Using public exploits
Every attack always has eyes out, looking for public exploits and modifying them according to their requirements. The latest exploit was on April 14, 2017, that is, EternalBlue, which rocked the entire internet world, thus creating an awareness of what ransomware malware is all about. However, in this section, we will take a deep dive into utilizing the known available exploit forums and also how we can onboard them into our Kali Linux system.
Â
Locating and verifying publicly available exploits
Many a time, penetration testers find a zero-day exploit during their tests, which they normally inform the company of. However, in the real case of attackers, any vulnerabilities that are found will be made into an exploit, which is then sold for money/fame. One of the important aspects of penetration testing is to find publicly available exploits on the internet and provide proof of concept.
The initial exploit database that was born on the internet was Milw0rm. Using the same...
