npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@iflow-mcp/exploitdb-mcp-server

v0.1.0

Published

A Model Context Protocol server for Exploit-DB integration

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

chatflowdevchatflowdevqystartqystart

Keywords

exploitdbcybersecuritymcpmodel-context-protocolclaudesecurityvulnerabilityexploitscve

Readme

ExploitDB MCP Server

A Model Context Protocol server that provides access to ExploitDB functionality, developed by Cyreslab.ai. This server enables AI assistants like Claude to query information about security exploits and vulnerabilities, enhancing cybersecurity research and threat intelligence capabilities.

GitHub Repository: https://github.com/Cyreslab-AI/exploitdb-mcp-server Contact: [email protected]

Features

  • Exploit Search: Search for exploits by keywords, CVE IDs, platforms, and more
  • Exploit Details: Get comprehensive information about specific exploits, including code
  • CVE Lookup: Find all exploits related to specific CVE IDs
  • Recent Exploits: Track newly added exploits
  • Statistics: Get insights into exploit distribution by platform, type, and year
  • Automatic Updates: Keep the database up-to-date with scheduled updates

Installation

Prerequisites

  • Node.js (v16 or higher)
  • npm (v7 or higher)

Installation Steps

  1. Clone the repository:

    git clone https://github.com/Cyreslab-AI/exploitdb-mcp-server.git
cd exploitdb-mcp-server

  2. Install dependencies:

    npm install

  3. Build the project:

    npm run build

  4. Configure the server:

    • Create a .env file in the root directory based on .env.example
    • Adjust settings as needed (data directory, update frequency, etc.)

  5. Initialize the database:

    npm run update-db

    Note: The initial database update may take several minutes as it processes ~47,000 exploits from the ExploitDB CSV file. The script handles missing or malformed data gracefully by using fallback values for required fields.

  6. Run the server:

    node build/index.js

MCP Configuration

To use this server with Claude or other MCP-compatible assistants, add it to your MCP configuration:

{
  "mcpServers": {
    "mcp-exploitdb-server": {
      "command": "node",
      "args": ["/path/to/exploitdb-mcp-server/build/index.js"]
    }
  }
}

Available Tools

The ExploitDB MCP server provides 18 comprehensive tools for querying and analyzing exploit data:

Core Search Tools

  1. search_exploits - General search with multiple filters
  2. get_exploit - Get detailed information about a specific exploit
  3. find_by_cve - Find exploits by CVE ID
  4. get_recent_exploits - Get recently added exploits
  5. get_statistics - Get database statistics

Advanced Search Tools

  1. search_by_platform - Search exploits for a specific platform with filters
  2. search_by_type - Search by exploit type (webapps, remote, local, dos, hardware)
  3. search_by_author - Find all exploits by a specific author
  4. search_by_date_range - Find exploits within a date range
  5. search_by_tags - Search by generated tags (sql injection, xss, etc.)

Analysis & Intelligence Tools

  1. get_platform_statistics - Get detailed statistics for a specific platform
  2. get_trending_exploits - Find recently added exploits (configurable time period)
  3. compare_exploits - Compare multiple exploits side-by-side
  4. get_exploit_timeline - Get chronological timeline of exploits

Utility Tools

  1. batch_get_exploits - Retrieve multiple exploits efficiently (up to 50)
  2. get_related_exploits - Find related exploits by platform, author, CVE, or tags
  3. validate_exploit_id - Check if an exploit ID exists
  4. export_search_results - Export search results in JSON or CSV format

Usage Examples

Search Exploits

Use the search_exploits tool to search for exploits in the database:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>search_exploits</tool_name>
<arguments>
{
  "query": "wordpress plugin",
  "platform": "php",
  "limit": 5
}
</arguments>
</use_mcp_tool>

Additional search parameters:

  • type: Filter by exploit type (e.g., webapps, remote, local)
  • cve: Filter by CVE ID
  • author: Filter by author name
  • start_date/end_date: Filter by date range (YYYY-MM-DD)
  • verified: Filter by verified status (true/false)
  • offset: For pagination

Get Exploit Details

Use the get_exploit tool to retrieve detailed information about a specific exploit:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_exploit</tool_name>
<arguments>
{
  "id": 12345,
  "include_code": true
}
</arguments>
</use_mcp_tool>

