Open In App

Finding Exploit offline using Searchsploit in Kali Linux

Last Updated : 24 Dec, 2020
Improve
Improve
Like Article
Like
Save
Share
Report

SearchSploit is a command-line search tool for Exploit-DB that allows you to take a copy of the Exploit Database with you. Searchsploit is included in the Exploit Database repository on GitHub. SearchSploit is very useful for security assessments when you don’t have Internet access because it gives you the power to perform detailed offline searches for exploits in the saved Exploit-DB.

Installing SearchSploit – To run SearchSploit in Kali Linux, open the terminal and type “searchsploit” to run SearchSploit as “exploitdb” package is already included in Kali Linux. However, if you are using the Kali Light variant or your custom-build ISO then you can install SearchSploit manually using the below-mentioned command.

sudo apt update && sudo apt -y install exploitdb

searchsploitinstall

Updating SearchSploit:  In order to update SearchSploit, run the following command:

searchsploit -u

searchsploitupdate

Using SearchSploit: 

1. Basic Search – You can add any number of search terms you wish to look for. In the below image, we are searching for exploits containing the term “oracle” and “windows”.

basic search in searchsploit

In case you need help just type “searchsploit -h” in the terminal. By using -h, you can see all the options and features that are available to you:

searchsploit help

2. Title Searching in SearchSploit: If you are performing Basic Search, searchsploit will check for both the path and the title of the exploit. Searches can be restricted to the titles by using the -t option as follows:

Title Searching in SearchSploit:

In the above search, we are looking for the exploits related to Oracle based on Windows OS. 

3. Copying Exploit to Clipboard and Directory: If you want to copy the exploit to clipboard use ‘-p’. For example – ” searchsploit -p XYZ ” , here XYZ is the exploit ID. If you want to copy the exploit in your current working directory use ‘-m’. For example – ” searchsploit -m XYZ “, where XYZ is the exploit ID.

Copying Exploit to Clipboard and Directory

4. Examine an Exploit: If you want to examine an exploit or want to study an exploit, use ‘–examine’. For example – “searchsploit XYZ –examine” , where XYZ is the exploit ID.

Examine an Exploit

5. Eliminate Unwanted Results: If you want to eliminate unwanted results from your search simply use ‘–exclude’. You can also remove multiple terms by separating the terms with a “|” (pipe). For example – searchsploit –exclude “PoC”.


Like Article
Suggest improvement
Previous
How to Create Ubuntu Live USB in Windows?
Next
HISTTIMEFORMAT variable in Linux with Example
Share your thoughts in the comments

Similar Reads

Kali-Whoami - Stay anonymous on Kali Linux
XanXSS - Simple XSS Finding Tool in Kali Linux
Pompem - Exploit and Vulnerability Finder
Badmod - CMS auto detect and exploit
WhatCMS - CMS Detection and Exploit Kit
Difference Between Arch Linux and Kali Linux
How to Hack WPA/WPA2 WiFi Using Kali Linux?
Getting into Android OS remotely using Kali Linux
Making a Port-Scanner in Kali Linux Terminal Using Python
How to trace IP in Kali Linux using IP-Tracer Tool
author
lalitmohantiwari7700
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox