Web
Identifying CVE
CMS Name exploit as google search --> Rapid 7 will provide t CVE ID (mostly) --> Search CVE ID --> CVE Mitre site provides information about the exploit
CVE-ID github provides opensource exploit scripts
RCE
When ever you face an RCE exploit first check with a ping command because some RCE's are blind RCE (meaning the oupt for whoami /other commands will not be shown )
Last updated
Was this helpful?