0-Day Exploits and Tutorials - DataStroghold.com Unveils how exploits and other hacking techniques are performed, in a clear and concise method. Frequently updated and always interesting. - http://www.datastronghold.com
PullThePlug WarGames - Place for Programmers and Hackers to hone their technical skills by completing challenging wargames and Programming Challenges. Including Network Programming, Defeating PaX, Buffer/Heap Overflows, Format Strings etc. - http://www.pulltheplug.org/
SecWatch - A site dedicated to the latest in security - all the latest and archived exploits and vulnerabilities. - http://www.secwatch.org
Hack A Day - A hardware hack every day. - http://www.hackaday.com/
Security Focus - SecurityFocus is the most comprehensive and trusted source of security information on the Internet. SecurityFocus is a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, fro - http://www.securityfocus.com
Security-Protocols Exploit News - A up to date security and exploit portal, provides commentary on many popular exploits as they develop in the wild. - http://www.security-protocols.com
Ill Mob - Home of a number of 0-day exploit authors. Many creative Trojan droppers and methods are released here. - http://www.illmob.org/
Canvas Exploit Platform - A commercial exploit platform similar to metasploit. Has built in memory resident shells that are cleared when the machine is rebooted. Perfect for cleaning up after a penetration test. - http://www.immunitysec.com/index.shtml
Exploiting Caller ID - The Software Orange Box is a free proof-of-concept tool which can spoof most forms of North American Caller ID. - http://www.artofhacking.com/orange.htm
FrSIRT Exploits Archive - Archive of current 0day exploits from European and Asian sources. French and English language content provided. - http://www.frsirt.com/exploits/
milw0rm.com - Exploit database separated by exploit type (local, remote, DoS, etc.) - http://www.milw0rm.com
Ethical Hacking Course - Commercial hacker training course on how to write and use exploits. - http://www.infosecinstitute.com/courses/ethical_hacking_training.html
Phenoelit - Custom built network tools designed to take advantage of the exploits within many network hardware systems. Also the home of the k0ld LDAP brute force utility. A must have for many professional penetration testers. - http://phenoelit.de/fr/tools.html
Security Tracker - Archive of exploits and security advisories - http://www.securitytracker.com
PacketStorm Security - Packet Storm is a non-profit organization comprising computer security professionals that are dedicated to providing the information necessary to secure the networks world-wide. It publishes new security information on a global network of websites. The or - http://www.packetstormsecurity.org/
Metasploit Project - The Metasploit Project is an open source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool - http://metasploit.org
malware.com - A group that develops as well as discloses software exploits on many of the security mailing lists. Mainly specializing with Microsoft Office and Internet Explorer Vulnerabilitys. - http://www.malware.com/
Fyodor's Exploit World - A large and descriptive exploit archive organized by affected operating systems. - http://insecure.org/sploits.html