Improve Exploit Finder results

[MatthewHKnight]

So not sure how accurate the exploits are that the Exploit Finder finds online but i highly doubt the exploits it found are are all the working exploits. I'm just curious if you can give some feedback if the Exploit Finder is still being worked on or what i highly doubt a Fully up to date Windows machine has all these exploits it found. Made a video its being hosted on Google drive for now. https://drive.google.com/file/d/0Bzuk83sfGWkjWG5QcHdnUXlMMFU/view?usp=sharing

[Interneedus]

It is impossible to tell what exploit work before trying them. This is not an issue.

[MatthewHKnight]

Care to enlighten me on that with zANTI it shows the machine has no one vulnerabilities however this exploit finder shows tons of "possible" exploits would be interesting it it could work like zANTI does i highly doubt any of them exploits work but im not willing to run a bunch of random exploits on that machine to find out.

[Interneedus]

cSploit shows all the exploits that could be used based on the data it has collected. It is impossible to tell what don't work because the simply isn't enough data.

[fat-tire]

Unless I'm reading this totally wrong, it looks like some of the exploits are scraped from a web search with the initial query being the service (ie, "telnet"). I wonder if the results should/could be filtered out by "platform" (ie, windows, linux, os x) and even the particular version (which I don't think is currently collected by the service inspector) to narrow down the results. I'm not sure how this works, but from reading the remote api it seems there's a "module.exploits" method that lists them in their whatever/whatever/whatever/ format. I don't know if this is a basis to filter upon or what... just spitballing.

[tux-mind]

Yes, we can perform some filtering on the found exploit.