Find Exploits by CVE

Use the find_by_cve tool to find all exploits related to a specific CVE:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>find_by_cve</tool_name>
<arguments>
{
  "cve": "CVE-2021-44228",
  "limit": 10
}
</arguments>
</use_mcp_tool>

Get Recent Exploits

Use the get_recent_exploits tool to retrieve recently added exploits:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_recent_exploits</tool_name>
<arguments>
{
  "limit": 10
}
</arguments>
</use_mcp_tool>

Get Statistics

Use the get_statistics tool to get insights about the exploits in the database:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_statistics</tool_name>
<arguments>
{}
</arguments>
</use_mcp_tool>

Search by Platform

Search exploits for a specific platform with advanced filters:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>search_by_platform</tool_name>
<arguments>
{
  "platform": "php",
  "type": "webapps",
  "verified": true,
  "limit": 10
}
</arguments>
</use_mcp_tool>

Search by Author

Find all exploits by a specific author:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>search_by_author</tool_name>
<arguments>
{
  "author": "Offensive Security",
  "limit": 10
}
</arguments>
</use_mcp_tool>

Search by Date Range

Find exploits within a specific date range:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>search_by_date_range</tool_name>
<arguments>
{
  "start_date": "2024-01-01",
  "end_date": "2024-12-31",
  "platform": "windows",
  "limit": 20
}
</arguments>
</use_mcp_tool>

Search by Tags

Search exploits by generated tags:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>search_by_tags</tool_name>
<arguments>
{
  "tags": ["sql injection", "rce"],
  "match_all": false,
  "limit": 10
}
</arguments>
</use_mcp_tool>

Get Trending Exploits

Find recently added exploits:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_trending_exploits</tool_name>
<arguments>
{
  "days": 30,
  "limit": 10
}
</arguments>
</use_mcp_tool>

Compare Exploits

Compare multiple exploits side-by-side:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>compare_exploits</tool_name>
<arguments>
{
  "ids": [12345, 12346, 12347]
}
</arguments>
</use_mcp_tool>

Get Related Exploits

Find exploits related to a specific exploit:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_related_exploits</tool_name>
<arguments>
{
  "id": 12345,
  "relation_type": "platform",
  "limit": 10
}
</arguments>
</use_mcp_tool>

Batch Get Exploits

Retrieve multiple exploits efficiently:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>batch_get_exploits</tool_name>
<arguments>
{
  "ids": [12345, 12346, 12347, 12348],
  "include_code": false
}
</arguments>
</use_mcp_tool>

Export Search Results

Export search results in CSV or JSON format:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>export_search_results</tool_name>
<arguments>
{
  "query": "wordpress",
  "format": "csv",
  "platform": "php",
  "limit": 100
}
</arguments>
</use_mcp_tool>

Configuration Options

The server can be configured using environment variables or a .env file:

| Variable | Description | Default | | ------------------ | --------------------------------------------- | ----------------------------------------------------------------------------- | | CLONE_REPOSITORY | Whether to clone the ExploitDB repository | false | | REPOSITORY_URL | URL of the ExploitDB repository | https://gitlab.com/exploit-database/exploitdb.git | | CSV_URL | URL of the ExploitDB CSV file | https://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv | | DATA_DIR | Directory to store data | ./data | | DB_PATH | Path to the SQLite database | ./data/exploitdb.sqlite | | UPDATE_INTERVAL | Update frequency in hours (0 to disable) | 24 | | MAX_RESULTS | Maximum number of results to return per query | 10 |

Data Sources

This server uses data from the Exploit Database, maintained by Offensive Security. The data is either downloaded directly from the CSV file or cloned from the ExploitDB GitLab repository.

Data Processing

The server automatically handles various data quality issues:

  • Date handling: Uses date_published from the CSV, with fallbacks to date_added, date_updated, or a default date if all are missing
  • Missing fields: Provides sensible defaults for required fields (author, type, platform) when data is incomplete
  • CVE extraction: Automatically extracts CVE identifiers from exploit descriptions
  • Tag generation: Generates relevant tags based on exploit descriptions for improved searchability

The database typically contains:

  • 46,000+ exploits spanning from 1988 to present
  • 33,000+ verified exploits
  • Coverage across 60+ platforms (PHP, Windows, Linux, etc.)
  • 27,000+ web application exploits
  • Comprehensive metadata including authors, dates, platforms, and CVE references

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgements

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Have feature suggestions or found a bug? Please open an issue on our GitHub repository or contact us directly at [email protected].