The recent ‘Activity Alert Report’ released by the NCCIC highlights that the majority of the exploits over the globe are mainly caused by publicly available tools. Read our article on the five most frequently used tools used by cybercriminals all over the globe to perform cyber crimes for more details.
Exploiting a vulnerability in a software running on a machine can give access to the entire machine. The vulnerable application can be a service running in the OS or a web server or an SSH server. Any service that opens a port or is accessible in some other way can be targeted.
Exploit development is an extremely time-consuming and complex process. Hence it is difficult to develop your own exploit. In most penetration tests, publicly available exploits are used. The working of the exploit depends on various factors like version number of the vulnerable system, the way it is configured and the OS used.
In this video, Gergely Révay shows how to use public exploits to exploit a vulnerability in a software running on a windows 10 machine.
Watch Gergely’s video below to learn how to use public exploits demonstrated with a practical example using exploit-db.com.
https://www.youtube.com/watch?v=2YoYyWGFU6A
About Gergely Révay
Gergely Révay, the instructor of this course, is a penetration testing Senior Key Expert at Siemens Corporation, Germany. He has worked as a penetration tester since 2011. Before that, he was a quality assurance engineer in his home country, Hungary. As a consultant, he performed penetration tests and security assessments in various industries, such as insurance, banking, telco, mobility, healthcare, industrial control systems, and even car production.
To know more about public exploits and to master various exploits and post exploitation techniques, check out Gergely’s course, ‘Practical Windows Penetration Testing [Video]’
jQuery File Upload plugin exploited by hackers over 8 years, reports Akamai’s SIRT researcher
MongoDB switches to Server Side Public License (SSPL) to prevent cloud providers from exploiting its open source code
A year later, Google Project Zero still finds Safari vulnerable to DOM fuzzing using publicly available tools to write exploits
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at ₹800/month. Cancel anytime
United States
Great Britain
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
South Africa
Thailand
Ukraine
Switzerland
Slovakia
Luxembourg
Hungary
Romania
Denmark
Ireland
Estonia
Belgium
Italy
Finland
Cyprus
Lithuania
Latvia
Malta
Netherlands
Portugal
Slovenia
Sweden
Argentina
Colombia
Ecuador
Indonesia
Mexico
New Zealand
Norway
South Korea
Taiwan
Turkey
Czechia
Austria
Greece
Isle of Man
Bulgaria
Japan
Philippines
Poland
Singapore
Egypt
Chile
Malaysia
