FrSIRT Puts Exploits Up For Sale

[This was originally published on the OSVDB blog.]

FrSIRT Puts Exploits up for Sale
By Ryan Naraine
March 15, 2006

Independent security research outfit FrSIRT.com is putting its database of security exploits behind the paid curtain.

FrSIRT, previously known as K-Otik, has shut down the public exploits section of its Web site and announced that all exploits and
proof-of-concept code will be sold through its subscription-based VNS (Vulnerability Notification Service).

Since they presumably didn’t write a majority of their exploits, what is the motivation for people to keep sending in such code if it will be used for profit? Wouldn’t exploit writers send it to Securiteam or another site that focuses on the code more than vuln tracking?

Leave a Reply

%d bloggers like this: