Skip to content

Latest commit

 

History

History
80 lines (62 loc) · 3.23 KB

README.md

File metadata and controls

80 lines (62 loc) · 3.23 KB
Raw

exploit-searcher

Simultaneously search CVEs and exploits across multiple cybersecurity data sources.

LOGO

Forenote

This project is still a work in progress. Open collaboration is welcomed and encouraged. Please submit a pull request or reach out to me on Discord.

Overview

Pentesting is a cyclical process involving discovery of new services, frameworks, and technologies. Substantial host information is obtained via popular scanning tools such as Nmap, Nikto, etc. but scanning tools fall short when new frameworks and technologies are revealed which can't be scanned directly.

Exploit-searcher aims to fill the gaps between the initial reconnaissance phase and exploitation phase by aggregating CVE's, exploits, and papers across multiple cybersecurity sources.

Data Sources

  • GitHub (PoC's)
  • nvd.nist.gov
  • exploit-db (EDB currently not indexable)
  • cvedetails
  • rapid7
  • Packet Storm

Installation

git clone https://github.com/djjoa/exploit-searcher.git
[py | python | python3] -m pip install -r requirements.txt
[py | python | python3] exploit-searcher.py -h 

python .\exploit-searcher.py -h             
usage: exploit-searcher.py [-h] [-v] -s SEARCH
                           [-e {github,rapid7,packetstorm,cve,nvd} [{github,rapid7,packetstorm,cve,nvd} ...]]
                           [-c CVE] [-l LIMIT] [-q]

options:
  -h, --help            show this help message and exit
  -v, --verbose         add verbosity
  -s SEARCH, --search SEARCH
                        the search term to query all databases for (exploit,
                        vulnerability, CVE, technology, framework)
  -e {github,rapid7,packetstorm,cve,nvd} [{github,rapid7,packetstorm,cve,nvd} ...], --engine {github,rapid7,packetstorm,cve,nvd} [{github,rapid7,packetstorm,cve,nvd} ...]    
                        engines to use in query; defaults to ALL when not specified.   
                        values must be SPACE seperated (not comma).
  -c CVE, --cve CVE     CVE ID to refine search
  -l LIMIT, --limit LIMIT
                        number of results to display from each source (experimental)   
  -q, --quiet           don't print the banner when running

Usage

Query SaltStack across all datasources

python .\exploit-searcher.py -s 'SaltStack'

TODO

  • implement CVE argument functionality
  • add CVE Details data source
  • add Rapid7 data source
  • add Packet Storm data source
  • add NVD data source
  • add verbosity
  • update README with explanation of colored output
  • fix Packet Storm outputting 1 less than desired results
  • fix Packet Storm systems and tags lenght output not matching other columns (soup.find_all())
  • obtained access to nvd api and reworked script functionality
  • added fuzzy syntax highlighting based on interesting words

Contact

Zer0 - @x41x41x41x41 - Discord Zer0#0272

Project Link: https://github.com/djjoa/exploit-searcher