Linux Exploit Suggester
Linux Exploit Suggester; based on operating system release number. This program run without arguments will perform a 'uname -r' to grab the Linux Operating Systems release version, and return a suggestive list of possible exploits. Nothing fancy, so a patched/back-ported patch may fool this script. Additionally possible to provide '-k' flag to manually enter the Kernel Version/Operating System Release Version. This script has been extremely useful on site and in exams. Now Open-sourced under GPLv2. Sample Output $ perl ./Linux_Exploit_Suggester.pl -k 3.0.0 Kernel local: 3.0.0 Possible Exploits: [+] semtex CVE-2013-2094 Source: www.exploit-db.com/download/25444/ [+] memodipper CVE-2012-0056 Source: http://www.exploit-db.com/exploits/18411/ [+] perf_swevent CVE-2013-2094 Source: http://www.exploit-db.com/download/26131 $ perl ./Linux_Exploit_Suggester.pl -k 2.6.28 Kernel local: 2.6.28 Possible Exploits: [+] sock_sendpage2 Alt: proto_ops CVE-2009-2692 Source: http://www.exploit-db.com/exploits/9436 [+] half_nelson3 Alt: econet CVE-2010-4073 Source: http://www.exploit-db.com/exploits/17787/ [+] reiserfs CVE-2010-1146 Source: http://www.exploit-db.com/exploits/1
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.