Exploitationexploitssearchdatabasevulnerabilitysearchsploit

ExploitDB

Searchable archive from The Exploit Database for locating exploits. Provides command-line tool searchsploit to query local exploit database.

Description

ExploitDB is a searchable exploit database archive hosted at /usr/share/exploitdb containing exploits and shellcodes. It enables users to search for exploits by keywords, platforms, and types using the searchsploit command-line tool. The database is sourced from https://www.exploit-db.com/ and installed size is 190.28 MB.

Common use cases include penetration testing for locating public exploits matching discovered vulnerabilities, such as remote exploits for specific software like Oracle on Windows. It supports filtering searches by title, path exclusion, exact matches, and version ranges to reduce false positives.

The tool integrates with Nmap XML output for automated exploit matching against scanned service versions. Updates are available via package managers.

How It Works

Searchsploit indexes the local /usr/share/exploitdb/exploits and shellcodes directories. Searches perform case-insensitive AND matches across exploit titles and file paths by default, with fuzzy version range detection. Options enable exact title matches, path exclusion, case-sensitive searches, and strict version matching. Results display EDB-ID, description, and paths; non-search functions mirror or examine specific exploits by ID.

Installation

bash

sudo apt install exploitdb

Flags

-c, --casePerform a case-sensitive search (Default is inSEnsITiVe)

-e, --exactPerform an EXACT & order match on exploit title (Default is an AND match on each term) [Implies "-t"]

-s, --strictPerform a strict search, so input values must exist, disabling fuzzy search for version range

-t, --titleSearch JUST the exploit title (Default is title AND the file's path)

--exclude="term"Remove values from results. By using "|" to separate, you can chain multiple values

-j, --jsonShow result in JSON format

-p, --pathShow the full path to an exploit (and also copies the path to the clipboard if possible)

-w, --wwwShow URLs to Exploit-DB.com rather than the local path

-m, --mirrorMirror (aka copies) an exploit to the current working directory

-x, --examineExamine (aka opens) the exploit using $PAGER

-u, --updateCheck for and install any exploitdb package updates (brew, deb & git)

--nmapChecks all results in Nmap's XML output with service version

Examples

Search for remote oracle exploits for windows

searchsploit oracle windows remote

Search for AFD Windows local exploits

searchsploit afd windows local

Search titles only for oracle windows exploits

searchsploit -t oracle windows

Show the full path to exploit EDB-ID 39446

searchsploit -p 39446

Search linux kernel 3.2 excluding PoC or DOS exploits

searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"

Strict search for Apache Struts 2.0.0

searchsploit -s Apache Struts 2.0.0

Search for linux reverse password exploits

searchsploit linux reverse password

Show JSON results for EDB-ID 55555 and pipe to jq

searchsploit -j 55555 | jq

Updated 2026-04-16kali.org ↗