Python script to explore exploits from exploit-db.com. Exist a similar script in Kali Linux, but in difference this python script will have provide more flexibility at search and download time
Run the getExploit.py script to enter at text interface.
NOTE: If running for the first time, the script will automatically download the latest exploits archive at startup.
If you want to update the database downloaded from exploit-db.com, run getExploit.py updatedb and it will start the download of the latest exploit list from the website.
The search command allows you to search for a given pattern in any field of the original exploit-db’s CSV file. The search query must be in the form of field_name:pattern couples, if no field name is given, description is the default.
Available fields are:
+ id – the internal exploit’s ID
+ file – the path where the exploit file can be found
+ description – informations about exploit and targetted software
+ date – the date the exploit was released
+ author – well, self-explanatory, huh?
+ platform – the platform type the exploit runs on type – exploit classification, possible values are:
If the pattern you want to search contains spaces, you can quote it using either single or double quotes (see screenshot below).
It is also possible to search using a regular expression by enclosing your pattern in quotes (simple or double) and prefixing it with ‘r’.
To sum it up, here are the possible search formats:
description:zabbix - single word substring search
description:'zabbix 2.' / description:"zabbix 2." - quoted pattern substring search
description:r'za\w\wix' / description:r"za\w\wix" - regular expression search
Getting exploit infos:
To show all the available details about an exploit, use the info command. This command takes a single argument, which is the ID of the exploit you want details for.