Python script to explore exploits from exploit-db.com. Exist a similar script in Kali Linux, but in difference this python script will have provide more flexibility at search and download time.
Run the getExploit.py script to enter at text interface.
NOTE: If running for the first time, the script will automatically download the latest exploits archive at startup.
If you want to update the database downloaded from exploit-db.com, run getExploit.py updatedb and it will start the download of the latest exploit list from the website.
The search command allows you to search for a given pattern in any field of the original exploit-db's
CSV file. The search query must be in the form of field_name:pattern couples, if no field name is
given, description is the default.
Available fields are:
id- the internal exploit's IDfile- the path where the exploit file can be founddescription- informations about exploit and targetted softwaredate- the date the exploit was releasedauthor- well, self-explanatory, huh?platform- the platform type the exploit runs ontype- exploit classification, possible values are:localshellcodedosremotewebapps
If the pattern you want to search contains spaces, you can quote it using either single or double quotes (see screenshot below).
It is also possible to search using a regular expression by enclosing your pattern in quotes (simple or double) and prefixing it with 'r'.
To sum it up, here are the possible search formats:
description:zabbix- single word substring searchdescription:'zabbix 2.'/description:"zabbix 2."- quoted pattern substring searchdescription:r'za\w\wix'/description:r"za\w\wix"- regular expression search
To show all the available details about an exploit, use the info command. This command takes a
single argument, which is the ID of the exploit you want details for.
Running the updatedb command will download the latest exploits archive from exploit-db.com and
extract it in an exploits folder in current directory.
This script is licensed under MIT terms.