Maybe, maybe not. If you are paranoid enough to have this attack in your toolbelt, how paranoid are you that your victim will be watching his traffic and/or request logs? If you have that kind of inside knowledge about your target you probably wouldn't need a tool like this.
For fun and for research purposes, in the past I've set up SSL dumps that just log all the TLS commands and sort them by frequency. The ones at the top and at the bottom of the list were the most interesting.
Exploit hording is counter-productive. Exploits only have value when used, they have no defensive or other value. Their half-life is not in your control, at any time they can stop being usable. Therefore the best course of action when you get an exploit is to use it whenever you can until it gets fixed.
This isn't true in the home videogame console scene. I know for a fact in the Sony PSP hacking scene, the main hackers had a handful of kernel exploits but are very careful about using them since SONY usually released patched firmware less than 48hrs after the exploit is public.
They hope exploits carry forward into newer firmwares so that they can use them to find newer exploits introduced in that firmware so when they use the previous exploits, they can use the news ones when SONY patches the older and explore what SONY did to fix it; learn more about how SONY's devs think.
There are limited circumstances when hording them might make sense; rumors are that there's been hording of XP vulnerabilities in anticipation of the support period ending, as using them pre-support might have meant that MS would have patched them, whereas saving them would presumably keep them unpatched forever.
But yes, generally you're right, and this circumstance is obviously different from that one.
For fun and for research purposes, in the past I've set up SSL dumps that just log all the TLS commands and sort them by frequency. The ones at the top and at the bottom of the list were the most interesting.