exploitdatabase

1. Tools for exploit Searches:
2.  
3. searchsploit
4.  
5. Bugtraq (http://www.securityfocus.com/bid)
6. Security Focus’s BugTraq is an excellent source for finding vulnerabilities and exploits. You can search vulnerabilities by CVEs or by vendor/product types at: http://www.securityfocus.com/bid.
7. In the example below, I was looking for some Adobe ColdFusion exploits and seemed to have found quite a few.
8.  
9. Exploit-db (http://www.exploit-db.com/)
10. This site has definitely grown and I really see this site as the replacement of the good ol' milw0rm. Many researches will post their exploits and research to Exploit-DB, which is completely searchable. I recommend that you spend some time on Exploit-DB as it is a great resource.
11.  
12. Core Impact (http://www.coresecurity.com/core-impact-pro)
13. The last commercial tool I want to discuss is Core Impact. Core is probably one of the most expensive tools you can have in your offensive testing bag, but it is worth the price. Core Impact allows for easy automation of exploitation and is said to have 25% more unique Common Vulnerability Exploits (CVE) versus its competitors.
14. For those who are really looking for a more automated visual approach, Core Impact is for you. It is an all-in-one tool to attack web, network, mobile, client and even wireless. Remember the good old days of auto-pwn? Well, Core has taken this to another level. With a click of a button, it is able to scan, compromise, take hashes/passwords, persistence and more.