Linux Soft Exploit Suggester Logo

Linux Soft Exploit Suggester

0
Free
Visit Website

Script to find exploits for all vulnerable software on the system, targeting software packages rather than just kernel vulnerabilities. It uses the exploit database to assess the security of packages and search for exploits to help with privilege escalation. Usage: - Download: wget https://raw.githubusercontent.com/belane/linux-soft-exploit-suggester/master/linux-soft-exploit-suggester.py - Basic use: Downloads the exploit database, generates a list of packages, and searches for exploits: python linux-soft-exploit-suggester.py - Run from a list of packages from another system if you can't run from the target: - Debian/Ubuntu: dpkg -l > package_list - RedHat/CentOS: rpm -qa > package_list - Update exploit database: python linux-soft-exploit-suggester.py --update - Look for exploits for running processes, setuid binaries, and Linux capabilities: python linux-soft-exploit-suggester.py --juicy - Filter exploits by local exploit type and minor versions: python linux-soft-exploit-suggester.py --level 2 --type local Example Output: python linux-soft-exploit-suggester.py --file packages --db files_exploits.csv

FEATURES

ALTERNATIVES

HTTP parameter discovery suite

A tool that checks for hijackable packages in NPM and Python Pypi registries

Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.

Open source security auditing tool to search and dump system configuration.

A tool for detecting and preventing secrets in code

A vulnerable web site for testing Sentinel features

Deliberately vulnerable web application for security professionals to practice attack techniques.

A vulnerability assessment and management tool that uses patented technology to accurately identify vulnerabilities and prioritize them by risk.