MCP Exploit-DB Server

README.md•3.33 kB

# MCP Exploit-DB Server An MCP (Model Context Protocol) server that provides access to the Exploit-DB database using the `searchsploit` command-line tool. This allows AI assistants like Claude to search for and retrieve exploit information directly. ## Prerequisites - Python 3.10 or higher - `searchsploit` command-line tool (from exploitdb package) ### Installing searchsploit **On Kali Linux / Debian-based systems:** ```bash sudo apt update sudo apt install exploitdb ``` **On macOS with Homebrew:** ```bash brew install exploitdb ``` ## Installation on Claude Code and Desktop 1. Clone or download the repository: ```bash claude mcp add --transport stdio exploitdb -- venv/bin/python exploit_db/server.py ``` After updating the configuration claude_desktop_config.json, restart Claude Desktop (see sample file in the repo). ``` { "mcpServers": { "exploitdb": { "command": "/ABSOLUTE/PATH/TO/PARENT/FOLDER/venv/bin/python", "args": ["-m", "exploit_db.server"] } } } ``` ## Available Tools ### 1. search_exploits Search for exploits using keywords. **Parameters:** - `terms` (required): Array of search terms (e.g., `["afd", "windows", "local"]`) - `case_sensitive` (optional): Perform case-sensitive search (default: false) - `exact` (optional): Exact match on exploit title (default: false) - `strict` (optional): Strict version matching (default: false) - `title_only` (optional): Search only in titles, not paths (default: false) - `exclude` (optional): Exclude terms from results (use | to separate) - `json_output` (optional): Return JSON format (default: false) - `show_urls` (optional): Show web URLs instead of local paths (default: false) **Example:** ``` Search for Windows local privilege escalation exploits related to afd.sys ``` ### 2. search_cve Search for exploits by CVE identifier. **Parameters:** - `cve` (required): CVE identifier (e.g., "2021-44228" or "CVE-2021-44228") - `json_output` (optional): Return JSON format (default: false) **Example:** ``` Find exploits for CVE-2021-44228 ``` ### 3. get_exploit_path Get the full local filesystem path to an exploit. **Parameters:** - `edb_id` (required): Exploit-DB ID (e.g., "39446") **Example:** ``` Get the path for exploit 39446 ``` ### 4. get_exploit_content Retrieve and display the full content of an exploit. **Parameters:** - `edb_id` (required): Exploit-DB ID (e.g., "39446") **Example:** ``` Show me the content of exploit 39446 ``` ### 5. mirror_exploit Copy an exploit file to a specified directory. **Parameters:** - `edb_id` (required): Exploit-DB ID - `destination` (optional): Destination directory (default: current directory) **Example:** ``` Copy exploit 39446 to /tmp ``` ### 6. update_exploitdb Update the local Exploit-DB database. **Example:** ``` Update the exploit database ``` ## Usage Examples Once configured, you can ask Claude questions like: - "Search for Apache Struts 2.0.0 exploits" - "Find exploits for CVE-2021-44228" - "Show me Windows kernel privilege escalation exploits" - "Get the content of exploit 39446" - "Search for Linux kernel 3.2 exploits excluding PoC and DoS" - "Find remote code execution exploits for PHP" ## Credits - Exploit-DB: https://www.exploit-db.com/ - searchsploit: Part of the exploitdb package - MCP Protocol: https://modelcontextprotocol.io/

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/CyberRoute/mcp_exploitdb'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

README.md•3.33 kB