searchsploit
Search Exploit Database for vulnerabilities
TLDR
Search for an exploit, shellcode, or paper
Search for a known specific version, e.g. sudo version 1.8.27
Show the exploit-db link to the found resources
Copy the resource to the current directory (requires the number of the exploit)
Examine the resource, using the pager defined in the $PAGER environment variable
Update the local Exploit Database
Search for the [c]ommon [v]ulnerabilities and [e]xposures (CVE) value
Check results in nmap's XML output with service version (nmap -sV -oX nmap-output.xml) for known exploits
SYNOPSIS
searchsploit [OPTIONS] [TERMS]
searchsploit [OPTIONS] [EDB-ID|CVE-ID]
searchsploit [OPTIONS] --shellcodes
searchsploit [OPTIONS] --exploits
searchsploit [OPTIONS] --papers
PARAMETERS
-h, --help
Displays the help message and exits.
-v, --version
Shows the program's version number and exits.
-u, --update
Updates the local Exploit-DB copy (requires internet connection).
-c, --case
Performs a case-sensitive search.
-e, --exact
Performs an exact match search for specified terms.
-s, --strict
Performs a strict search, treating multiple terms as an AND operation.
-t, --title
Restricts the search to exploit titles only (default searches title and path).
-p, --path
Displays the full path to the exploit file on the local system.
-m, --mirror
Copies (mirrors) the selected exploit file to the current working directory.
-x, --examine
Displays the content of the selected exploit file to the console.
-w, --web
Shows the corresponding Exploit-DB URL for the found exploit.
-j, --json
Outputs the search results in JSON format, useful for scripting.
--cve [CVE-ID]
Searches for exploits by a specific Common Vulnerabilities and Exposures (CVE) ID.
--id [EDB-ID]
Searches for exploits by a specific Exploit-DB ID.
--shellcodes
Lists all available shellcodes in the database.
--exploits
Lists all available exploits in the database.
--papers
Lists all available security papers and research documents in the database.
DESCRIPTION
searchsploit is a powerful command-line utility designed for searching the local Exploit-DB archive. It enables security professionals, penetration testers, and researchers to quickly locate exploits, shellcodes, and vulnerability research papers based on various keywords, CVE IDs, or EDB-IDs.
As an integral component of the Exploit-DB repository, maintained by Offensive Security, searchsploit provides offline access to a vast collection of public exploits. This capability is particularly invaluable in environments where internet connectivity is limited or unavailable. Users can filter results, display full paths to exploit files, view associated Exploit-DB web links, and even copy exploit code directly to their current working directory. The tool's effectiveness relies on maintaining an up-to-date local database, which can be refreshed regularly to ensure access to the latest publicly disclosed vulnerabilities and proof-of-concepts.
CAVEATS
The effectiveness of searchsploit heavily relies on a current local Exploit-DB copy; regular updates are essential. It only searches the local database and does not perform live online lookups. Exploits found may be proofs-of-concept, outdated, or require modifications to function. It serves as a search utility, not an exploitation framework, meaning discovered exploits often need manual review, compilation, or integration with other tools.
UPDATING THE DATABASE
To ensure searchsploit provides the most current information, its local database must be updated regularly. This can typically be done via the command exploitdb --update or, in Kali Linux, by reinstalling the package: sudo apt update && sudo apt install --reinstall exploitdb.
INTEGRATION WITH KALI LINUX
searchsploit is a fundamental component of Kali Linux, pre-installed and readily available. This tight integration highlights its importance in the cybersecurity toolkit for quick access to vulnerability information directly from the command line.
HISTORY
searchsploit was developed by Offensive Security, the team behind Kali Linux and the Exploit-DB project. Its creation addressed the need for offline, rapid access to the vast Exploit-DB archive, making it an indispensable tool for penetration testers working in diverse network environments. Since its introduction, it has become a standard, pre-installed utility in Kali Linux distributions, continuously evolving alongside the Exploit-DB to provide comprehensive vulnerability and exploit information.
SEE ALSO
msfconsole(1), exploitdb(1), nmap(1), kali(7)