## https://sploitus.com/exploit?id=D20D1A90-6969-5677-BC2C-2475B973854A
# MCP Exploit-DB Server
An MCP (Model Context Protocol) server that provides access to the Exploit-DB database using the `searchsploit` command-line tool. This allows AI assistants like Claude to search for and retrieve exploit information directly.
## Prerequisites
- Python 3.10 or higher
- `searchsploit` command-line tool (from exploitdb package)
### Installing searchsploit
**On Kali Linux / Debian-based systems:**
```bash
sudo apt update
sudo apt install exploitdb
```
**On macOS with Homebrew:**
```bash
brew install exploitdb
```
**On Arch Linux:**
```bash
sudo pacman -S exploitdb
```
## Installation
1. Clone or download this repository:
```bash
cd /Users/alessandrobresciani/Development/mcp_exploitdb
```
2. Install the package:
```bash
pip install -e .
```
Or install with uv:
```bash
uv pip install -e .
```
## Configuration
Add this server to your Claude Desktop configuration file:
**macOS:** `~/Library/Application Support/Claude/claude_desktop_config.json`
**Windows:** `%APPDATA%\Claude\claude_desktop_config.json`
**Linux:** `~/.config/Claude/claude_desktop_config.json`
```json
{
"mcpServers": {
"exploitdb": {
"command": "python",
"args": ["-m", "mcp_exploitdb.server"]
}
}
}
```
Or if installed in a specific Python environment:
```json
{
"mcpServers": {
"exploitdb": {
"command": "/path/to/your/python",
"args": ["-m", "mcp_exploitdb.server"]
}
}
}
```
After updating the configuration, restart Claude Desktop.
## Available Tools
### 1. search_exploits
Search for exploits using keywords.
**Parameters:**
- `terms` (required): Array of search terms (e.g., `["afd", "windows", "local"]`)
- `case_sensitive` (optional): Perform case-sensitive search (default: false)
- `exact` (optional): Exact match on exploit title (default: false)
- `strict` (optional): Strict version matching (default: false)
- `title_only` (optional): Search only in titles, not paths (default: false)
- `exclude` (optional): Exclude terms from results (use | to separate)
- `json_output` (optional): Return JSON format (default: false)
- `show_urls` (optional): Show web URLs instead of local paths (default: false)
**Example:**
```
Search for Windows local privilege escalation exploits related to afd.sys
```
### 2. search_cve
Search for exploits by CVE identifier.
**Parameters:**
- `cve` (required): CVE identifier (e.g., "2021-44228" or "CVE-2021-44228")
- `json_output` (optional): Return JSON format (default: false)
**Example:**
```
Find exploits for CVE-2021-44228
```
### 3. get_exploit_path
Get the full local filesystem path to an exploit.
**Parameters:**
- `edb_id` (required): Exploit-DB ID (e.g., "39446")
**Example:**
```
Get the path for exploit 39446
```
### 4. get_exploit_content
Retrieve and display the full content of an exploit.
**Parameters:**
- `edb_id` (required): Exploit-DB ID (e.g., "39446")
**Example:**
```
Show me the content of exploit 39446
```
### 5. mirror_exploit
Copy an exploit file to a specified directory.
**Parameters:**
- `edb_id` (required): Exploit-DB ID
- `destination` (optional): Destination directory (default: current directory)
**Example:**
```
Copy exploit 39446 to /tmp
```
### 6. update_exploitdb
Update the local Exploit-DB database.
**Example:**
```
Update the exploit database
```
## Usage Examples
Once configured, you can ask Claude questions like:
- "Search for Apache Struts 2.0.0 exploits"
- "Find exploits for CVE-2021-44228"
- "Show me Windows kernel privilege escalation exploits"
- "Get the content of exploit 39446"
- "Search for Linux kernel 3.2 exploits excluding PoC and DoS"
- "Find remote code execution exploits for PHP"
## Security Considerations
This tool provides access to exploit code and vulnerability information. Use it responsibly:
- Only use for authorized security testing and research
- Ensure you have proper authorization before testing any exploits
- Be aware of local laws and regulations regarding security research
- The exploits in Exploit-DB are for educational and testing purposes
## Troubleshooting
### "searchsploit command not found"
Make sure `exploitdb` package is installed and `searchsploit` is in your PATH.
### No results when searching
Try updating the database first using the `update_exploitdb` tool.
### Permission errors
Ensure the user running Claude Desktop has read access to the Exploit-DB directory (typically `/usr/share/exploitdb`).
## Development
To contribute or modify:
1. Make changes to `mcp_exploitdb/server.py`
2. Test locally:
```bash
python -m mcp_exploitdb.server
```
3. The server uses stdio transport for communication with Claude Desktop
## License
MIT License - See LICENSE file for details
## Credits
- Exploit-DB: https://www.exploit-db.com/
- searchsploit: Part of the exploitdb package
- MCP Protocol: https://modelcontextprotocol.io/