## https://sploitus.com/exploit?id=9B06882B-AF0D-5A4F-B809-EDC19F52472F
# π΄ ExploitDB RAG
A RAG (Retrieval Augmented Generation) system for querying exploits from ExploitDB using local LLMs.
## π― What is this?
This tool allows you to ask questions about CVEs and exploits in natural language. It uses:
- **Ollama** for local LLM inference (Llama 3.2)
- **ChromaDB** for vector storage
- **LangChain** for RAG orchestration
- **ExploitDB** as the knowledge base
## π Quick Start
### Prerequisites
- Python 3.10+
- [Ollama](https://ollama.ai) installed
### 1. Install Ollama and models
```bash
# Install Ollama (macOS)
brew install ollama
# Start Ollama server
ollama serve
# Pull required models (in another terminal)
ollama pull llama3.2:3b
ollama pull nomic-embed-text
```
### 2. Setup Python environment
```bash
# Create virtual environment
python3 -m venv .venv
source .venv/bin/activate
# Install dependencies
pip install -r requirements.txt
```
### 3. Fetch exploits from ExploitDB
```bash
cd src
python fetch_exploitdb.py
```
### 4. Run the RAG system
```bash
python exploit_rag.py
```
## π Project Structure
```
.
βββ README.md
βββ requirements.txt
βββ datasets/
β βββ exploitdb_full.csv # Exploit dataset
βββ src/
βββ exploit_rag.py # Main RAG interface
βββ fetch_exploitdb.py # Download exploits from ExploitDB
βββ diagnose_rag.py # Debug and understand RAG phases
βββ test_rag.py # Automated tests
βββ quick_test.py # Verify dependencies
```
## π¬ Example Queries
```
π Query: Tell me about Log4Shell
π Query: Is there an exploit for CVE-2021-44228?
π Query: Show me Java deserialization vulnerabilities
π Query: What exploits exist for Apache Tomcat?
```
## π§ How it Works
```
βββββββββββββββ βββββββββββββββββ βββββββββββββββ ββββββββββββ
β ExploitDB βββββΆβ Embeddings βββββΆβ ChromaDB βββββΆβ Llama β
β CSV Dataset β β (nomic-embed) β β (vectors) β β (answer) β
βββββββββββββββ βββββββββββββββββ βββββββββββββββ ββββββββββββ
β² β
β βΌ
[Your Query] ββββββΆ [Relevant Docs] ββββββΆ [Response]
```
1. **Indexing**: Exploits are converted to embeddings and stored in ChromaDB
2. **Retrieval**: Your query finds the most similar exploits
3. **Generation**: LLM generates an answer using the retrieved context
## β οΈ Disclaimer
This tool is for **educational and authorized security research purposes only**. Only use exploits in environments where you have explicit permission.
## π License
MIT