Vulnerability Analysiscvevulnerabilityexploitsepsspoccisakev

SploitScan

SploitScan is a command-line tool to search for CVE information, fetch vulnerability data, and display public exploits for given CVE IDs. It supports exporting results to JSON, CSV, or HTML formats from major cybersecurity databases.

Description

SploitScan is an efficient and easy-to-use command-line tool designed to consult CVE (Common Vulnerabilities and Exposures). Extremely important for professionals, as it allows them to implement measures that prevent the exploitation of discovered vulnerabilities. The tool is capable of exporting in a single run results for JSON and CSV formats, from the main databases of entities and organizations linked to cybersecurity, including MITER Corporation, EPSS (Exploit Prediction Scoring System), CISA KEV catalog, and Patch Priority System.

It gathers PoCs (Proof of Concepts) which is a common activity among vulnerability researchers and security professionals to reproduce the severity of vulnerabilities in controlled environments for preventive measures. SploitScan supports importing vulnerability scan files from tools like Nessus, Nexpose, OpenVAS, or Docker, making it versatile for processing existing scan data.

Professionals use it to prioritize mitigation activities based on exploit predictions, public exploits availability, and patch priorities, enhancing cybersecurity workflows.

How It Works

SploitScan queries major CVE databases including MITER, EPSS for exploit probability predictions, CISA KEV catalog, and Patch Priority System. It fetches vulnerability details and public exploits or PoCs for specified CVE IDs (format CVE-YYYY-NNNNN). Supports importing files from Nessus, Nexpose, OpenVAS, or Docker scanners, processes the data, and exports results in JSON, CSV, or HTML formats using Python libraries like requests, tabulate, and Jinja2.

Installation

bash

sudo apt install sploitscan

Flags

-h, --helpshow this help message and exit

-e, --export {json,JSON,csv,CSV,html,HTML}Optional: Export the results to a JSON, CSV, or HTML file. Specify the format: 'json', 'csv', or 'html'.

-t, --type {nessus,nexpose,openvas,docker}Specify the type of the import file: 'nessus', 'nexpose', 'openvas' or 'docker'.

-i, --import-file IMPORT_FILEImport vulnerability file for processing.

-c CONFIGConfiguration file.

-dDebug mode.

Examples

Display the help message and usage information.

sploitscan -h

Fetch and display vulnerability data and public exploits for a single CVE ID.

sploitscan CVE-2023-1234

Retrieve data for multiple CVE IDs separated by spaces.

sploitscan CVE-2023-1234 CVE-2023-5678

Export results for a CVE to JSON format.

sploitscan -e json CVE-2023-1234

Export results for a CVE to CSV format.

sploitscan -e csv CVE-2023-1234

Export results for a CVE to HTML format.

sploitscan -e html CVE-2023-1234

Import and process a Nessus scan file.

sploitscan -t nessus -i scan.xml

Process an OpenVAS vulnerability report file.

sploitscan -t openvas -i report.xml

Updated 2026-04-16kali.org ↗