hacktricks/generic-methodologies-and-resources/search-exploits.md
2024-12-12 11:39:29 +01:00

4.9 KiB

Search Exploits

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}


Use Trickest to easily build and automate workflows powered by the world's most advanced community tools.
Get Access Today:

{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=search-exploits" %}

Browser

Always search in "google" or others: <service_name> [version] exploit

You should also try the shodan exploit search from https://exploits.shodan.io/.

Searchsploit

Useful to search exploits for services in exploitdb from the console.

#Searchsploit tricks
searchsploit "linux Kernel" #Example
searchsploit apache mod_ssl #Other example
searchsploit -m 7618 #Paste the exploit in current directory
searchsploit -p 7618[.c] #Show complete path
searchsploit -x 7618[.c] #Open vi to inspect the exploit
searchsploit --nmap file.xml #Search vulns inside an nmap xml result

Pompem

https://github.com/rfunix/Pompem is another tool to search for exploits

msf> search platform:windows port:135 target:XP type:exploit

PacketStorm

If nothing is found, try to search the used technology inside https://packetstormsecurity.com/

Vulners

You can also search in vulners database: https://vulners.com/

Sploitus

This searches for exploits in other databases: https://sploitus.com/

Sploitify

GTFOBins-like curated list of exploits with filters by vulnerability type (Local Privilege Escalation, Remote Code execution, etc), service type (Web, SMB, SSH, RDP, etc), OS and practice labs (links to machines where you can play with sploits): https://sploitify.haxx.it

search_vulns

search_vulns enables you to search for known vulnerabilities and exploits as well: https://search-vulns.com/. It utilizes various data sources like the NVD, the Exploit-DB, PoC-in-GitHub, the GitHub Security Advisory database and endoflife.date.


Use Trickest to easily build and automate workflows powered by the world's most advanced community tools.
Get Access Today:

{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=search-exploits" %}

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}