ExploitDB: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 16:25, 7 September 2024 edit William Avery (talk \| contribs) Autopatrolled, Extended confirmed users, Page movers, Pending changes reviewers, Rollbackers 502,422 edits MOS:LQ; MOS:HEAD ← Previous edit		Latest revision as of 11:32, 13 May 2025 edit undo Mindmatrix (talk \| contribs) Autopatrolled, Administrators 188,542 edits m Reverted edit by 118.99.84.43 (talk) to last version by Slowking Man Tag: Rollback
(2 intermediate revisions by 2 users not shown)
Line 1: {{Short description\|Security vulnerability database}} '''ExploitDB''', sometimes stylized as Exploit Database or Exploit-Database, is a public and open source [[vulnerability database]] maintained by [[Offensive Security]].<ref>{{Cite web \|title=OffSec's Exploit Database Archive \|url=https://www.exploit-db.com/ \|access-date=2024-05-21 \|website=www.exploit-db.com \|language=en \|archive-date=2016-07-29 \|archive-url=https://web.archive.org/web/20160729184316/https://www.exploit-db.com/ \|url-status=live }}</ref><ref>{{Cite book \|last=Clarke \|first=Glen E. \|url=https://books.google.com/books?id=ZV4FEAAAQBAJ \|title=CompTIA PenTest+ Certification For Dummies \|date=2020-10-26 \|publisher=John Wiley & Sons \|isbn=978-1-119-63357-0 \|language=en \|access-date=2024-06-09 \|archive-date=2024-05-21 \|archive-url=https://web.archive.org/web/20240521144353/https://books.google.com/books?id=ZV4FEAAAQBAJ \|url-status=live }}</ref> It is one of the largest and most popular exploit databases in existence.<ref>{{Cite book \|last1=Chapple \|first1=Mike \|url=https://books.google.com/books?id=G8t0DwAAQBAJ \|title=CompTIA PenTest+ Study Guide: Exam PT0-001 \|last2=Seidl \|first2=David \|date=2018-10-23 \|publisher=John Wiley & Sons \|isbn=978-1-119-50424-5 \|language=en}}</ref><ref>{{Cite book \|last1=Hughes \|first1=Chris \|url=https://books.google.com/books?id=H_H8EAAAQBAJ \|title=Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem \|last2=Robinson \|first2=Nikki \|date=2024-03-22 \|publisher=John Wiley & Sons \|isbn=978-1-394-22121-9 \|language=en}}</ref> While the database is publicly available via their website, the database can also be used by utilizing the searchsploit command-line tool which is native to [[Kali Linux]].<ref>{{Cite book \|last1=Schultz \|first1=Corey P. \|url=https://books.google.com/books?id=3JlGDwAAQBAJ \|title=Kali Linux Cookbook \|last2=Perciaccante \|first2=Bob \|date=2017-09-12 \|publisher=Packt Publishing Ltd \|isbn=978-1-78439-425-7 \|language=en \|access-date=2024-06-09 \|archive-date=2024-05-21 \|archive-url=https://web.archive.org/web/20240521144329/https://books.google.com/books?id=3JlGDwAAQBAJ \|url-status=live }}</ref>▼ {{Redirect\| Exploit Database\| exploit databases in general\| Vulnerability database}} ▲'''ExploitDB''', sometimes stylized as '''Exploit Database''' or '''Exploit-Database''', is a public and open source [[vulnerability database]] maintained by [[Offensive Security]].<ref>{{Cite web \|title=OffSec's Exploit Database Archive \|url=https://www.exploit-db.com/ \|access-date=2024-05-21 \|website=www.exploit-db.com \|language=en \|archive-date=2016-07-29 \|archive-url=https://web.archive.org/web/20160729184316/https://www.exploit-db.com/ \|url-status=live }}</ref><ref>{{Cite book \|last=Clarke \|first=Glen E. \|url=https://books.google.com/books?id=ZV4FEAAAQBAJ \|title=CompTIA PenTest+ Certification For Dummies \|date=2020-10-26 \|publisher=John Wiley & Sons \|isbn=978-1-119-63357-0 \|language=en \|access-date=2024-06-09 \|archive-date=2024-05-21 \|archive-url=https://web.archive.org/web/20240521144353/https://books.google.com/books?id=ZV4FEAAAQBAJ \|url-status=live }}</ref> It is one of the largest and most popular exploit databases in existence.