I've just built a custom sandbox, and I'm happy with the way it processes samples that I upload directly. Now I'd like to work on "drive-by" browser exploits, but I'm not sure how to go about testing it. Is anyone aware of any public feed of URLs serving exploits/compromised sites?
Asked
Active
Viewed 313 times
1
-
Are you ask for sites that exploit unpatched 0-day attacks in browsers in them? – Neil Smithline Oct 21 '15 at 04:18
-
1For test purposes you could use Metasploit and an old outdated browser to connect to a web server running from within Metasploit that will send a malicious payload upon visiting. – Jeroen Oct 21 '15 at 04:37
-
2Compromised sites tend to get shut down. If you look through Exploit-db, you should find nice exploits that you could host yourself. – schroeder Oct 21 '15 at 04:51