## https://sploitus.com/exploit?id=D2280452-9925-517E-999B-AE937617D048
# ExploitDB-JSON
Generates a JSON file indexing exploits from [exploit-database/exploitdb](https://gitlab.com/exploit-database/exploitdb)
by CVE (or any other identifier found in the `codes` column, e.g. `OSVDB-xxxx`),
based on the repository's `files_exploits.csv` file.
## Output format
```json
{
"CVE-2009-3699": [
{ "id": "16929", "type": "dos" }
],
"OSVDB-58726": [
{ "id": "16929", "type": "dos" }
]
}
```
- Each key corresponds to **one** code from the `codes` column (that column
can contain several codes separated by `;`, e.g. `CVE-2009-3699;OSVDB-58726`:
in that case the exploit appears under both keys).
- Each value is a list of `{id, type}` objects (`id` = the `id` column from
the CSV, `type` = the `type` column from the CSV), since several exploits
can share the same CVE.
- Rows with no code at all in the `codes` column are skipped.
## Local usage
```bash
# Download the CSV from GitLab
curl -O https://gitlab.com/exploit-database/exploitdb/-/raw/master/files_exploits.csv
# Generate the JSON
python3 scripts/build_index.py files_exploits.csv exploits_by_cve.json
```
## Automated pipeline (GitHub Actions)
The `.github/workflows/update.yml` workflow:
1. Runs every 6 hours (`schedule`) or can be triggered manually
(`workflow_dispatch`).
2. Downloads the latest version of `files_exploits.csv` from GitLab.
3. Regenerates `exploits_by_cve.json`.
4. Commits and pushes **only if the content actually changed**.
### Why periodic polling instead of a real "push trigger"?
GitLab and GitHub are two independent platforms: a `git push` to the
exploit-database repository on GitLab cannot natively notify GitHub. Two
options exist:
- **What's provided here (the simplest one)**: a GitHub Actions `cron` that
periodically checks the source and only commits if the generated JSON
differs from the previous one (so no unnecessary noise in the history).
Adjust the frequency in `cron: "0 */6 * * *"` to fit your needs (e.g.
`"0 * * * *"` for hourly).
- **A more reactive alternative** (requires control over a GitLab CI
pipeline, which isn't the case here since you don't own the exploitdb
repository): set up a GitLab CI job that calls the GitHub API
(`repository_dispatch`) on every push to `files_exploits.csv`. Since you
don't control the source repository, this option doesn't apply here.
### Setup
1. Create a GitHub repository and copy these files into it
(`scripts/build_index.py`, `.github/workflows/update.yml`).
2. Under **Settings โ Actions โ General โ Workflow permissions**, enable
*"Read and write permissions"* so the workflow can commit.
3. (Optional) Trigger the workflow manually once via the *Actions* tab
(`workflow_dispatch`) to generate the first `exploits_by_cve.json`.