Skip to content

vulnerability-lookup/ExploitDBSighting

BranchesTags

Repository files navigation

ExploitDBSighting

A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance.

Exploit-DB.com is a comprehensive and publicly accessible database of security vulnerabilities and exploits, maintained by Offensive Security. It serves as a crucial resource for penetration testers, researchers, and ethical hackers by offering detailed information and proof-of-concept code.

Within the Vulnerability-Lookup project, data from Exploit-DB are leveraged as sightings, specifically categorized as "exploited" in alignment with the MISP taxonomy of sightings.

More information about the sightings:

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install ExploitDBSighting
$ export ExploitDBSighting_CONFIG=~/conf.py

The configuration should be defined in a Python file (e.g., ~/.conf.py). You must then set an environment variable (ExploitDBSighting_CONFIG) with the full path to this file.

With Docker

git clone https://github.com/vulnerability-lookup/ExploitDBSighting
cd ExploitDBSighting

# Make sure conf.py exists in the project root before running
docker compose up --build

Note

The docker-compose.yml expects a conf.py file in the root directory. You can create it manually or copy the provided example:

$ cp exploitdbsighting/conf_sample.py conf.py

Usage

Publishing sightings to Vulnerability-Lookup

$ ExploitDBSighting
CVE-2017-14084
https://www.exploit-db.com/exploits/42891
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

CVE-2017-14085
https://www.exploit-db.com/exploits/42893
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

CVE-2017-14086
https://www.exploit-db.com/exploits/42892
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

By specifying a date with the --since parameter:

$ ExploitDBSighting --since 2025-01-01
Fetching records starting at 0…
CVE-2025-48932
https://www.exploit-db.com/exploits/52383
2025-07-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

CVE-2025-1974
https://www.exploit-db.com/exploits/52338
2025-06-20 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

CVE-2025-0868
https://www.exploit-db.com/exploits/52145
2025-04-09 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

Encountered record older than specified --since date (2025-01-01 00:00:00+00:00). Stopping.

License

ExploitDBSighting is licensed under GNU General Public License version 3

Copyright (c) 2024-2025 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2024-2025 Cédric Bonhomme - https://github.com/cedricbonhomme

About

A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance.

pypi.org/project/ExploitDBSighting

Topics

observations exploit vulnerability sightings vulnerability-lookup

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 2

Release 0.2.0 Latest
Jan 21, 2025
+ 1 release

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages