Author

Topic: Offering to find exploits in your website for BTC (Read 997 times)

b!z
legendary
Activity: 1582
Merit: 1010
February 04, 2015, 01:44:33 AM
#7
What tools would you be using?


My own custom made one.

So you figured out how to compile Metasploit from source.
member
Activity: 78
Merit: 10
"Unknown quantity" is a turn of phrase - a person or thing whose nature, value, or significance cannot be determined or is not yet known. Thus implying of unknown quality.

No one will disagree that bots aren't any good at finding anything original; the benefit is in patching holes that can be found in an automated fashion, thereby getting yourself out of the low-hanging-fruit camp.
hero member
Activity: 504
Merit: 500
sucker got hacked and screwed --Toad
That's not the answer people will be wanting.

A security scan is not about finding random vulnerabilities with your fancy homemade tools, but about reducing the potential for compromise. Your tool is an unknown quantity, and thus provides no assurances as to how the potential for compromise is reduced.
quality*

Also, bots nowadays (or "tools") can't find good exploits. Most of the ones I've found were found through several hours of really getting into it.
member
Activity: 78
Merit: 10
That's not the answer people will be wanting.

A security scan is not about finding random vulnerabilities with your fancy homemade tools, but about reducing the potential for compromise. Your tool is an unknown quantity, and thus provides no assurances as to how the potential for compromise is reduced.
full member
Activity: 134
Merit: 100
What tools would you be using?


My own custom made one.
member
Activity: 78
Merit: 10
What tools would you be using?
full member
Activity: 134
Merit: 100
I am offering to find exploits in your scripts or new websites. I am offering different prices depending on the severity.

Severity
Price
Minor0.05BTCNormal0.1BTCMajor0.4BTC

Minor are exploits to get in to protected areas of your script
normal are security bypasses
major are xss, sql type injections to deface, steal accounts btc etc.

I can view scripts or test websites, it's up to you. If you are interested then please contact me.
Jump to: