searchsploit

Search Exploit Database for vulnerabilities

TLDR

Search for an exploit, shellcode, or paper

$ searchsploit [search_terms]

Search for a known specific version, e.g. sudo version 1.8.27

$ searchsploit sudo 1.8.27

Show the exploit-db link to the found resources

$ searchsploit [[-w|--www]] [search_terms]

Copy the resource to the current directory (requires the number of the exploit)

$ searchsploit [[-m|--mirror]] [exploit_number]

Examine the resource, using the pager defined in the $PAGER environment variable

$ searchsploit [[-x|--examine]] [exploit_number]

Update the local Exploit Database

$ searchsploit [[-u|--update]]

Search for the [c]ommon [v]ulnerabilities and [e]xposures (CVE) value

$ searchsploit --cve [2021-44228]

Check results in nmap's XML output with service version (nmap -sV -oX nmap-output.xml) for known exploits

$ searchsploit --nmap [path/to/nmap-output.xml]

SYNOPSIS

searchsploit [options] term1 [term2] ... [termN]

-h, --help
    Show help screen and exit.

-v, --version
    Show version information and exit.

-u, --update
    Update the local Exploit Database copy.

-t, --title
    Search only in the title field.

-c, --case
    Case-sensitive search.

-x, --exact
    Exact match (must match search terms entirely).

-p, --path
    Show the full path to the exploit file.

-m [EXPLOIT-DB_ID]
    Copy an exploit to the current working directory.

-w [EXPLOIT-DB_ID]
    Mirror an exploit to the current working directory.

-i, --id
    Display the Exploit-DB ID value.

-j, --json
    Output results in JSON format.

-s [TERM]
    Display the description of TERM

--nmap [TARGET]
    Performs an Nmap scan on TARGET and uses the results to search exploitdb

DESCRIPTION

searchsploit is a command-line search tool for Exploit-DB, a comprehensive archive of public exploits and corresponding vulnerable software. It allows users to quickly search a local, offline copy of the Exploit-DB database for relevant exploits based on keywords, software names, or versions. This is useful for penetration testers, security researchers, and system administrators who need to rapidly identify potential vulnerabilities in their systems or networks. The tool is designed for speed and efficiency, allowing users to quickly filter and refine search results. searchsploit streamlines the process of finding appropriate exploits, improving the workflow of vulnerability assessments and penetration testing engagements. Unlike searching the Exploit-DB website directly, searchsploit provides immediate results, even without an internet connection. The utility is often included in penetration testing distributions such as Kali Linux and Parrot OS, highlighting its importance in the security community.

searchsploit helps you find exploits you can use to test your systems. It maintains a local copy of the Exploit Database.

CAVEATS

The local Exploit-DB copy needs to be updated regularly with the `-u` flag to ensure the most recent exploits are available. The accuracy of search results depends on the quality and completeness of the Exploit-DB database entries.

USING WITH NMAP

The `--nmap` option allows you to integrate searchsploit with Nmap. By providing a target IP address or hostname to the `--nmap` option, searchsploit will first perform an Nmap scan and then use the scan results to search the Exploit Database for relevant exploits. This is a convenient way to quickly identify potential vulnerabilities based on the services and versions detected by Nmap.

HISTORY

searchsploit was developed as a command-line tool for interacting with the Exploit-DB. It gained prominence within penetration testing distributions, such as Kali Linux. It simplified and automated the process of finding relevant exploits in an offline environment, improving the speed and efficiency of vulnerability assessments.