Once all the useful information are gathered, it's time to find possible vulnerabilities associated with the components we found.
Searching exploits with searchsploit.
Two interesting commands related to searchsploit:
# Check what is inside a payloadsearchsploit -x $payload_name.txt# Update the searchsploit databasesearchsploit -u
When a vulnerability is found, one can research a Proof-Of-Concept (POC) on the internet and more precisely, on GitHub.