Skip to content

CyberRoute/mcp_exploitdb

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
exploit_db
exploit_db
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

MCP Exploit-DB Server

An MCP (Model Context Protocol) server that provides access to the Exploit-DB database using the searchsploit command-line tool. This allows AI assistants like Claude to search for and retrieve exploit information directly.

Prerequisites

  • Python 3.10 or higher
  • searchsploit command-line tool (from exploitdb package)

Installing searchsploit

On Kali Linux / Debian-based systems:

sudo apt update
sudo apt install exploitdb

On macOS with Homebrew:

brew install exploitdb

Installation on Claude Code and Desktop

  1. Clone or download the repository:
claude mcp add --transport stdio exploitdb -- venv/bin/python exploit_db/server.py

After updating the configuration claude_desktop_config.json, restart Claude Desktop (see sample file in the repo).

{
  "mcpServers": {
    "exploitdb": {
     "command": "/ABSOLUTE/PATH/TO/PARENT/FOLDER/venv/bin/python",
     "args": ["-m", "exploit_db.server"]
    }
  }
}

Available Tools

1. search_exploits

Search for exploits using keywords.

Parameters:

  • terms (required): Array of search terms (e.g., ["afd", "windows", "local"])
  • case_sensitive (optional): Perform case-sensitive search (default: false)
  • exact (optional): Exact match on exploit title (default: false)
  • strict (optional): Strict version matching (default: false)
  • title_only (optional): Search only in titles, not paths (default: false)
  • exclude (optional): Exclude terms from results (use | to separate)
  • json_output (optional): Return JSON format (default: false)
  • show_urls (optional): Show web URLs instead of local paths (default: false)

Example:

Search for Windows local privilege escalation exploits related to afd.sys

2. search_cve

Search for exploits by CVE identifier.

Parameters:

  • cve (required): CVE identifier (e.g., "2021-44228" or "CVE-2021-44228")
  • json_output (optional): Return JSON format (default: false)

Example:

Find exploits for CVE-2021-44228

3. get_exploit_path

Get the full local filesystem path to an exploit.

Parameters:

  • edb_id (required): Exploit-DB ID (e.g., "39446")

Example:

Get the path for exploit 39446

4. get_exploit_content

Retrieve and display the full content of an exploit.

Parameters:

  • edb_id (required): Exploit-DB ID (e.g., "39446")

Example:

Show me the content of exploit 39446

5. mirror_exploit

Copy an exploit file to a specified directory.

Parameters:

  • edb_id (required): Exploit-DB ID
  • destination (optional): Destination directory (default: current directory)

Example:

Copy exploit 39446 to /tmp

6. update_exploitdb

Update the local Exploit-DB database.

Example:

Update the exploit database

Usage Examples

Once configured, you can ask Claude questions like:

  • "Search for Apache Struts 2.0.0 exploits"
  • "Find exploits for CVE-2021-44228"
  • "Show me Windows kernel privilege escalation exploits"
  • "Get the content of exploit 39446"
  • "Search for Linux kernel 3.2 exploits excluding PoC and DoS"
  • "Find remote code execution exploits for PHP"

Credits

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages