Some awesome links there. Thanks!

Hi,
Ive found the following sites invaluable when doing information gathering and thought id share:

Web site information:
http://www.archive.org/
http://whois.domaintools.com/

Personal information:
http://www.pipl.com/
http://www.192.com/ (UK only)
http://www.123people.co.uk/ (UK only)
http://postcode.royalmail.com/ (UK only)

Company information:
http://www.companieshouse.gov.uk/ (UK Only)

Social networks:
http://www.linkedin.com/
http://www.facebook.com/
http://www.twitter.com/

Any others that should be in my list? (apart from google of course)

Milw0rm will have most of the exploits in their original format (as Ketchup already mentioned):
MS07-065 - http://milw0rm.com/exploits/4745

Ahhh... that makes more sense. Damn uni giving me misinformation!

Dont forget the SecurityTubeCon! 

http://securitytubecon.org/cfp.html

I also thought that however from what Ive heard honeypots are illegal in the UK as it is seen as entrapment.

And a google search of the IP seems to indicate that its the one they use:
http://wblinks.com/notes/number-10-goes-web-2

I had a look at the number10.gov.uk robots.txt file yesterday and to my surprise they were exposing their Class A private IP address.

However I also noticed that their robots.txt file was not a file at all and instead was a directory named /robots.txt/. So the contents of that directory when you visit it must be served from another file, i.e. /robots.txt/somefile.php

Here is the URL:
http://www.number10.gov.uk/robots.txt/

Seems they have spent a lot of time on their robots.txt 'file'. They couldn't possibly leave the IP there on accident, or could they?

Works on local machine too. Time to BSOD my girlfriend all night! 

Id like to be involved too!  I would be interested in wrtting a few topics. What kind of book are you guys looking at writting? A general ethical hacking/penetration testing book?

A good idea would be to use an online colaboration revision type application for the writting. (Google docs?)

A good start would be to come up with a list of the people involved, a tittle and a list of topics you would like to include.

SQL Inject Me and XSS Me by security compass are good addons. You can add your own payloads too.

EDIT--

Just noticed you already had them on your list. 

Im still waiting on a reply from pdp (the author) about this. Will get back to you when he gets back to me.

@Jhaddix

Are you writting a tutorial/blog post on this? I would love to have a read if so.

Dont forget Maltego! 

I think you can increase the alocated memory size in PHP.ini. Probably best to find a better solution tho.

Your right! 

I was pointing WEBSECURIFY to http://127.0.0.1/dvwa instead of http://127.0.0.1. Once I moved everyhting else off my webserver and pointed it to http://127.0.0.1 it scans eveything.

I'll do some further testing and see if I can get it to recognise the security level cookie.