ExploitDBSighting 0.1.0

A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance.

ExploitDBSighting

A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance.

Exploit-DB.com is a comprehensive and publicly accessible database of security vulnerabilities and exploits, maintained by Offensive Security. It serves as a crucial resource for penetration testers, researchers, and ethical hackers by offering detailed information and proof-of-concept code.

Within the Vulnerability-Lookup project, data from Exploit-DB are leveraged as sightings, specifically categorized as "exploited" in alignment with the MISP taxonomy of sightings.

More information about the sightings:

• Corresponding MISP taxonomy
• Vulnerability-Lookup documentation

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install ExploitDBSighting
$ export ExploitDBSighting_CONFIG=~/conf.py

The configuration should be defined in a Python file (e.g., ~/.conf.py). You must then set an environment variable (ExploitDBSighting_CONFIG) with the full path to this file.

Usage

Publishing sightings to Vulnerability-Lookup

$ ExploitDBSighting
CVE-2017-14084
https://www.exploit-db.com/exploits/42891
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup...

CVE-2017-14085
https://www.exploit-db.com/exploits/42893
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup...

CVE-2017-14086
https://www.exploit-db.com/exploits/42892
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup...

License

ExploitDBSighting is licensed under GNU General Public License version 3

Copyright (c) 2024 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2024 Cédric Bonhomme - https://github.com/cedricbonhomme