In this post, you will learn what is searchsploit and how does it work and also you will be learning the commands, by end of this post you will be a pro in using this tool. And below is the video format of the post. Check it ????
What is searchsploit
Searchsploit is a tool available for Linux, mac, win. Using this tool we can gather the CVE exploits from the exploit-db and this is a very much popular tool if you are in redteam and I personally every day I use this amazing tool ????
Also Read: A full tutorial on Nikto from scratch
Who developed the searchsploit tool
The tool was said that created by these guys, yes it is from the exploit-db, where all the CVE are available, maybe mostly
To install the exploit db in Linux enter this command
sudo apt update && sudo apt -y install exploitdb
Installing searchsploit in mac
brew update && brew install exploitdb
Useful commands in searchsploit
- -c, –case Perform a case-sensitive search
- -e, –exact Perform an EXACT & order match on exploit title
- -s, –strict Perform a strict search
- -t, –title Search JUST the exploit title
- -j, –json Show result in JSON format
- -v, –verbose Display more information in the output
How to use the searchsploit tool ❓
Just follow the below example and I am sure that by end of this post you will be pro-working in this searchsploit tool.
Basic search in searchsploit, just enters the target exploit you wanna enter
searchsploit samba 2.2
Searching for the only title exploit
searchsploit -t redhat
Exclude a specific result
searchsploit redhat --exclude="(PoC)|/dos/"
Let’s enter -p in this command so, we can find the particular exploit path
searchsploit -p 399
Doing a strict scan
searchsploit -s samba 2.2
Hey finally you are at summary, I hope you read the blog post fully. According to my knowledge, this is an awesome tool and everyone needs to work with it. Just go and give try and signing off your moulik
Also Read: Angry IP, te fastest network mapping tool