hacktricks/src/generic-hacking/search-exploits.md

# Search Exploits

{{#include ../banners/hacktricks-training.md}}

### Browser

Always search in "google" or others: **\<service_name> \[version] exploit**

You should also try the **shodan** **exploit search** from [https://exploits.shodan.io/](https://exploits.shodan.io).

### Searchsploit

Useful to search exploits for services in **exploitdb from the console.**

```bash
#Searchsploit tricks
searchsploit "linux Kernel" #Example
searchsploit apache mod_ssl #Other example
searchsploit -m 7618 #Paste the exploit in current directory
searchsploit -p 7618[.c] #Show complete path
searchsploit -x 7618[.c] #Open vi to inspect the exploit
searchsploit --nmap file.xml #Search vulns inside an nmap xml result
```

### Pompem

[https://github.com/rfunix/Pompem](https://github.com/rfunix/Pompem) is another tool to search for exploits

### MSF-Search

```bash
msf> search platform:windows port:135 target:XP type:exploit
```

### PacketStorm

If nothing is found, try to search the used technology inside [https://packetstormsecurity.com/](https://packetstormsecurity.com)

### Vulners

You can also search in vulners database: [https://vulners.com/](https://vulners.com)

### Sploitus

This searches for exploits in other databases: [https://sploitus.com/](https://sploitus.com)

### Sploitify

GTFOBins-like curated list of exploits with filters by vulnerability type (Local Privilege Escalation, Remote Code execution, etc), service type (Web, SMB, SSH, RDP, etc), OS and practice labs (links to machines where you can play with sploits): [https://sploitify.haxx.it](https://sploitify.haxx.it)

### search_vulns

search_vulns enables you to search for known vulnerabilities and exploits as well: [**https://search-vulns.com/**](https://search-vulns.com/). It utilizes various data sources like the NVD, the Exploit-DB, PoC-in-GitHub, the GitHub Security Advisory database and endoflife.date.


{{#include ../banners/hacktricks-training.md}}