제목 : SearchSploit Guide | Finding Exploits | Kali Linux

내용 :

SearchSploit 툴에 대한 시연 영상입니다.

Description :

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits, shellcode and papers gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and Proof-of-Concepts rather than advisories, making it a valuable resource for those who need actionable data right away. You can learn more about the project here (Top Right -> About Exploit-DB) and here (History).

Infomation :

Install

SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash, sed, grep, awk, etc.) for the core features to work. The self updating function will require git, and for the Nmap XML option to work, will require xmllint (found in the libxml2-utils package in Debian-based systems).

You can find a more in-depth guide in the SearchSploit manual.

Kali Linux

Exploit-DB/SearchSploit is already packaged inside of Kali-Linux. A method of installation is:

Copy

kali@kali:~$ sudo apt -y install exploitdb

NOTE: Optional is to install the additional packages:

Copy

kali@kali:~$ sudo apt -y install exploitdb-bin-sploits exploitdb-papers

Git

In short: clone the repository, add the binary into $PATH, and edit the config file to reflect the git path:

Copy

$ sudo git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb
$ sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit