Share
## https://sploitus.com/exploit?id=92BEE419-E5F1-57FA-8BDF-4994EDCE387A
# Exploit-DB MCP Server for Pentesting

A Model Context Protocol (MCP) server that integrates Exploit-DB with AI assistants like Open-WebUI for penetration testing workflows.

## Features

๐Ÿ” **Search Exploits** - Search by keyword, CVE, platform, or type
๐Ÿ“‹ **Get Exploit Code** - Retrieve full exploit/PoC code by EDB-ID
๐Ÿš **Shellcode Search** - Find shellcodes by platform and purpose
๐Ÿ“Š **Database Stats** - Get insights into the exploit database
๐ŸŽฏ **CVE Lookup** - Direct CVE-to-exploit mapping

## Quick Start

### 1. Setup

Run the setup script to install dependencies and extract the database:

```powershell
.\setup.ps1
```

Or manually:

```bash
# Install dependencies
pip install -r requirements.txt

# Extract the exploit-db database (you already have the zip file)
# Extract exploitdb-main.zip to C:\Users\John\
```

### 2. Start the Server

```bash
# Option 1: Use the batch file
.\start.bat

# Option 2: Direct Python
python server.py
```

The server will start on `stdio` by default (for local MCP usage).

### 3. Connect to Open-WebUI

#### Method 1: Open-WebUI Admin Panel (Recommended)

1. Open Open-WebUI at http://localhost:3000
2. Go to **Settings** โ†’ **Admin Panel** โ†’ **MCP Servers**
3. Add a new MCP server:
   - **Name**: `exploit-db`
   - **Type**: `stdio`
   - **Command**: `python`
   - **Args**: `["C:\\Users\\John\\exploitdb-mcp-server\\server.py"]`
   - **Working Directory**: `C:\Users\John\exploitdb-mcp-server`

4. Click **Save** and **Restart** the MCP connection

#### Method 2: Configuration File

Edit your Open-WebUI MCP configuration file (usually in `~/.openwebui/mcp.json` or similar):

```json
{
  "mcpServers": {
    "exploit-db": {
      "command": "python",
      "args": ["C:\\Users\\John\\exploitdb-mcp-server\\server.py"],
      "cwd": "C:\\Users\\John\\exploitdb-mcp-server",
      "env": {
        "EXPLOITDB_PATH": "C:\\Users\\John\\exploitdb-main"
      }
    }
  }
}
```

#### Method 3: Docker Open-WebUI

If running Open-WebUI in Docker, you'll need to:

1. Mount the MCP server directory as a volume
2. Install Python in the container
3. Configure the MCP server path

Example docker-compose addition:

```yaml
volumes:
  - C:\Users\John\exploitdb-mcp-server:/mcp/exploitdb
  - C:\Users\John\exploitdb-main:/data/exploitdb-main
environment:
  - EXPLOITDB_PATH=/data/exploitdb-main
```

## Available Tools

Once connected, your AI agent can use these tools:

### `search_exploits`
Search the exploit database by keyword, platform, or type.

**Example prompts:**
- "Search for Apache exploits"
- "Find Windows privilege escalation exploits"
- "Search for remote code execution exploits in Linux"

### `search_by_cve`
Search for exploits by CVE identifier.

**Example prompts:**
- "Find exploits for CVE-2024-1234"
- "What exploits exist for CVE-2023-12345?"

### `get_exploit_code`
Retrieve the full exploit code by EDB-ID.

**Example prompts:**
- "Get the code for exploit 51234"
- "Show me EDB-51234"

### `search_shellcodes`
Search for shellcodes in the database.

**Example prompts:**
- "Find Linux x86 shellcodes"
- "Search for bind shell shellcodes"

### `list_platforms`
List all available platforms with exploit counts.

**Example prompts:**
- "What platforms are available?"
- "Show me platform statistics"

### `get_database_stats`
Get comprehensive database statistics.

**Example prompts:**
- "What's in the exploit database?"
- "Show me database statistics"

## Usage Examples

### In Open-WebUI Chat

Once configured, you can chat with your AI assistant like this:

```
You: I need to test a Windows Server 2019 system for privilege escalation vulnerabilities. 
     What exploits are available?

AI: Let me search for Windows privilege escalation exploits.
    [Uses search_exploits tool]
    
    I found 47 Windows privilege escalation exploits. Here are the most relevant:
    1. EDB-51234 - Windows Token Privilege Escalation (2024)
    2. EDB-49876 - Windows Service Binary Hijacking (2023)
    ...
    
You: Show me the code for EDB-51234

AI: [Uses get_exploit_code tool]
    Here's the full exploit code...
```

### Creating a Pentesting Agent

You can create a custom agent in Open-WebUI with a system prompt like:

```
You are a penetration testing assistant with access to the Exploit-DB database.

Your capabilities:
- Search for exploits by keyword, CVE, platform, or type
- Retrieve full exploit code and PoC scripts
- Find relevant shellcodes for various platforms
- Provide context and remediation advice

Always:
1. Confirm the target system details before suggesting exploits
2. Explain the exploit and its requirements
3. Provide ethical hacking context and responsible disclosure guidelines
4. Suggest remediation steps alongside vulnerabilities

Remember: This tool is for authorized penetration testing only.
```

## Database Information

The Exploit-DB database contains:
- **50,000+** exploits and proof-of-concepts
- **10,000+** shellcodes
- Coverage from 1998 to present
- Multiple platforms: Linux, Windows, macOS, Hardware, etc.
- Various types: Remote, Local, WebApps, DoS, etc.

## Troubleshooting

### Server won't start
- Check Python is installed: `python --version`
- Verify dependencies: `pip install -r requirements.txt`
- Check the database is extracted: `dir %USERPROFILE%\exploitdb-main`

### "Database not found" error
- Extract `exploitdb-main.zip` to `C:\Users\John\`
- Or set `EXPLOITDB_PATH` environment variable to your database location

### Open-WebUI not detecting tools
- Restart Open-WebUI after configuring MCP
- Check MCP server logs in Open-WebUI admin panel
- Verify the Python path is correct in the configuration

### Slow searches
- Optional: Install `searchsploit` from https://www.exploit-db.com/searchsploit
- The server will automatically use it for faster searches
- Without it, CSV parsing is slower but still functional

## Security Notes

โš ๏ธ **Important Security Considerations:**

1. **Authorized Testing Only** - Use this tool only on systems you have explicit permission to test
2. **Local Use** - Keep this server local; don't expose it to the internet
3. **Responsible Disclosure** - Follow responsible disclosure practices for any vulnerabilities found
4. **Ethical Hacking** - This tool is for legitimate security research and testing

## Contributing

To extend this server:
1. Add new tools in `server.py` using the `@mcp.tool()` decorator
2. Follow the FastMCP documentation for tool creation
3. Test with the MCP Inspector: `npx @modelcontextprotocol/inspector python server.py`

## Support

Issues? Check:
- FastMCP docs: https://github.com/jlowin/fastmcp
- MCP specification: https://modelcontextprotocol.io
- Exploit-DB: https://www.exploit-db.com

## License

This MCP server wrapper is provided as-is for educational and authorized security testing purposes.
The Exploit-DB database is copyright Offensive Security and subject to their terms of use.