Skip to content

notnullgames/exploitdb

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
setup.sql
setup.sql
 
 
update
update
 
 

Repository files navigation

pakemon exploitdb

This collects various exploit databases into other database formats, for use in pakemon.

We're not sure yet how it will be used, but ideas include offline searchable database (that is more efficient than exploitdb and online-form that analyzes nmap XML or bettercap JSON.)

It's setup as a Github action, so it automatically runs every day to get latest sqlite database.

usage

query

You can use any sqlite3 library, or the command-line util with the latest sqlite database:

# do a text search
sqlite3 exploits.sqlite
> SELECT * FROM exploits WHERE platform IN ("multiple", "windows") AND description LIKE '%excel%';

Currently, it also includes full text searching. You can use it with the virtual-tables that have _search at the end, like this:

SELECT * FROM exploits_search("apache OR mod_ssl") WHERE description LIKE "%2.%" AND port=80 ORDER BY rank;

I'm not sure if we'll keep it, as LIKE seems like it can hit our use-case pretty well.

generate your own

This isn't needed, just grab the latest sqlite database, but if you want, you can also generate it locally. Make sure you have csvkit & sqlite CLI installed. On ubuntu/debian/raspbian, you can do this with sudo apt install csvkit sqlite3.

./update

data-sources

We pull from these data-sources:

About

Collect exploit databases into a single SQLite file

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Sponsor this project

Packages

No packages published

Contributors 2

  •  
  •  

Languages