This is a tool for searching Exploits from some Exploit Databases. Exploits are inserted at sqlite database(go-exploitdb) can be searched by command line interface.
In server mode, a simple Web API can be used.
As the following vulnerabilities database
There’s a Docker image available docker pull vulsio/go-exploitdb
. When using the container, it takes the same arguments as the normal command line.
go-exploitdb requires the following packages.
$ mkdir -p $GOPATH/src/github.com/vulsio
$ cd $GOPATH/src/github.com/vulsio
$ git clone https://github.com/vulsio/go-exploitdb.git
$ cd go-exploitdb
$ make install
$ go-exploitdb fetch --help
Fetch the data of exploit
Usage:
go-exploitdb fetch [command]
Available Commands:
awesomepoc Fetch the data of Awesome Poc
exploitdb Fetch the data of offensive security exploit db
githubrepos Fetch the data of github repos
inthewild Fetch the data of inTheWild Poc
Flags:
--batch-size int The number of batch size to insert. (default 500)
-h, --help help for fetch
Global Flags:
--config string config file (default is $HOME/.go-exploitdb.yaml)
--dbpath string /path/to/sqlite3 or SQL connection string
--dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported)
--debug debug mode (default: false)
--debug-sql SQL debug mode
--http-proxy string http://proxy-url:port (default: empty)
--log-dir string /path/to/log
--log-json output log as JSON
--log-to-file output log to file
Use "go-exploitdb fetch [command] --help" for more information about a command.
Fetch and Insert Offensive Security ExploitDB
$ go-exploitdb fetch exploitdb
$ go-exploitdb search -h
Search the data of exploit
Usage:
go-exploitdb search [flags]
Flags:
-h, --help help for search
--param string All Exploits: None | by CVE: [CVE-xxxx] | by ID: [xxxx] (default: None)
--type string All Exploits by CVE: CVE | by ID: ID (default: CVE)
Global Flags:
--config string config file (default is $HOME/.go-exploitdb.yaml)
--dbpath string /path/to/sqlite3 or SQL connection string
--dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported)
--debug debug mode (default: false)
--debug-sql SQL debug mode
--http-proxy string http://proxy-url:port (default: empty)
--log-dir string /path/to/log
--log-json output log as JSON
--log-to-file output log to file
For more information click here.
Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…
Introduction In the vast ocean of the internet, the most powerful tool you already have…
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…