Giter Club home page Giter Club logo

getexploit's Introduction

getExploit

Python script to explore exploits from exploit-db.com. Exist a similar script in Kali Linux, but in difference this python script will have provide more flexibility at search and download time.

Usage

Run the getExploit.py script to enter at text interface.

NOTE: If running for the first time, the script will automatically download the latest exploits archive at startup.

If you want to update the database downloaded from exploit-db.com, run getExploit.py updatedb and it will start the download of the latest exploit list from the website.

Searching exploits

The search command allows you to search for a given pattern in any field of the original exploit-db's CSV file. The search query must be in the form of field_name:pattern couples, if no field name is given, description is the default.

Available fields are:

  • id - the internal exploit's ID
  • file - the path where the exploit file can be found
  • description - informations about exploit and targetted software
  • date - the date the exploit was released
  • author - well, self-explanatory, huh?
  • platform - the platform type the exploit runs on
  • type - exploit classification, possible values are:
    • local
    • shellcode
    • dos
    • remote
    • webapps

If the pattern you want to search contains spaces, you can quote it using either single or double quotes (see screenshot below).

It is also possible to search using a regular expression by enclosing your pattern in quotes (simple or double) and prefixing it with 'r'.

To sum it up, here are the possible search formats:

  • description:zabbix - single word substring search
  • description:'zabbix 2.' / description:"zabbix 2." - quoted pattern substring search
  • description:r'za\w\wix' / description:r"za\w\wix" - regular expression search

Getting exploit infos

To show all the available details about an exploit, use the info command. This command takes a single argument, which is the ID of the exploit you want details for.

Updating database

Running the updatedb command will download the latest exploits archive from exploit-db.com and extract it in an exploits folder in current directory.

Licensing

This script is licensed under MIT terms.

getexploit's People

Contributors

gioyik avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.