5 KiB
Search Exploits
{% hint style="success" %}
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Use Trickest to easily build and automate workflows powered by the world's most advanced community tools.
Get Access Today:
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=search-exploits" %}
Browser
Daima tafuta katika "google" au nyingine: <service_name> [version] exploit
Unapaswa pia kujaribu shodan exploit search kutoka https://exploits.shodan.io/.
Searchsploit
Inafaida kutafuta exploits kwa huduma katika exploitdb kutoka kwenye console.
#Searchsploit tricks
searchsploit "linux Kernel" #Example
searchsploit apache mod_ssl #Other example
searchsploit -m 7618 #Paste the exploit in current directory
searchsploit -p 7618[.c] #Show complete path
searchsploit -x 7618[.c] #Open vi to inspect the exploit
searchsploit --nmap file.xml #Search vulns inside an nmap xml result
Pompem
https://github.com/rfunix/Pompem ni chombo kingine cha kutafuta exploits
MSF-Search
msf> search platform:windows port:135 target:XP type:exploit
PacketStorm
Ikiwa hakuna kitu kinachopatikana, jaribu kutafuta teknolojia iliyotumika ndani ya https://packetstormsecurity.com/
Vulners
Unaweza pia kutafuta katika hifadhidata ya vulners: https://vulners.com/
Sploitus
Hii inatafuta exploits katika hifadhidata nyingine: https://sploitus.com/
Sploitify
Orodha iliyochaguliwa kama GTFOBins ya exploits yenye vichujio kwa aina ya udhaifu (Local Privilege Escalation, Remote Code execution, nk), aina ya huduma (Web, SMB, SSH, RDP, nk), OS na maabara za mazoezi (viungo kwa mashine ambapo unaweza kucheza na sploits): https://sploitify.haxx.it
search_vulns
search_vulns inakuwezesha kutafuta udhaifu na exploits zinazojulikana pia: https://search-vulns.com/. Inatumia vyanzo mbalimbali vya data kama NVD, Exploit-DB, PoC-in-GitHub, hifadhidata ya Usalama ya GitHub na endoflife.date.
Tumia Trickest kujenga na kuandaa kazi kwa urahisi zinazotolewa na zana za jamii za kisasa zaidi duniani.
Pata Ufikiaji Leo:
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=search-exploits" %}
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Angalia mpango wa usajili!
- Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
- Shiriki hila za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.