Exploit bundles from Packet Storm

Packet Storm manages one of the best compilations of exploits for penetration testing your servers. Perhaps you've found a vulnerability in your system with Nessus and would like to see how "black hats" would go about compromising your system. Disclaimer: use these exploits for auditing your systems only!

Download all exploit bundles

The following script will download all annual and monthly exploit bundles from Packet Storm and place them in $EXPLOIT_DIR. After running the script once, you may want to run it periodically to keep your collection "in sync" with Packet Storm's.


# Destination directory

# First year for which annual compilations are not available


# Create the exploits destination directory if it does not exist
[ ! -d $EXPLOITS_DIR ] && mkdir $EXPLOITS_DIR

# Retrieve annual exploit bundles; skip them if already downloaded
for YEAR in 1999 2000 2001 2002
   TWO_DIGIT_YEAR=`echo $YEAR | cut -c3-4`
   [ -f ${YEAR}-exploits.tgz ] && continue
   echo -e "Retrieving $YEAR annual exploit bundle...\n"
   wget http://packetstormsecurity.org/${TWO_DIGIT_YEAR}12-exploits/${YEAR}-exploits.tgz
# Retrieve monthly exploit bundles; skip them if already downloaded
while [ "$STARTING_YEAR" -le "$CURRENT_YEAR" ]
   # Download the full year's worth of monthly exploit bundles
   YEAR=`echo $STARTING_YEAR | cut -c3-4`
   for MONTH in Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
      FULL_MONTH=`date -d 1${MONTH} +%B`
      NUMERIC_MONTH=`date -d 1${MONTH} +%m`
      [ -f ${YEAR}${NUMERIC_MONTH}-exploits.tgz ] && continue
      echo -e "Retrieving ${FULL_MONTH} 20${YEAR} exploit bundle...\n"
      wget http://packetstormsecurity.org/${YEAR}${NUMERIC_MONTH}-exploits/${YEAR}${NUMERIC_MONTH}-exploits.tgz

Here is an example crontab entry to periodically retrieve the latest exploit bundles from Packet Storm. Note: we will run the script on the 10th of every month as the previous month's exploit bundle should be available for download.

0 6 10 * * ~/scripts/retrieve_exploit_bundles > /dev/null 2>&1

Yearly compilations

<>Download an entire year's worth of exploits with these links:

2002 exploits

2001 exploits
2000 exploits
1999 exploits

Back to brandonhutchinson.com.

Last modified: 08/30/2004