Known vulnerabilities


This step ends the reconnaissance phase. The previous steps were aimed at gaining knowledge about the attack surface

Known vulnerabilities may then be identified depending on these information.


Known vulnerabilities can be found from the following resources

# search exploits for a technology
searchsploit $technology

# Read an exploit
searchsploit -x $exploit_path

# Copy an exploit to the current directory
searchsploit -m $exploit_path

# Update the searchsploit database
searchsploit -u

When a vulnerability is found, one can research a Proof-Of-Concept (PoC) to try at exploiting the vulnerability. Most public PoCs can be found on GitHub.

Last updated