Known vulnerabilities

Theory

This step ends the reconnaissance phase. The previous steps were aimed at gaining knowledge about the attack surface

• Web server

• JavaScript Frameworks

• and other technologies

Known vulnerabilities may then be identified depending on these information.

Practice

Known vulnerabilities can be found from the following resources

• : an online exploit database

• is a command-line utility that allows to do offline searches through the exploit-db

• , and are online CVE (Common Vulnerabilities and Exposures) searches

# search exploits for a technology
searchsploit $technology

# Read an exploit
searchsploit -x $exploit_path

# Copy an exploit to the current directory
searchsploit -m $exploit_path

# Update the searchsploit database
searchsploit -u