Metadata-Version: 2.4
Name: iflow-mcp_cyberroute_mcp-exploitdb
Version: 1.0.0
Summary: MCP server for searching Exploit-DB using searchsploit
Requires-Python: >=3.10
Description-Content-Type: text/markdown
Requires-Dist: mcp>=1.0.0

# MCP Exploit-DB Server

An MCP (Model Context Protocol) server that provides access to the Exploit-DB database using the `searchsploit` command-line tool. This allows AI assistants like Claude to search for and retrieve exploit information directly.

## Prerequisites

- Python 3.10 or higher
- `searchsploit` command-line tool (from exploitdb package)

### Installing searchsploit

**On Kali Linux / Debian-based systems:**
```bash
sudo apt update
sudo apt install exploitdb
```

**On macOS with Homebrew:**
```bash
brew install exploitdb
```

## Installation on Claude Code and Desktop

1. Clone or download the repository:
```bash
claude mcp add --transport stdio exploitdb -- venv/bin/python exploit_db/server.py
```

After updating the configuration claude_desktop_config.json, restart Claude Desktop (see sample file in the repo).

```
{
  "mcpServers": {
    "exploitdb": {
     "command": "/ABSOLUTE/PATH/TO/PARENT/FOLDER/venv/bin/python",
     "args": ["-m", "exploit_db.server"]
    }
  }
}
```

## Available Tools

### 1. search_exploits
Search for exploits using keywords.

**Parameters:**
- `terms` (required): Array of search terms (e.g., `["afd", "windows", "local"]`)
- `case_sensitive` (optional): Perform case-sensitive search (default: false)
- `exact` (optional): Exact match on exploit title (default: false)
- `strict` (optional): Strict version matching (default: false)
- `title_only` (optional): Search only in titles, not paths (default: false)
- `exclude` (optional): Exclude terms from results (use | to separate)
- `json_output` (optional): Return JSON format (default: false)
- `show_urls` (optional): Show web URLs instead of local paths (default: false)

**Example:**
```
Search for Windows local privilege escalation exploits related to afd.sys
```

### 2. search_cve
Search for exploits by CVE identifier.

**Parameters:**
- `cve` (required): CVE identifier (e.g., "2021-44228" or "CVE-2021-44228")
- `json_output` (optional): Return JSON format (default: false)

**Example:**
```
Find exploits for CVE-2021-44228
```

### 3. get_exploit_path
Get the full local filesystem path to an exploit.

**Parameters:**
- `edb_id` (required): Exploit-DB ID (e.g., "39446")

**Example:**
```
Get the path for exploit 39446
```

### 4. get_exploit_content
Retrieve and display the full content of an exploit.

**Parameters:**
- `edb_id` (required): Exploit-DB ID (e.g., "39446")

**Example:**
```
Show me the content of exploit 39446
```

### 5. mirror_exploit
Copy an exploit file to a specified directory.

**Parameters:**
- `edb_id` (required): Exploit-DB ID
- `destination` (optional): Destination directory (default: current directory)

**Example:**
```
Copy exploit 39446 to /tmp
```

### 6. update_exploitdb
Update the local Exploit-DB database.

**Example:**
```
Update the exploit database
```

## Usage Examples

Once configured, you can ask Claude questions like:

- "Search for Apache Struts 2.0.0 exploits"
- "Find exploits for CVE-2021-44228"
- "Show me Windows kernel privilege escalation exploits"
- "Get the content of exploit 39446"
- "Search for Linux kernel 3.2 exploits excluding PoC and DoS"
- "Find remote code execution exploits for PHP"

## Credits

- Exploit-DB: https://www.exploit-db.com/
- searchsploit: Part of the exploitdb package
- MCP Protocol: https://modelcontextprotocol.io/
