Searching for vulnerabilities with Pompem
In this section, we’ll look at how to find vulnerabilities with other tools like Pompem. Since it is impossible to be always up to date with all the vulnerabilities and exploits that have been discovered for the main systems and servers, there are large databases responsible for recording all these security flaws so that anyone can consult them. These databases are usually open source. For this reason, there are tools designed to help us perform queries in these databases with greater convenience.
Pompem (https://github.com/rfunix/Pompem) is one of the most complete tools we can find today to search for vulnerabilities and exploits for all types of platforms and servers. This tool, developed in Python, automatically searches for all kinds of vulnerabilities and exploits in the most important databases, such as, for example:
- PacketStorm
- CXSecurity
- ZeroDay
- Vulners
- NVD
- WPScan Vulnerability Database...