searchsploit

searchsploit is a command-line tool for searching Exploit-DB for public exploits and shellcode. It is useful for quickly finding exploits for known vulnerabilities during penetration testing.

Basic Usage

Copy exploit to local directory:
```
searchsploit -m <EDB-ID>
```

Example Searches

searchsploit afd windows local
searchsploit -t oracle windows
searchsploit -p 39446
searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
searchsploit -s Apache Struts 2.0.0
searchsploit linux reverse password
searchsploit -j 55555 | json_pp

For more examples, see the searchsploit manual.

Common Options

Search Terms

-c, --case : Case-sensitive search
-e, --exact : Exact and order match on exploit title
-s, --strict : Strict search (input values must exist, disables fuzzy version search)
-t, --title : Search only the exploit title
--exclude="term" : Exclude values from results (chain with |)

Output

-j, --json : Show results in JSON format
-o, --overflow : Allow exploit titles to overflow columns
-p, --path : Show full path to an exploit
-v, --verbose : More information in output
-w, --www : Show URLs to Exploit-DB.com
--id : Display EDB-ID value
--colour : Disable colour highlighting

Non-Searching

-m, --mirror : Copy exploit to current directory
-x, --examine : Open exploit using $PAGER
-h, --help : Show help
-u, --update : Update exploitdb package

Automation

--nmap <file.xml> : Check all results in Nmap's XML output with service version

Notes

You can use any number of search terms
By default, search is case-insensitive and order is irrelevant
Use -c, -e, or -s for more precise filtering
Use -t to filter by title only
When using --nmap, adding -v will search for more combinations

Basic Usage​

Example Searches​

Common Options​

Search Terms​

Output​

Non-Searching​

Automation​

Notes​