Share
## https://sploitus.com/exploit?id=D20D1A90-6969-5677-BC2C-2475B973854A
# MCP Exploit-DB Server

An MCP (Model Context Protocol) server that provides access to the Exploit-DB database using the `searchsploit` command-line tool. This allows AI assistants like Claude to search for and retrieve exploit information directly.

## Prerequisites

- Python 3.10 or higher
- `searchsploit` command-line tool (from exploitdb package)

### Installing searchsploit

**On Kali Linux / Debian-based systems:**
```bash
sudo apt update
sudo apt install exploitdb
```

**On macOS with Homebrew:**
```bash
brew install exploitdb
```

**On Arch Linux:**
```bash
sudo pacman -S exploitdb
```

## Installation

1. Clone or download this repository:
```bash
cd /Users/alessandrobresciani/Development/mcp_exploitdb
```

2. Install the package:
```bash
pip install -e .
```

Or install with uv:
```bash
uv pip install -e .
```

## Configuration

Add this server to your Claude Desktop configuration file:

**macOS:** `~/Library/Application Support/Claude/claude_desktop_config.json`

**Windows:** `%APPDATA%\Claude\claude_desktop_config.json`

**Linux:** `~/.config/Claude/claude_desktop_config.json`

```json
{
  "mcpServers": {
    "exploitdb": {
      "command": "python",
      "args": ["-m", "mcp_exploitdb.server"]
    }
  }
}
```

Or if installed in a specific Python environment:
```json
{
  "mcpServers": {
    "exploitdb": {
      "command": "/path/to/your/python",
      "args": ["-m", "mcp_exploitdb.server"]
    }
  }
}
```

After updating the configuration, restart Claude Desktop.

## Available Tools

### 1. search_exploits
Search for exploits using keywords.

**Parameters:**
- `terms` (required): Array of search terms (e.g., `["afd", "windows", "local"]`)
- `case_sensitive` (optional): Perform case-sensitive search (default: false)
- `exact` (optional): Exact match on exploit title (default: false)
- `strict` (optional): Strict version matching (default: false)
- `title_only` (optional): Search only in titles, not paths (default: false)
- `exclude` (optional): Exclude terms from results (use | to separate)
- `json_output` (optional): Return JSON format (default: false)
- `show_urls` (optional): Show web URLs instead of local paths (default: false)

**Example:**
```
Search for Windows local privilege escalation exploits related to afd.sys
```

### 2. search_cve
Search for exploits by CVE identifier.

**Parameters:**
- `cve` (required): CVE identifier (e.g., "2021-44228" or "CVE-2021-44228")
- `json_output` (optional): Return JSON format (default: false)

**Example:**
```
Find exploits for CVE-2021-44228
```

### 3. get_exploit_path
Get the full local filesystem path to an exploit.

**Parameters:**
- `edb_id` (required): Exploit-DB ID (e.g., "39446")

**Example:**
```
Get the path for exploit 39446
```

### 4. get_exploit_content
Retrieve and display the full content of an exploit.

**Parameters:**
- `edb_id` (required): Exploit-DB ID (e.g., "39446")

**Example:**
```
Show me the content of exploit 39446
```

### 5. mirror_exploit
Copy an exploit file to a specified directory.

**Parameters:**
- `edb_id` (required): Exploit-DB ID
- `destination` (optional): Destination directory (default: current directory)

**Example:**
```
Copy exploit 39446 to /tmp
```

### 6. update_exploitdb
Update the local Exploit-DB database.

**Example:**
```
Update the exploit database
```

## Usage Examples

Once configured, you can ask Claude questions like:

- "Search for Apache Struts 2.0.0 exploits"
- "Find exploits for CVE-2021-44228"
- "Show me Windows kernel privilege escalation exploits"
- "Get the content of exploit 39446"
- "Search for Linux kernel 3.2 exploits excluding PoC and DoS"
- "Find remote code execution exploits for PHP"

## Security Considerations

This tool provides access to exploit code and vulnerability information. Use it responsibly:

- Only use for authorized security testing and research
- Ensure you have proper authorization before testing any exploits
- Be aware of local laws and regulations regarding security research
- The exploits in Exploit-DB are for educational and testing purposes

## Troubleshooting

### "searchsploit command not found"
Make sure `exploitdb` package is installed and `searchsploit` is in your PATH.

### No results when searching
Try updating the database first using the `update_exploitdb` tool.

### Permission errors
Ensure the user running Claude Desktop has read access to the Exploit-DB directory (typically `/usr/share/exploitdb`).

## Development

To contribute or modify:

1. Make changes to `mcp_exploitdb/server.py`
2. Test locally:
```bash
python -m mcp_exploitdb.server
```
3. The server uses stdio transport for communication with Claude Desktop

## License

MIT License - See LICENSE file for details

## Credits

- Exploit-DB: https://www.exploit-db.com/
- searchsploit: Part of the exploitdb package
- MCP Protocol: https://modelcontextprotocol.io/