[ambiate]

15 years ago, that standard set used to be wget something from packetstormsecurity.org. If no wget: curl it. If no curl: just lynx it. else: move on to the next vulnerable server. Script kiddies were quite lazy back then. I feel old at thirty.

[x0]

Hasn't changed for the most part. Though it's either exploit db, some creepy looking .pw site you've never heard of, and once or twice, the zips that github provides. And sometimes they'll just scp their stuff onto the box.