Exploit Research

Top Resources

  • https://attackerkb.com/

  • https://ippsec.rocks/?#

  • Google the service and add exploit to the end!!!

Search services vulnerabilities

searchsploit --exclude=dos -t apache 2.2.3
msfconsole; > search apache 2.2.3

CVE Database

https://cve.mitre.org/cve/search_cve_list.html

National Vulnerability Database (NVD)

  • U.S. Government Repository of standards based vulnerability management data represented using the Security Content Automation Protocol.

https://mvd.mist.gov/
https://nvd.nist.gov/general/visualizations

  • To show a visualization of CVSS’s Severity over time.

https://nvd.nist.gov/vuln/data-feeds

CVE Details

https://www.cvedetails.com

Exploit Database

  • Search by CVE and OSVDB identifier.

https://www.exploit-db.com

Searchsploit by Exploit-db

  • Offline source for finding vulnerabilities and exploits.

  • To update the database:

searchsploit -u
searchsploit 
searchsploit [key word or service/service version]

  • Copy a searchsploit result to your present working directory

searchsploit -m 39446 win_x86-64/local/39525.py

  • Alternative copy method

locate 35513.py 
cp /usr/share/exploitdb/platforms/linux/remote/35513.py /root/Desktop/35513.py

  • Exclude certain results like DOS or POC

searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"

  • Can print the file for an exploit

cat /usr/share/exploitdb/exploits/linux/remote/16922.rb

  • Exact match to your keyword input

searchsploit -e

  • Always start with specific and move to more general

Working with exploits

  • Shebang

Python #!/usr/bin/python
Bash #!/bin/bash
Bourne shell #!/bin/sh
Perl #!/usr/bin/perl
Previousrecon-enumerationNextPentesting DNS

Last updated