Exploiting Vulnerabilities | Ethical Hacking | TechnoGb
Exploitation is the process of getting into the target system with the help of some known vulnerabilities in the target system or the target server, there are many places where you can find pre-listed vulnerabilities of almost all types of systems and if you can’t find there then there are many vulnerabilities detecting tools such as Metasploit, Nessus, OpenVAS, Google Exploit Database etc.
Here I am going to discuss some of the best vulnerability detecting tools:
- GOOGLE EXPLOIT DATABASE:
Google Exploit Database is the Goldmine of Vulnerabilities of all types of systems and servers over the internet, you can find almost everything here but only thing required here for finding the correct vulnerabilities is “an Eagle Eye” (Right set of Knowledge). You can find Google Dorks at https://www.expolit-db.com
This is the Screenshot of Google Dorks like I said it is a gold mine of vulnerabilities, here you can find all kinds of exploits such as Remote Exploits, web Application Exploits, Local and Privilege Exclation Exploits, Denial of Service & Proof of concept Exploits, Exploits Shellcode Archive, Archived Security Papers and many more exploits which we can’t imagine also.
- NATIONAL DATABASE OF VULNERABILITIES:
National Vulnerabilities Database also called as NVD is the online Vulnerabilities Search Engine launched by government of United States of America(USA) to list all the Vulnerabilities and misconfiguration of security products and tools present out three, the main purpose of listing this was to make all the citizens aware of the vulnerabilities of security tools and products they are using so that they can protect themselves by upgrading it.
You can visit https://nvd.nist.gov for NVD(National Vulnerabilities Database).
- METASPLOIT FRAMEWORK:
Metasploit Framework is the world’s most used software, it is one of the powerful tool available to scan the vulnerabilities and exploit the system, it has Exploits of almost everything.
You can download Metasploit Framework from http://www.metasploit.com/
It comes pre-installed with Kali Linux Operating System and can run on Windows Operating System also.
- COMMON VULNERABILITY AND EXPOSURES (CVE):
Common Vulnerability and Exposures is a dictionary of common names for all the publicly known cybersecurity vulnerabilities. CVE is one standardized description of each vulnerability or Exposures. The best part of CVE is that it is free for common public download and use.
- NESSUS VULNERABILITY SCANNER:
Nessus Vulnerability scanner is an online tool for scanning the Vulnerabilities on any system or any of the server. It has a very friendly user interface and performs assessments with some of the most widely deployed vulnerability scanners, it runs the comprehensive vulnerability management across any system or any server, it has some of the most advanced vulnerability scanning tools to scan any system or any server such as Advanced scan, Audit cloud infrastructure, Badlock Detection, Bash Shell lock Detection, Basic network Scanner,
Wanna Cry Ransomware Scanner, Malware Scan etc. You can find Nessus at http://nessus.org
- OPEN VAS VULNERABILITY SCANNER:
Open VAS Vulnerability Scanner is Known as the world’s most advanced vulnerability scanner and manager, it offers many tools for comprehensive and powerful vulnerability scanning and vulnerability management solution. All the software which are present in the OpenVAS vulnerability scanner is free software.
This was all about the Exploiting Vulnerabilities in Ethical Hacking, If you are facing any problem in this topic then I Strongly recommend you to first go through the below-mentioned articles sequence wise so, that you can easily grasp the concept very easily:
- Introduction to Ethical Hacking.
- Footprinting – First Step of Ethical Hacking.
- Reconnaissance – Information Gathering – Second Step of Ethical Hacking.
- Enumeration – Third Step of Ethical Hacking.
- Exploiting Vulnerabilities
After reading all these topics still you face any difficulties then please mention it in the Discussion Box below, I will answer all your questions.