Skip to content

Exploit Searching

Exploit Searching

  • locally, using searchsploit : 

    searchsploit --nmap nmap.xml
searchsploit product version
searchsploit -m 9999
searchsploit -x 9999

  • using google

    • only product / service
    • product/service version number
    • add keywords such as exploit, pentesting, cve, github
  • using github : https://grep.app/
  • using the CVE number : https://nvd.nist.gov/vuln/search
  • using shodan : https://exploits.shodan.io/
  • using exploit db : https://www.exploit-db.com/
  • using packetstorm : https://packetstormsecurity.com/
  • using vulners : https://vulners.com/
  • using sploitus : https://sploitus.com/

Version identification

Google the version of the service, it could help identify the OS version as well.

nc -nv <target> <port>