ExploitDB MCP Server
A Model Context Protocol server that provides access to ExploitDB functionality, developed by [Cyreslab.ai](https://cyreslab.ai). This server enables AI assistants like Claude to query information about security exploits and vulnerabilities, enhancing cybersecurity research and threat intelligence capabilities.
**GitHub Repository**: [https://github.com/Cyreslab-AI/exploitdb-mcp-server](https://github.com/Cyreslab-AI/exploitdb-mcp-server)
**Contact**: [contact@cyreslab.ai](mailto:contact@cyreslab.ai)
Features
- **Exploit Search**: Search for exploits by keywords, CVE IDs, platforms, and more
- **Exploit Details**: Get comprehensive information about specific exploits, including code
- **CVE Lookup**: Find all exploits related to specific CVE IDs
- **Recent Exploits**: Track newly added exploits
- **Statistics**: Get insights into exploit distribution by platform, type, and year
- **Automatic Updates**: Keep the database up-to-date with scheduled updates
Installation
Prerequisites
- Node.js (v16 or higher)
- npm (v7 or higher)
Installation Steps
- Clone the repository: ```bash git clone https://github.com/Cyreslab-AI/exploitdb-mcp-server.git cd exploitdb-mcp-server ```
- Install dependencies: ```bash npm install ```
- Build the project: ```bash npm run build ```
- Configure the server: - Create a `.env` file in the root directory based on `.env.example` - Adjust settings as needed (data directory, update frequency, etc.)
- Initialize the database: ```bash npm run update-db ```
- Run the server: ```bash node build/index.js ```
MCP Configuration
To use this server with Claude or other MCP-compatible assistants, add it to your MCP configuration:
Usage
Search Exploits
Use the `search_exploits` tool to search for exploits in the database:
Additional search parameters:
- `type`: Filter by exploit type (e.g., webapps, remote, local)
- `cve`: Filter by CVE ID
- `author`: Filter by author name
- `start_date`/`end_date`: Filter by date range (YYYY-MM-DD)
- `verified`: Filter by verified status (true/false)
- `offset`: For pagination
Get Exploit Details
Use the `get_exploit` tool to retrieve detailed information about a specific exploit:
Find Exploits by CVE
Use the `find_by_cve` tool to find all exploits related to a specific CVE:
Get Recent Exploits
Use the `get_recent_exploits` tool to retrieve recently added exploits:
Get Statistics
Use the `get_statistics` tool to get insights about the exploits in the database:
Configuration Options
The server can be configured using environment variables or a `.env` file:
[object Object] | [object Object] | [object Object] |
[object Object] | [object Object] | [object Object] |
[object Object] | [object Object] | [object Object] |
[object Object] | [object Object] | [object Object] |
[object Object] | [object Object] | [object Object] |
[object Object] | [object Object] | [object Object] |
[object Object] | [object Object] | [object Object] |
[object Object] | [object Object] | [object Object] |
Data Sources
This server uses data from the [Exploit Database](https://www.exploit-db.com/), maintained by [Offensive Security](https://www.offensive-security.com/). The data is either downloaded directly from the CSV file or cloned from the [ExploitDB GitLab repository](https://gitlab.com/exploit-database/exploitdb).
License
This project is licensed under the MIT License - see the LICENSE file for details.
Acknowledgements
- [Offensive Security](https://www.offensive-security.com/) for maintaining the Exploit Database
- [Model Context Protocol](https://github.com/anthropics/model-context-protocol) for enabling AI assistants to access external tools
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
Have feature suggestions or found a bug? Please open an issue on our [GitHub repository](https://github.com/Cyreslab-AI/exploitdb-mcp-server) or contact us directly at [contact@cyreslab.ai](mailto:contact@cyreslab.ai).