@attritionorg Is the quality of the exploit constant? Do I have 10,000 fully reliable sploits that are equally easy to target as the 10?
-
-
-
@dakami No, but say you don't have reliable exploits for *any* of them. You just know exactly where the vulns are... -
@attritionorg If you're exclusively measuring the impact of "technically public" that's actually a best case scenario. Masking noise! -
@dakami "technically public" means that if you go looking, you can find it, via the web. maybe NOT via Google, but it is there, no auth.
End of conversation
New conversation -
-
-
@attritionorg 10 0 days so I can exploit those 9k vendors and gain those 10k vulns, as well as make some hard cash doing ATO on bank accts. -
@UrbanF0X Except, I said the 10k are already public! Just no one looking in the right places for them. (e.g. buried in a changelog)
End of conversation
New conversation -
-
-
@attritionorg If scanners don't find them, they are equivalent to 0day for vast majority of targets. So, take the 10k.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.