ExploitDB MCP Server
A Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.
Cyreslab-AI
README
ExploitDB MCP Server
A Model Context Protocol server that provides access to ExploitDB functionality, developed by Cyreslab.ai. This server enables AI assistants like Claude to query information about security exploits and vulnerabilities, enhancing cybersecurity research and threat intelligence capabilities.
GitHub Repository: https://github.com/Cyreslab-AI/exploitdb-mcp-server Contact: contact@cyreslab.ai
Features
- Exploit Search: Search for exploits by keywords, CVE IDs, platforms, and more
- Exploit Details: Get comprehensive information about specific exploits, including code
- CVE Lookup: Find all exploits related to specific CVE IDs
- Recent Exploits: Track newly added exploits
- Statistics: Get insights into exploit distribution by platform, type, and year
- Automatic Updates: Keep the database up-to-date with scheduled updates
Installation
Prerequisites
- Node.js (v16 or higher)
- npm (v7 or higher)
Installation Steps
-
Clone the repository:
git clone https://github.com/Cyreslab-AI/exploitdb-mcp-server.git cd exploitdb-mcp-server -
Install dependencies:
npm install -
Build the project:
npm run build -
Configure the server:
- Create a
.envfile in the root directory based on.env.example - Adjust settings as needed (data directory, update frequency, etc.)
- Create a
-
Initialize the database:
npm run update-db -
Run the server:
node build/index.js
MCP Configuration
To use this server with Claude or other MCP-compatible assistants, add it to your MCP configuration:
{
"mcpServers": {
"mcp-exploitdb-server": {
"command": "node",
"args": ["/path/to/exploitdb-mcp-server/build/index.js"]
}
}
}
Usage
Search Exploits
Use the search_exploits tool to search for exploits in the database:
<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>search_exploits</tool_name>
<arguments>
{
"query": "wordpress plugin",
"platform": "php",
"limit": 5
}
</arguments>
</use_mcp_tool>
Additional search parameters:
type: Filter by exploit type (e.g., webapps, remote, local)cve: Filter by CVE IDauthor: Filter by author namestart_date/end_date: Filter by date range (YYYY-MM-DD)verified: Filter by verified status (true/false)offset: For pagination
Get Exploit Details
Use the get_exploit tool to retrieve detailed information about a specific exploit:
<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_exploit</tool_name>
<arguments>
{
"id": 12345,
"include_code": true
}
</arguments>
</use_mcp_tool>
Find Exploits by CVE
Use the find_by_cve tool to find all exploits related to a specific CVE:
<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>find_by_cve</tool_name>
<arguments>
{
"cve": "CVE-2021-44228",
"limit": 10
}
</arguments>
</use_mcp_tool>
Get Recent Exploits
Use the get_recent_exploits tool to retrieve recently added exploits:
<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_recent_exploits</tool_name>
<arguments>
{
"limit": 10
}
</arguments>
</use_mcp_tool>
Get Statistics
Use the get_statistics tool to get insights about the exploits in the database:
<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_statistics</tool_name>
<arguments>
{}
</arguments>
</use_mcp_tool>
Configuration Options
The server can be configured using environment variables or a .env file:
| Variable | Description | Default |
|---|---|---|
CLONE_REPOSITORY |
Whether to clone the ExploitDB repository | false |
REPOSITORY_URL |
URL of the ExploitDB repository | https://gitlab.com/exploit-database/exploitdb.git |
CSV_URL |
URL of the ExploitDB CSV file | https://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv |
DATA_DIR |
Directory to store data | ./data |
DB_PATH |
Path to the SQLite database | ./data/exploitdb.sqlite |
UPDATE_INTERVAL |
Update frequency in hours (0 to disable) | 24 |
MAX_RESULTS |
Maximum number of results to return per query | 10 |
Data Sources
This server uses data from the Exploit Database, maintained by Offensive Security. The data is either downloaded directly from the CSV file or cloned from the ExploitDB GitLab repository.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Acknowledgements
- Offensive Security for maintaining the Exploit Database
- Model Context Protocol for enabling AI assistants to access external tools
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
Have feature suggestions or found a bug? Please open an issue on our GitHub repository or contact us directly at contact@cyreslab.ai.
Recommended Servers
Crypto Price & Market Analysis MCP Server
A Model Context Protocol (MCP) server that provides comprehensive cryptocurrency analysis using the CoinCap API. This server offers real-time price data, market analysis, and historical trends through an easy-to-use interface.
MCP PubMed Search
Server to search PubMed (PubMed is a free, online database that allows users to search for biomedical and life sciences literature). I have created on a day MCP came out but was on vacation, I saw someone post similar server in your DB, but figured to post mine.
dbt Semantic Layer MCP Server
A server that enables querying the dbt Semantic Layer through natural language conversations with Claude Desktop and other AI assistants, allowing users to discover metrics, create queries, analyze data, and visualize results.
mixpanel
Connect to your Mixpanel data. Query events, retention, and funnel data from Mixpanel analytics.
Sequential Thinking MCP Server
This server facilitates structured problem-solving by breaking down complex issues into sequential steps, supporting revisions, and enabling multiple solution paths through full MCP integration.
Nefino MCP Server
Provides large language models with access to news and information about renewable energy projects in Germany, allowing filtering by location, topic (solar, wind, hydrogen), and date range.
Vectorize
Vectorize MCP server for advanced retrieval, Private Deep Research, Anything-to-Markdown file extraction and text chunking.
Mathematica Documentation MCP server
A server that provides access to Mathematica documentation through FastMCP, enabling users to retrieve function documentation and list package symbols from Wolfram Mathematica.
kb-mcp-server
An MCP server aimed to be portable, local, easy and convenient to support semantic/graph based retrieval of txtai "all in one" embeddings database. Any txtai embeddings db in tar.gz form can be loaded
Research MCP Server
The server functions as an MCP server to interact with Notion for retrieving and creating survey data, integrating with the Claude Desktop Client for conducting and reviewing surveys.