This is a very interesting article from
Microsoft Research that describes a method they use(d) to find web sites that exploit browser vulnerabilities, including zero-day exploits. It is called "
Automated Web Patrol with Strider HoneyMonkeys". This reminds me of the
Windows Honeypots book I read, as the researchers are cleverly using multiple virtual machine images with various patch levels plus known exploit signatures and other methods to find the exploits.
