ExploitDB

ExploitDB, sometimes stylized as Exploit Database or Exploit-Database, is a public and open source vulnerability database maintained by Offensive Security.[1][2] It is one of the largest and most popular exploit databases in existence.[3][4] While the database is publicly available via their website, the database can also be used by utilizing the searchsploit command-line tool which is native to Kali Linux.[5]

The database also contains proof-of-concepts (POC), helping information security professionals learn new exploits variations. In Ethical Hacking and Penetration Testing Guide, Rafay Baloch said Exploit-db had over 20,000 exploits, and was available in BackTrack Linux by default.[6] In CEH v10 Certified Ethical Hacker Study Guide, Ric Messier called exploit-db a "great resource", and stated it was available within Kali Linux by default, or could be added to other Linux distributions.[7]

The current maintainers of the database, Offensive Security, are not responsible for creating the database. The database was started in 2004 by a hacker group known as milw0rm[8] and has changed hands several times.[9]

As of 2023, the database contained 45,000 entries from more than 9,000 unique authors.[10]

  1. ^ "OffSec's Exploit Database Archive". www.exploit-db.com. Archived from the original on 2016-07-29. Retrieved 2024-05-21.
  2. ^ Clarke, Glen E. (2020-10-26). CompTIA PenTest+ Certification For Dummies. John Wiley & Sons. ISBN 978-1-119-63357-0. Archived from the original on 2024-05-21. Retrieved 2024-06-09.
  3. ^ Chapple, Mike; Seidl, David (2018-10-23). CompTIA PenTest+ Study Guide: Exam PT0-001. John Wiley & Sons. ISBN 978-1-119-50424-5.
  4. ^ Hughes, Chris; Robinson, Nikki (2024-03-22). Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem. John Wiley & Sons. ISBN 978-1-394-22121-9.
  5. ^ Schultz, Corey P.; Perciaccante, Bob (2017-09-12). Kali Linux Cookbook. Packt Publishing Ltd. ISBN 978-1-78439-425-7. Archived from the original on 2024-05-21. Retrieved 2024-06-09.
  6. ^ Baloch, Rafay (2017-09-29). Ethical Hacking and Penetration Testing Guide. CRC Press. pp. 135, 136, 137, 272, 431. ISBN 978-1-4822-3162-5. Archived from the original on 2024-05-21. Retrieved 2020-12-10.
  7. ^ Messier, Ric (2019-06-25). CEH v10 Certified Ethical Hacker Study Guide. John Wiley & Sons. pp. 235, 236, 243, 536, 547. ISBN 978-1-119-53319-1. Archived from the original on 2024-06-09. Retrieved 2024-06-09.
  8. ^ "milw0rm productions - work in progress". 2004-05-08. Archived from the original on 2004-05-08. Retrieved 2024-05-21.
  9. ^ "Penetration Testing: Milw0rm / Str0ke Not Dead". seclists.org. Archived from the original on 2024-06-09. Retrieved 2024-05-21.
  10. ^ Koch, Christian (January 31, 2023). "Which Programming Languages Do Hackers Use?". Towards Data Science.