyone else yay or nay?
>
> cheers,
> Sebastian

Sorry, nay for me.

2.1GB * 8 arches will be just under 17GB in snapshots when it goes through
all the arches, plus the same again for each OpenBSD release containing it.
This is quite a lot of bandwidth/disk space on the mirrors, and build time
on the slower machines of the ports build network, and at that size I don't
think it's really useful enough to have in packages (especially when you
can just git clone it).

Of course I noticed this by running out of disk space on a machine
where I was attempting to mirror packages.