Enhanced CLI tool for ExploitDB with CVE enrichment, categorization, and export capabilities.
Kudos to the original ExploitDB search utilities and tools like searchsploit for laying the foundation of easy exploit lookup. This project builds on that groundwork, taking it further with advanced automation, CVE matching, severity scoring, and multi-format export functionality. Your work inspired a more robust, all-in-one CLI experience.
| Feature | searchsploit |
ExploitDB CLI |
|---|---|---|
| CVE Enrichment | Manual CVE lookup | Automatic CVE extraction & CVSS scoring |
| Categorization | Basic platform/type | Multi-level categorization |
| Severity Scoring | None | CVSS-based severity levels |
| Export Formats | Limited | JSON, CSV, Metasploit, Nuclei |
| Automation | Manual updates | Scheduled weekly updates |
| Analytics | Basic search | Database statistics & insights |
| Filtering | Basic filters | Advanced multi-criteria filtering |
In short, while searchsploit is excellent for basic searches, this tool is a full-fledged CLI for exploit intelligence with analytics, exports, and automation.
# Clone the repository
git clone https://github.com/RicheByte/exploitdbPro
cd exploitdbPro
# Install dependencies
npm install
# Build the project
npm run build
# Install globally
npm link
# First-time setup - download exploit database
exploitdb update# Get help
exploitdb --help
# Update exploit database
exploitdb update
# Show database statistics
exploitdb stats
# Search for Linux exploits
exploitdb search --platform linux --limit 5# Search by platform
exploitdb search --platform "windows"
exploitdb search --platform "linux"
# Search by exploit type
exploitdb search --type "remote"
exploitdb search --type "local"
exploitdb search --type "webapps"
# Search by author
exploitdb search --author "metasploit"
# Search by keyword in description
exploitdb search --query "Apache"
exploitdb search --query "buffer overflow"# Search by CVE ID
exploitdb search --cve "CVE-2021-44228" # Log4Shell
exploitdb search --cve "CVE-2017-0144" # EternalBlue
# Use dedicated CVE command
exploitdb cve CVE-2021-44228
exploitdb cve CVE-2019-0708 # BlueKeep# Filter by severity level
exploitdb search --severity "Critical"
exploitdb search --severity "High"
exploitdb search --severity "Medium"
# Filter by CVSS score range
exploitdb search --cvss-min 9.0
exploitdb search --cvss-min 7.0 --cvss-max 9.0# Filter by exploit category
exploitdb search --category "webapps"
exploitdb search --category "windows"
exploitdb search --category "database"
exploitdb search --category "network-device"# Complex multi-filter searches
exploitdb search --platform "linux" --type "remote" --severity "High"
exploitdb search --platform "windows" --type "local" --query "privilege"
exploitdb search --type "webapps" --severity "Critical" --cvss-min 9.0# Export to JSON
exploitdb search --platform "linux" --export json --output linux_exploits.json
# Export to CSV
exploitdb search --type "remote" --export csv --output remote_exploits.csv
# Export for Metasploit
exploitdb search --severity "Critical" --export metasploit --output critical_msf.txt
# Export for Nuclei
exploitdb search --type "webapps" --export nuclei --output web_nuclei.yaml
# Export specific CVE
exploitdb cve CVE-2021-44228 --export json --output log4j.json
exploitdb cve CVE-2021-44228 --export metasploit --output log4j_msf.txt# Enable automatic weekly updates
exploitdb update --auto
# Manual update check
exploitdb update# Show comprehensive statistics
exploitdb stats
# Output includes:
# - Total exploit count
# - Breakdown by type
# - Top platforms
# - CVE statistics# Interactive search and selection
exploitdb search --platform "wordpress"
# This provides:
# 1. Numbered list of results
# 2. Detailed exploit view
# 3. Download option
# 4. Export options# Quick target reconnaissance
exploitdb search --platform "apache" --severity "High"
exploitdb search --platform "windows" --type "remote" --severity "Critical"
# Export for tool integration
exploitdb search --platform $TARGET_OS --export metasploit
exploitdb search --type "webapps" --export nuclei# Research specific software
exploitdb search --platform "wordpress" --query "plugin"
exploitdb search --platform "joomla" --type "webapps"
# Service-specific research
exploitdb search --platform "ssh" --type "remote"
exploitdb search --platform "ftp" --type "remote"# Prepare high-value exploits
exploitdb search --severity "Critical" --cvss-min 9.0 --export metasploit
# OS-specific payload preparation
exploitdb search --platform "windows" --severity "High" --export csv
exploitdb search --platform "linux" --type "local" --export json- CVE Extraction: Automatically extracts CVE IDs from exploit descriptions
- Severity Scoring: CVSS-based severity levels (Low, Medium, High, Critical)
- Vulnerability Categorization: Classifies by type, platform, service, and category
- Multi-format Export: JSON, CSV, Metasploit, Nuclei template outputs
- Automatic Updates: Scheduled weekly database updates
- Database Insights: Built-in statistics and analytics
- Advanced Filtering: Platform, type, author, CVE, severity, category, CVSS ranges
- Interactive Interface: Easy result browsing and exploit downloading
exploitdb-cli/
├── src/
│ ├── index.ts # Main CLI interface
│ ├── downloader.ts # Data sync & updates
│ ├── database.ts # SQLite operations
│ ├── searcher.ts # Search functionality
│ ├── exporter.ts # Export functionality
│ ├── cve-matcher.ts # CVE matching & scoring
│ └── types.ts # Type definitions
├── data/ # Local exploit database
└── downloads/ # Downloaded exploit files
# Development build with watch mode
npm run dev
# Production build
npm run build
# Run tests
npm testContributions are welcome! Please feel free to submit pull requests for:
- New export formats
- Additional categorization logic
- Improved CVE matching
- Performance optimizations
- Bug fixes
- Offensive Security for maintaining ExploitDB
- searchsploit for inspiration in exploit search functionality
- CIRCL for CVE data access
- NVD for CVSS scoring data
This CLI is designed for security researchers, penetration testers, red teams, and anyone who needs structured, actionable exploit intelligence at their fingertips. Whether you're conducting vulnerability research, preparing for an engagement, or building security tooling, ExploitDB CLI provides the data and exports you need in a streamlined package.