playbooks
Learn Cursor Rules Windsurf Rules MCPs Modes
AI Image Editor
Log in

ExploitDB MCP server

Provides direct access to ExploitDB functionality for cybersecurity research, enabling exploit searches by keywords, CVE IDs, or platforms with local database caching for threat intelligence and vulnerability analysis.
Back to servers
Provider
Cyreslab.ai
Release date
Mar 23, 2025
Language
TypeScript
Stats
7 stars
View on GitHub

The ExploitDB MCP Server provides AI assistants like Claude with access to security exploit and vulnerability information through the Model Context Protocol. This server enables searching and retrieving detailed information about security exploits, enhancing cybersecurity research capabilities.

Installation

Prerequisites

  • Node.js (v16 or higher)
  • npm (v7 or higher)

Installation Steps

  1. Clone the repository:

    git clone https://github.com/Cyreslab-AI/exploitdb-mcp-server.git
cd exploitdb-mcp-server

  2. Install dependencies:

    npm install

  3. Build the project:

    npm run build

  4. Configure the server:

    • Create a .env file in the root directory based on .env.example
    • Adjust settings as needed (data directory, update frequency, etc.)

  5. Initialize the database:

    npm run update-db

  6. Run the server:

    node build/index.js

MCP Configuration

To use this server with Claude or other MCP-compatible assistants, add it to your MCP configuration:

{
  "mcpServers": {
    "mcp-exploitdb-server": {
      "command": "node",
      "args": ["/path/to/exploitdb-mcp-server/build/index.js"]
    }
  }
}

Usage

Search Exploits

Use the search_exploits tool to search for exploits in the database:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>search_exploits</tool_name>
<arguments>
{
  "query": "wordpress plugin",
  "platform": "php",
  "limit": 5
}
</arguments>
</use_mcp_tool>

Additional search parameters:

  • type: Filter by exploit type (e.g., webapps, remote, local)
  • cve: Filter by CVE ID
  • author: Filter by author name
  • start_date/end_date: Filter by date range (YYYY-MM-DD)
  • verified: Filter by verified status (true/false)
  • offset: For pagination

Get Exploit Details

Use the get_exploit tool to retrieve detailed information about a specific exploit:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_exploit</tool_name>
<arguments>
{
  "id": 12345,
  "include_code": true
}
</arguments>
</use_mcp_tool>

Find Exploits by CVE

Use the find_by_cve tool to find all exploits related to a specific CVE:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>find_by_cve</tool_name>
<arguments>
{
  "cve": "CVE-2021-44228",
  "limit": 10
}
</arguments>
</use_mcp_tool>

Get Recent Exploits

Use the get_recent_exploits tool to retrieve recently added exploits:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_recent_exploits</tool_name>
<arguments>
{
  "limit": 10
}
</arguments>
</use_mcp_tool>

Get Statistics

Use the get_statistics tool to get insights about the exploits in the database:

<use_mcp_tool>
<server_name>mcp-exploitdb-server</server_name>
<tool_name>get_statistics</tool_name>
<arguments>
{}
</arguments>
</use_mcp_tool>

Configuration Options

The server can be configured using environment variables or a .env file:

Variable Description Default
CLONE_REPOSITORY Whether to clone the ExploitDB repository false
REPOSITORY_URL URL of the ExploitDB repository https://gitlab.com/exploit-database/exploitdb.git
CSV_URL URL of the ExploitDB CSV file https://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv
DATA_DIR Directory to store data ./data
DB_PATH Path to the SQLite database ./data/exploitdb.sqlite
UPDATE_INTERVAL Update frequency in hours (0 to disable) 24
MAX_RESULTS Maximum number of results to return per query 10

How to add this MCP server to Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > MCP and click "Add new global MCP server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "cursor-rules-mcp": {
            "command": "npx",
            "args": [
                "-y",
                "cursor-rules-mcp"
            ]
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explictly ask the agent to use the tool by mentioning the tool name and describing what the function does.

Want to 10x your AI skills?

Get a free account and learn to code + market your apps using AI (with or without vibes!).

Nah, maybe later