Linux Exploit Suggester Logo

Linux Exploit Suggester

0
Free
Visit Website

Linux Exploit Suggester; based on operating system release number. This program run without arguments will perform a 'uname -r' to grab the Linux Operating Systems release version, and return a suggestive list of possible exploits. Nothing fancy, so a patched/back-ported patch may fool this script. Additionally possible to provide '-k' flag to manually enter the Kernel Version/Operating System Release Version. This script has been extremely useful on site and in exams. Now Open-sourced under GPLv2. Sample Output $ perl ./Linux_Exploit_Suggester.pl -k 3.0.0 Kernel local: 3.0.0 Possible Exploits: [+] semtex CVE-2013-2094 Source: www.exploit-db.com/download/25444/‎ [+] memodipper CVE-2012-0056 Source: http://www.exploit-db.com/exploits/18411/ [+] perf_swevent CVE-2013-2094 Source: http://www.exploit-db.com/download/26131 $ perl ./Linux_Exploit_Suggester.pl -k 2.6.28 Kernel local: 2.6.28 Possible Exploits: [+] sock_sendpage2 Alt: proto_ops CVE-2009-2692 Source: http://www.exploit-db.com/exploits/9436 [+] half_nelson3 Alt: econet CVE-2010-4073 Source: http://www.exploit-db.com/exploits/17787/ [+] reiserfs CVE-2010-1146 Source: http://www.exploit-db.com/exploits/1

FEATURES

ALTERNATIVES

A community effort to compile security advisories for Ruby libraries with a detailed directory structure.

Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.

Advanced email reconnaissance tool leveraging public data.

LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.

SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.

Amass by OWASP performs comprehensive attack surface mapping and asset discovery.

An open source project for static analysis of vulnerabilities in application containers

An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.