Sometimes people ask if there are exploits or the latest offensive techniques in TeamMentor. The short answer is no. It doesn’t seem like an appropriate place for that type of information, because the focus is on preventing vulnerabilities. Preventing vulnerabilities makes exploits and offensive techniques irrelevant.
There may be some value to describing some attack scenarios so that people understand the threats better and how to defend from them, but it’s not necessary to describe any specific exploits or techniques to do that.
There is a strange appeal to talking about exploits and attack techniques; for some reason these things tend to draw a lot of attention. In practice, they are actually very simple, especially for web application.
Information about tools is another popular request. Generally speaking, preventing vulnerabilities is not accomplished by tools, but rather by following simple and proven methods during application development. Carrying out attacks often involves tools, but often custom tools and exploits have to be developed, so again focusing strictly on the existing and mature tools isn’t very practical.
There is clearly demand for information about active threats and a blog seems like a more appropriate medium for it than TeamMentor. TeamMentor is focused on enduring principles and preventative/remediation/compliance solutions. A blog is more appropriate for time-sensitive, rapidly changing, and specific information.