Exploit-DB MCP Server for Pentesting

A Model Context Protocol (MCP) server that integrates Exploit-DB with AI assistants like Open-WebUI for penetration testing workflows.

Features

🔍 Search Exploits - Search by keyword, CVE, platform, or type 📋 Get Exploit Code - Retrieve full exploit/PoC code by EDB-ID 🐚 Shellcode Search - Find shellcodes by platform and purpose 📊 Database Stats - Get insights into the exploit database 🎯 CVE Lookup - Direct CVE-to-exploit mapping

Quick Start

1. Setup

Run the setup script to install dependencies and extract the database:

.\setup.ps1

Or manually:

# Install dependencies
pip install -r requirements.txt

# Extract the exploit-db database (you already have the zip file)
# Extract exploitdb-main.zip to C:\Users\John\

2. Start the Server

# Option 1: Use the batch file
.\start.bat

# Option 2: Direct Python
python server.py

The server will start on stdio by default (for local MCP usage).

3. Connect to Open-WebUI

Method 1: Open-WebUI Admin Panel (Recommended)

1. Open Open-WebUI at http://localhost:3000

2. Go to Settings → Admin Panel → MCP Servers

3. Add a new MCP server:

   • Name: exploit-db
   • Type: stdio
   • Command: python
   • Args: ["C:\\Users\\John\\exploitdb-mcp-server\\server.py"]
   • Working Directory: C:\Users\John\exploitdb-mcp-server

4. Click Save and Restart the MCP connection

Method 2: Configuration File

Edit your Open-WebUI MCP configuration file (usually in ~/.openwebui/mcp.json or similar):

{
  "mcpServers": {
    "exploit-db": {
      "command": "python",
      "args": ["C:\\Users\\John\\exploitdb-mcp-server\\server.py"],
      "cwd": "C:\\Users\\John\\exploitdb-mcp-server",
      "env": {
        "EXPLOITDB_PATH": "C:\\Users\\John\\exploitdb-main"
      }
    }
  }
}

Method 3: Docker Open-WebUI

If running Open-WebUI in Docker, you'll need to:

1. Mount the MCP server directory as a volume
2. Install Python in the container
3. Configure the MCP server path

Example docker-compose addition:

volumes:
  - C:\Users\John\exploitdb-mcp-server:/mcp/exploitdb
  - C:\Users\John\exploitdb-main:/data/exploitdb-main
environment:
  - EXPLOITDB_PATH=/data/exploitdb-main

Available Tools

Once connected, your AI agent can use these tools:

search_exploits

Search the exploit database by keyword, platform, or type.

Example prompts:

• "Search for Apache exploits"
• "Find Windows privilege escalation exploits"
• "Search for remote code execution exploits in Linux"

search_by_cve

Search for exploits by CVE identifier.

Example prompts:

• "Find exploits for CVE-2024-1234"
• "What exploits exist for CVE-2023-12345?"

get_exploit_code

Retrieve the full exploit code by EDB-ID.

Example prompts:

• "Get the code for exploit 51234"
• "Show me EDB-51234"

search_shellcodes

Search for shellcodes in the database.

Example prompts:

• "Find Linux x86 shellcodes"
• "Search for bind shell shellcodes"

list_platforms

List all available platforms with exploit counts.

Example prompts:

• "What platforms are available?"
• "Show me platform statistics"

get_database_stats

Get comprehensive database statistics.

Example prompts:

• "What's in the exploit database?"
• "Show me database statistics"

Usage Examples

In Open-WebUI Chat

Once configured, you can chat with your AI assistant like this:

You: I need to test a Windows Server 2019 system for privilege escalation vulnerabilities. 
     What exploits are available?

AI: Let me search for Windows privilege escalation exploits.
    [Uses search_exploits tool]
    
    I found 47 Windows privilege escalation exploits. Here are the most relevant:
    1. EDB-51234 - Windows Token Privilege Escalation (2024)
    2. EDB-49876 - Windows Service Binary Hijacking (2023)
    ...
    
You: Show me the code for EDB-51234

AI: [Uses get_exploit_code tool]
    Here's the full exploit code...

Creating a Pentesting Agent

You can create a custom agent in Open-WebUI with a system prompt like:

You are a penetration testing assistant with access to the Exploit-DB database.

Your capabilities:
- Search for exploits by keyword, CVE, platform, or type
- Retrieve full exploit code and PoC scripts
- Find relevant shellcodes for various platforms
- Provide context and remediation advice

Always:
1. Confirm the target system details before suggesting exploits
2. Explain the exploit and its requirements
3. Provide ethical hacking context and responsible disclosure guidelines
4. Suggest remediation steps alongside vulnerabilities

Remember: This tool is for authorized penetration testing only.

Database Information

The Exploit-DB database contains:

• 50,000+ exploits and proof-of-concepts
• 10,000+ shellcodes
• Coverage from 1998 to present
• Multiple platforms: Linux, Windows, macOS, Hardware, etc.
• Various types: Remote, Local, WebApps, DoS, etc.

Troubleshooting

Server won't start

• Check Python is installed: python --version
• Verify dependencies: pip install -r requirements.txt
• Check the database is extracted: dir %USERPROFILE%\exploitdb-main

"Database not found" error

• Extract exploitdb-main.zip to C:\Users\John\
• Or set EXPLOITDB_PATH environment variable to your database location

Open-WebUI not detecting tools

• Restart Open-WebUI after configuring MCP
• Check MCP server logs in Open-WebUI admin panel
• Verify the Python path is correct in the configuration

Slow searches

• Optional: Install searchsploit from https://www.exploit-db.com/searchsploit
• The server will automatically use it for faster searches
• Without it, CSV parsing is slower but still functional

Security Notes

⚠️ Important Security Considerations:

1. Authorized Testing Only - Use this tool only on systems you have explicit permission to test
2. Local Use - Keep this server local; don't expose it to the internet
3. Responsible Disclosure - Follow responsible disclosure practices for any vulnerabilities found
4. Ethical Hacking - This tool is for legitimate security research and testing

Contributing

To extend this server:

1. Add new tools in server.py using the @mcp.tool() decorator
2. Follow the FastMCP documentation for tool creation
3. Test with the MCP Inspector: npx @modelcontextprotocol/inspector python server.py

Support

Issues? Check:

• FastMCP docs: https://github.com/jlowin/fastmcp
• MCP specification: https://modelcontextprotocol.io
• Exploit-DB: https://www.exploit-db.com

License

This MCP server wrapper is provided as-is for educational and authorized security testing purposes. The Exploit-DB database is copyright Offensive Security and subject to their terms of use.