<ref>{{Cite book \|last1=Chapple \|first1=Mike \|url=https://books.google.com/books?id=G8t0DwAAQBAJ \|title=CompTIA PenTest+ Study Guide: Exam PT0-001 \|last2=Seidl \|first2=David \|date=2018-10-23 \|publisher=John Wiley & Sons \|isbn=978-1-119-50424-5 \|language=en}}</ref><ref>{{Cite book \|last1=Hughes \|first1=Chris \|url=https://books.google.com/books?id=H_H8EAAAQBAJ \|title=Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem \|last2=Robinson \|first2=Nikki \|date=2024-03-22 \|publisher=John Wiley & Sons \|isbn=978-1-394-22121-9 \|language=en}}</ref> While the database is publicly available via their website, the database can also be used by utilizing the {{code\|searchsploit}} [[command-line tool]] which is native to [[Kali Linux]].<ref>{{Cite book \|last1=Schultz \|first1=Corey P. \|url=https://books.google.com/books?id=3JlGDwAAQBAJ \|title=Kali Linux Cookbook \|last2=Perciaccante \|first2=Bob \|date=2017-09-12 \|publisher=Packt Publishing Ltd \|isbn=978-1-78439-425-7 \|language=en \|access-date=2024-06-09 \|archive-date=2024-05-21 \|archive-url=https://web.archive.org/web/20240521144329/https://books.google.com/books?id=3JlGDwAAQBAJ \|url-status=live }}</ref> The database also contains [[proof-of-concepts]] (~~[[Proof of concept\|POC]]~~POCs), helping information security professionals learn new ~~exploits~~exploit variations. In ''Ethical Hacking and Penetration Testing Guide'', [[Rafay Baloch]] said Exploit-db had over 20,000 exploits, and was available in [[BackTrack Linux]] by default.<ref>{{Cite book\|last=Baloch\|first=Rafay\|url=https://books.google.com/books?id=fKfNBQAAQBAJ&q=exploitdb&pg=PA136\|title=Ethical Hacking and Penetration Testing Guide\|date=2017-09-29\|publisher=CRC Press\|isbn=978-1-4822-3162-5\|pages=135, 136, 137, 272, 431\|language=en\|access-date=2020-12-10\|archive-date=2024-05-21\|archive-url=https://web.archive.org/web/20240521145731/https://books.google.com/books?id=fKfNBQAAQBAJ&q=exploitdb&pg=PA136#v=snippet&q=exploitdb&f=false\|url-status=live}}</ref> In ''CEH v10 Certified Ethical Hacker Study Guide'', Ric Messier called exploit-db a "great resource", and stated it was available within Kali Linux by default, or could be added to other [[Linux distributions]].<ref>{{Cite book\|last=Messier\|first=Ric\|url=https://books.google.com/books?id=ATiZDwAAQBAJ&q=exploitdb&pg=PA243\|title=CEH v10 Certified Ethical Hacker Study Guide\|date=2019-06-25\|publisher=John Wiley & Sons\|isbn=978-1-119-53319-1\|pages=235, 236, 243, 536, 547\|language=en\|access-date=2024-06-09\|archive-date=2024-06-09\|archive-url=https://web.archive.org/web/20240609003649/https://books.google.com/books?id=ATiZDwAAQBAJ&q=exploitdb&pg=PA243#v=snippet&q=exploitdb&f=false\|url-status=live}}</ref> The current maintainers of the database, Offensive Security, are not responsible for creating the database. The database was started in 2004 by a hacker group known as [[milw0rm]]<ref>{{Cite web \|date=2004-05-08 \|title=milw0rm productions - work in progress \|url=http://www.milw0rm.com/ \|access-date=2024-05-21 \|archive-url=https://web.archive.org/web/20040508202920/http://www.milw0rm.com/ \|archive-date=2004-05-08 }}</ref> and has changed hands several times.<ref>{{Cite web \|title=Penetration Testing: Milw0rm / Str0ke Not Dead \|url=https://seclists.org/pen-test/2009/Nov/25 \|access-date=2024-05-21 \|website=seclists.org \|language=en \|archive-date=2024-06-09 \|archive-url=https://web.archive.org/web/20240609003650/https://seclists.org/pen-test/2009/Nov/25 \|url-status=live }}</ref> As of 2023, the database contained 45,000 entries from more than 9,000 unique authors.<ref>{{Cite web \|~~last=Koch~~ ~~\|first=Christian \|~~date=January 31, 2023 \|last=Koch \|first=Christian \|title=Which Programming Languages Do Hackers Use? \|url=https://towardsdatascience.com/which-programming-languages-do-hackers-use-ac3ed9d3e8f8 \|website=Towards Data Science}}</ref> == See also == Line 17 ⟶ 19: == External links == * ~~[https://www.exploit-db.com/~~ {{Official website]}} [[Category:Internet properties established in 2004]] [[Category:Pentesting software toolkits]] [[Category:Security vulnerability databases]]