The easiest way to find RCE (Package Dependency) is through Package Dependency Confusion, which can be achieved using a few tools.
The tools required for this are: RepoDownloader, RCE_CODE, Burpsuite collaborator, webhook, Nuclei, httpx, subfinder, and Nuclei-template.
To find vulnerable package dependencies, follow these steps: first, find subdomains using subfinder, then use httpx to gather information about each subdomain, and finally use Nuclei to analyze the output from httpx with a nuclei template specifically designed for package dependency exposure.
This process can be adapted and adjusted to suit different targets and scenarios, incorporating additional tools and bespoke scripts where necessary.