Metadata-Version: 2.1
Name: ExploitDBSighting
Version: 0.2.0
Summary: A client that retrieves vulnerability observations from Exploit-DB and pushes them to a Vulnerability-Lookup instance.
Home-page: https://github.com/cedricbonhomme/ExploitDBSighting
License: GPL-3.0-or-later
Keywords: vulnerability,cve,sighting,observations,Exploit-DB,PyVulnerabilityLookup
Author: Cédric Bonhomme
Author-email: cedric.bonhomme@circl.lu
Requires-Python: >=3.10,<4.0
Classifier: Development Status :: 5 - Production/Stable
Classifier: Environment :: Console
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Science/Research
Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Requires-Dist: argparse (>=1.4.0,<2.0.0)
Requires-Dist: pyvulnerabilitylookup (>=2.1.0,<3.0.0)
Requires-Dist: requests (>=2.32.3,<3.0.0)
Project-URL: Repository, https://github.com/cedricbonhomme/ExploitDBSighting
Description-Content-Type: text/markdown

# ExploitDBSighting

A client that retrieves vulnerability observations from
[Exploit-DB](https://www.exploit-db.com/) and pushes them to a
[Vulnerability-Lookup](https://github.com/cve-search/vulnerability-lookup) instance.

Exploit-DB.com is a comprehensive and publicly accessible database of security
vulnerabilities and exploits, maintained by Offensive Security. It serves as a
crucial resource for penetration testers, researchers, and ethical hackers by
offering detailed information and proof-of-concept code.

Within the Vulnerability-Lookup project, data from Exploit-DB are leveraged as sightings,
specifically categorized as "exploited" in alignment with the MISP taxonomy of sightings.

More information about the sightings:

- [Corresponding MISP taxonomy](https://github.com/MISP/misp-taxonomies/blob/fd2fbaf2a450e42a490551e5a8e2fa6df039a6b8/vulnerability/machinetag.json#L26-L63)
- [Vulnerability-Lookup documentation](https://vulnerability-lookup.readthedocs.io/en/latest/sightings.html#sightings)

## Installation


[pipx](https://github.com/pypa/pipx) is an easy way to install and run Python applications in isolated environments.
It's easy to [install](https://github.com/pypa/pipx?tab=readme-ov-file#on-linux).


```bash
$ pipx install ExploitDBSighting
$ export ExploitDBSighting_CONFIG=~/conf.py
```

The configuration should be defined in a Python file (e.g., ``~/.conf.py``).
You must then set an environment variable (``ExploitDBSighting_CONFIG``) with the full path to this file.


## Usage

### Publishing sightings to Vulnerability-Lookup

```bash
$ ExploitDBSighting
CVE-2017-14084
https://www.exploit-db.com/exploits/42891
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

CVE-2017-14085
https://www.exploit-db.com/exploits/42893
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…

CVE-2017-14086
https://www.exploit-db.com/exploits/42892
2017-09-28 00:00:00+00:00
Pushing sighting to Vulnerability-Lookup…
```


## License

[ExploitDBSighting](https://github.com/cedricbonhomme/ExploitDBSighting) is licensed under
[GNU General Public License version 3](https://www.gnu.org/licenses/gpl-3.0.html)

~~~
Copyright (c) 2024-2025 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2024-2025 Cédric Bonhomme - https://github.com/cedricbonhomme
~~~

