If a worker wants to do his job well, he must first sharpen his tools. In order to discover vulnerabilities, we must first reproduce the idea of learning vulnerabilities. Here are some vulnerability release platforms to facilitate the collection of information and code and reproduce vulnerabilities.
First clarify a few concepts:
- CVE (Common Vulnerabilities & Exposures): Public vulnerabilities and exposures. CVE is a dictionary table that gives information security vulnerabilities or exposed weaknesses a common name.
- POC (Proof of Concept): Vulnerability proof. In a vulnerability report, a description or an example is used to prove that the vulnerability does exist.
- EXP (Exploit): Vulnerability exploitation, which means that the vulnerability has an open exploit method (such as a script).
- CVSS (Common Vulnerability Scoring System): Common Vulnerability Scoring System, an industry open standard, used to evaluate the severity of vulnerabilities, the higher the 0-10 score, the more serious.
- Payload (effective attack payload): The code executed after successfully infiltrating the target.
- Shellcode: A kind of Payload, named after it establishes a forward/reverse shell.
1. CVE official website
This website can search for simple descriptions of corresponding vulnerabilities and vulnerability repair strategies, as well as download a list of all included vulnerabilities, but it does not provide exploit codes.
**URL: **https://cve.mitre.org/
2. CVE details
Security vulnerability data source, used in conjunction with the CVE official website.
**URL: **https://www.cvedetails.com/
3. CNVD National Information Security Vulnerability Sharing Platform
Hot vulnerabilities released by the state and their patch repairs.
**URL: **https://www.cnvd.org.cn/
**Vulnerability Library URL: **http://www.cnnvd.org.cn/
4. github
Most white hats like to publicize the exploit on github. They can search for the number of the vulnerability they want to exploit, learn how to write the code, and pay attention to whether the code contains a backdoor. You can use the search syntax to filter the required library github search syntax documents .
**URL: **https://github.com/
5. exp-db
A vulnerability submission platform for hackers all over the world. The platform will announce the latest vulnerability. It directly contains the utilization code and can be used directly.
**URL: **https://www.exploit-db.com/
6. Three major cyberspace search engines
Shodan is a foreign network space search engine, it will also collect some exp.
FOFA and ZoomEye are two excellent online search engines. The corresponding search query syntax can be used to reduce the scope of the query.
** shadan network: ** https://exploits.shodan.io/welcome
**FOFA URL: **https://fofa.so/
**ZoomEye URL: **https://www.zoomeye.org/
7. 0day
Contains 0day vulnerabilities and conduct transactions.
**URL: **https://0day.today/
8. packet storm
There are detailed payload code, stack information and specific utilization description.
**网址:**https://packetstormsecurity.com/files/tags/exploit/
9. seebug
Know the Chuangyu vulnerability platform.
**URL: **https://www.seebug.org/
10. List of CVE vulnerabilities in each language library
**List of CVE vulnerabilities in Node.js library: **https://www.npmjs.com/advisories
**List of Java library CVE vulnerabilities:**https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=java
**List of CVE vulnerabilities in Python library:**https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=python
11. Other
http://www.expku.com/
https://cxsecurity.com/
https://www.openwall.com/lists/oss-security/
https://www.vulnerability-lab.com/
https://www.exploit-database.net/
After finding the required exploit code, you can perform penetration testing on the target with tools such as Metasploit, and you can start to explore your own vulnerabilities.