Red Team Guide: Search Exploits (WIP)

Published Apr 5, 2022



Note: This article is a work in progress.

Once you know which services are running, and maybe their version, you have to search for known vulnerabilities. If there isn't any fancy exploit for any running service, you should look for common misconfigurations in each service running.


Always search in google or others: <service_name> [version] exploit

You should also try the shodan exploit search from


Useful to search exploits for services in exploitdb from the console.

# Searchsploit tricks
searchsploit "linux Kernel" #Example
searchsploit apache mod_ssl #Other example
searchsploit -m 7618 #Paste the exploit in current directory
searchsploit -p 7618[.c] #Show complete path
searchsploit -x 7618[.c] #Open vi to inspect the exploit
searchsploit --nmap file.xml #Search vulns inside an nmap xml result


Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability Database, etc.

PacketStorm is an information security website offering current and historical computer security tools, exploits, and security advisories. It is operated by a group of security enthusiasts that publish new security information and offer tools for educational and testing purposes.

Vulners is a security database containing descriptions for a large amount of software vulnerabilities in a machine-readable format. Cross-references between bulletins and continuously updating database keep you abreast of the latest security threats.

Sploitus is a convenient central place for identifying the newest exploits and finding attacks that exploit known vulnerabilities.