Search Exploits

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Use Trickest to easily build and automate workflows powered by the world's most advanced community tools. Get Access Today:

Browser

Daima tafuta katika "google" au nyingine: <service_name> [version] exploit

Unapaswa pia kujaribu shodan exploit search kutoka https://exploits.shodan.io/.

Searchsploit

Inafaida kutafuta exploits kwa huduma katika exploitdb kutoka kwenye console.

#Searchsploit tricks
searchsploit "linux Kernel" #Example
searchsploit apache mod_ssl #Other example
searchsploit -m 7618 #Paste the exploit in current directory
searchsploit -p 7618[.c] #Show complete path
searchsploit -x 7618[.c] #Open vi to inspect the exploit
searchsploit --nmap file.xml #Search vulns inside an nmap xml result

Pompem

https://github.com/rfunix/Pompem ni chombo kingine cha kutafuta exploits

MSF-Search

msf> search platform:windows port:135 target:XP type:exploit

PacketStorm

Ikiwa hakuna kitu kinachopatikana, jaribu kutafuta teknolojia iliyotumika ndani ya https://packetstormsecurity.com/

Vulners

Unaweza pia kutafuta katika hifadhidata ya vulners: https://vulners.com/

Sploitus

Hii inatafuta exploits katika hifadhidata nyingine: https://sploitus.com/

Sploitify

Orodha iliyochaguliwa kama GTFOBins ya exploits yenye vichujio kwa aina ya udhaifu (Local Privilege Escalation, Remote Code execution, nk), aina ya huduma (Web, SMB, SSH, RDP, nk), OS na maabara za mazoezi (viungo kwa mashine ambapo unaweza kucheza na sploits): https://sploitify.haxx.it

search_vulns

search_vulns inakuwezesha kutafuta udhaifu na exploits zinazojulikana pia: https://search-vulns.com/. Inatumia vyanzo mbalimbali vya data kama NVD, Exploit-DB, PoC-in-GitHub, hifadhidata ya Usalama ya GitHub na endoflife.date.

Tumia Trickest kujenga na kuandaa kazi kwa urahisi zinazotolewa na zana za jamii za kisasa zaidi duniani. Pata Ufikiaji Leo:

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki hila za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousThreat Modeling NextReverse Shells (Linux, Windows, MSFVenom)

Last updated 2 months ago