Pompem – Exploit Finder
Pompem是一款开源的工具,它集成了各大exp网站的exploits,用于自动搜索。
由于是基于Python语言开放,拥有相当高级的搜索,因此大大提高了渗透工作组的效率。
目前版本,支持搜索的db有:Exploit-db, 1337day, Packetstorm Security…
把Exploit-db, 1337day, Packetstorm Security集成起来了
Pompem is an open source tool, which is designed to automate the search for exploits in major databases.
Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers.
In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security…
嫌安装麻烦?那试试在线版吧:
github:https://github.com/rfunix/Pompem
Installation
You can download the latest tarball by clicking here or latest zipball by clicking here.
Preferably, you can download pompem by cloning the Git repository:
git clone https://github.com/rfunix/Pompem.git Pompem-dev
Pompem works out of the box with Python version ”’2.6.x”’ and ”’2.7.x”’ on any platform.
Pompem lib uses the following setup:
If you have not realized the Download or use virtualenv:
- Create virtual env with
virtualenv .env
- Activate virtualenv with
source .env/bin/activate
- Install dependêncies with
pip install -r requeriments.txt
If you use pip and have not vitualenv use ‘sudo pip install virtualenv’ or see virtualenv website.
Usage
To get the list of basic options and information about the project:
python pompem.py -h
Examples of use:
python pompem.py -s WordPress
python pompem.py -s Joomla --html
python pompem.py -s "Internet Explorer,joomla,wordpress" --html
python pompem.py -s FortiGate --txt
python pompem.py -s ssh,ftp,mysql
python pompem.py -s "joomla" -g
python pompem.py --update
本文作者:SecPulse
本文为安全脉搏专栏作者发布,转载请注明:https://www.secpulse.com/archives/3388.html
本文来源于互联网:Exploit搜索利器之Pompem