Skip to main content
Glama
Sign In
enesjakozh

ExploitDB MCP Server

by Cyreslab-AI
GitHub
TypeScript
MIT License
  • Linux
  • Apple
RedditDiscord
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

Integrations

  • Uses ExploitDB data sourced from GitLab repositories, either by downloading directly from CSV files or cloning from the ExploitDB GitLab repository.

  • Built on Node.js, requiring v16 or higher for operation.

  • Uses npm (v7 or higher) for package management and installation.

ExploitDB MCP Server

A Model Context Protocol server that provides access to ExploitDB functionality, developed by Cyreslab.ai. This server enables AI assistants like Claude to query information about security exploits and vulnerabilities, enhancing cybersecurity research and threat intelligence capabilities.

GitHub Repository: https://github.com/Cyreslab-AI/exploitdb-mcp-server Contact: contact@cyreslab.ai

Features

  • Exploit Search: Search for exploits by keywords, CVE IDs, platforms, and more
  • Exploit Details: Get comprehensive information about specific exploits, including code
  • CVE Lookup: Find all exploits related to specific CVE IDs
  • Recent Exploits: Track newly added exploits
  • Statistics: Get insights into exploit distribution by platform, type, and year
  • Automatic Updates: Keep the database up-to-date with scheduled updates

Installation

Prerequisites

  • Node.js (v16 or higher)
  • npm (v7 or higher)

Installation Steps

  1. Clone the repository:
    git clone https://github.com/Cyreslab-AI/exploitdb-mcp-server.git cd exploitdb-mcp-server
  2. Install dependencies:
    npm install
  3. Build the project:
    npm run build
  4. Configure the server:
    • Create a .env file in the root directory based on .env.example
    • Adjust settings as needed (data directory, update frequency, etc.)
  5. Initialize the database:
    npm run update-db
  6. Run the server:
    node build/index.js

MCP Configuration

To use this server with Claude or other MCP-compatible assistants, add it to your MCP configuration:

{ "mcpServers": { "mcp-exploitdb-server": { "command": "node", "args": ["/path/to/exploitdb-mcp-server/build/index.js"] } } }

Usage

Search Exploits

Use the search_exploits tool to search for exploits in the database:

<use_mcp_tool> <server_name>mcp-exploitdb-server</server_name> <tool_name>search_exploits</tool_name> <arguments> { "query": "wordpress plugin", "platform": "php", "limit": 5 } </arguments> </use_mcp_tool>

Additional search parameters:

  • type: Filter by exploit type (e.g., webapps, remote, local)
  • cve: Filter by CVE ID
  • author: Filter by author name
  • start_date/end_date: Filter by date range (YYYY-MM-DD)
  • verified: Filter by verified status (true/false)
  • offset: For pagination

Get Exploit Details

Use the get_exploit tool to retrieve detailed information about a specific exploit:

<use_mcp_tool> <server_name>mcp-exploitdb-server</server_name> <tool_name>get_exploit</tool_name> <arguments> { "id": 12345, "include_code": true } </arguments> </use_mcp_tool>

Find Exploits by CVE

Use the find_by_cve tool to find all exploits related to a specific CVE:

<use_mcp_tool> <server_name>mcp-exploitdb-server</server_name> <tool_name>find_by_cve</tool_name> <arguments> { "cve": "CVE-2021-44228", "limit": 10 } </arguments> </use_mcp_tool>

Get Recent Exploits

Use the get_recent_exploits tool to retrieve recently added exploits:

<use_mcp_tool> <server_name>mcp-exploitdb-server</server_name> <tool_name>get_recent_exploits</tool_name> <arguments> { "limit": 10 } </arguments> </use_mcp_tool>

Get Statistics

Use the get_statistics tool to get insights about the exploits in the database:

<use_mcp_tool> <server_name>mcp-exploitdb-server</server_name> <tool_name>get_statistics</tool_name> <arguments> {} </arguments> </use_mcp_tool>

Configuration Options

The server can be configured using environment variables or a .env file:

VariableDescriptionDefault
CLONE_REPOSITORYWhether to clone the ExploitDB repositoryfalse
REPOSITORY_URLURL of the ExploitDB repositoryhttps://gitlab.com/exploit-database/exploitdb.git
CSV_URLURL of the ExploitDB CSV filehttps://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv
DATA_DIRDirectory to store data./data
DB_PATHPath to the SQLite database./data/exploitdb.sqlite
UPDATE_INTERVALUpdate frequency in hours (0 to disable)24
MAX_RESULTSMaximum number of results to return per query10

Data Sources

This server uses data from the Exploit Database, maintained by Offensive Security. The data is either downloaded directly from the CSV file or cloned from the ExploitDB GitLab repository.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgements

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Have feature suggestions or found a bug? Please open an issue on our GitHub repository or contact us directly at contact@cyreslab.ai.

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

A Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.

  1. Features
    1. Installation
      1. Prerequisites
      2. Installation Steps
      3. MCP Configuration
    2. Usage
      1. Search Exploits
      2. Get Exploit Details
      3. Find Exploits by CVE
      4. Get Recent Exploits
      5. Get Statistics
    3. Configuration Options
      1. Data Sources
        1. License
          1. Acknowledgements
            1. Contributing
              ID: pruc1olhq1