2. Offline Exploit Resources

Exploit Frameworks:

• Metasploit
  • Owned by: Rapid7
  • Free and paid
• Core Impact
  • Owned by: HelpSystems
  • Paid
• Canvas
  • Owned by: Immunity
  • Paid
• Browser Exploitation Framwork (BeEF)
  • Focused on client-side attacks in web browsers

SearchSploit

Local copy of Exploit-DB on kali:
/usr/share/exploitdb

Use 'searchsploit' to search through archive
-m flag to copy found exploit to working directory
-x flag to examine the found exploit

==========
 Examples 
==========
  searchsploit afd windows local
  searchsploit -t oracle windows
  searchsploit -p 39446
  searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
  searchsploit -s Apache Struts 2.0.0
  searchsploit linux reverse password
  searchsploit -j 55555 | json_pp

Nmap NSE Scripts

/usr/share/nmap/scripts

• Combine with grep
• --script-help= option to examine script