yeah a good site to use when you're trying to find suiting exploits / flaws in a server / site.
well first of open up 2x firefox windows.
just go ahead and start up google in one of them.
in the second window go ahead and go to www.who.is .
im going to check out The Pirate bay.

so i just type in
www.thepiratebay.com and press "Who.Is search" .

here's the info i got out from it.

---------------------------------------------------------


Domain Name: thepiratebay.com

Status: clientDeleteProhibited, clientTransferProhibited

Registrar: KEY-SYSTEMS GMBH
Whois Server: whois.rrpproxy.net
Referral URL: http://www.key-systems.net

Expiration Date: 2010-07-02
Creation Date: 2004-07-02
Last Update Date: 2007-05-07

Name Servers:
ns0.thepiratebay.org
ns1.thepiratebay.org
ns2.thepiratebay.org
ns3.thepiratebay.org

abit about their dns's , servers etc.

------------------------------------
usefull info:

IP Address: 83.140.176.200
IP Location: Sweden
Website Status: active
Server Type: lighttpd
Alexa Trend/Rank: 1 Month: 397,083 3 Month: 239,463
Page Views per Visit: 1 Month: 1.0 3 Month: 1.0
Cache Date: 2008-11-19 06:05:12 MST
Compare Archived Data: 2007-05-11


looks like a pile of shit , right ? well its not.

one thing i want you to always double check is the "Server Type"
to make sure you get the right name.

go ahead and tab over to google.
in this case piratebay is using a server based on lighttpd.

so lets search for "Lighthttpd exploits" on google.

and there we go a huge list of exploits for "lighthttpd" based webservers.

for example -
www.milw0rm.com/exploits/4437
www.securityfocus.com/bid/23515
securityreason.com/securityalert/3127

from there on you're on your own =).

just a bit of help.

those exploits listed might be outdated, didnt try em so .
ne'ways good luck, hope it helped.

now that is the definition of a skiddie

but at least you are not scanning for servers with a known vuln

you mean thepiratebay.org? not .com

hahahahahahaha!!!!