## https://sploitus.com/exploit?id=7D8F0D00-55FC-5AB0-9DD5-A449E2109B3B
# ExploitRank - Exploit Intelligence Engine (EIE) v1.0.0
[](https://www.python.org/downloads/)
[](https://github.com/jason-allen-oneal/ExploitRank/releases/tag/v1.0.0)
[](LICENSE)
**ExploitRank** is an automated Exploit Intelligence Engine (EIE) designed to ingest, normalize, and score vulnerabilities based on real-world exploit availability. It serves as the data backbone for the ZeroSignal security network, providing high-fidelity intelligence for both automated remediation and adversarial testing.
---
## ๐ Core Capabilities
### 1. Ingestion Framework
Multi-source adapter architecture for pulling raw vulnerability and exploit data:
* **NVD Adapter**: Ingests official CVE data including descriptions, CVSS scores, and timestamps.
* **GitHub Adapter**: Scans repositories for Proof-of-Concept (PoC) code and active exploits.
* **Extensible Design**: Support for additional sources like Exploit-DB or custom feeds.
### 2. Normalization Engine
Converts disparate raw data formats into a standardized **VulnRecord** and **ExploitCandidate** schema, ensuring consistency across the entire intelligence pipeline.
### 3. ERS (Exploit Rank Score) calculation
A proprietary scoring engine that calculates the **Exploit Rank Score (0-100)** by factoring in:
* **CVSS Severity**: Base technical impact.
* **Exploit Availability**: Weighting for PoCs vs. weaponized exploit modules.
* **Vulnerability Recency**: Prioritizing new and emerging threats.
### 4. Reproduction Recipe (RR) Generation
Automatically generates structured **Remediation Recipes** in JSON format. These bundles include:
* Standardized vulnerability assessments.
* Remediation priority levels based on ERS.
* Contextual metadata for downstream automation runners.
### 5. DarkPrompt Integration
Directly bridges with **DarkPrompt** (AI Adversarial Toolkit), allowing security audits to use real-world exploit data for generating targeted, high-fidelity attack payloads.
---
## ๐ Installation
### Prerequisites
* Python 3.9+
* SQLAlchemy
### Setup
```bash
git clone https://github.com/jason-allen-oneal/ExploitRank.git
cd ExploitRank
python3 -m venv venv
source venv/bin/activate
pip install -e .
```
---
## ๐ Usage Examples
### Ingest NVD Data
```bash
eie ingest --nvd ./nvd_dump.json
```
### Calculate ERS for a CVE
```bash
eie score CVE-2024-9999
```
### Generate a Remediation Recipe
```bash
eie recipe CVE-2024-9999 --out ./recipes/
```
---
## โ๏ธ License
Licensed under the Apache License, Version 2.0. See [LICENSE](LICENSE) for details.
---
*โIntelligence without action is a overhead; Action without intelligence is a risk.โ* โ ExploitRank provides the intelligence required for decisive action.