The "Exploit Search CLI Tool" is a quickly accessible tool for performing queries against ExploitSearch.net and viewing Exploit-DB RSS feeds. This CLI tool makes good use of three modules located on NPM, the 'exploitsearch' by jesusprubio, 'parserss' by ghostbar and 'colors' by marak.

Exploit Search was developed from an Intel Edion tiny computer often used for wearable devices. The tool is designed for penetration testers and developers that may need to quickly perform a query for vulnerabilities and exploits of a particular service, application or plugin without needing to access a web browser. Many Development Environments like Aptana Studio, C9.io and Koding.com now include a shell container that comes in handy for quickly running CLI tools. This CLI tool was specifically designed for use in such type IDEs or when working from shells and screen terminals such as an Intel Edison.

Features include performing a query for "example" content and returning "xNUM" of results. You may also query the exploit-db rss feeds. See the Usage section of the README @ bitbucket.org/BlackSuitIT/esd for more information.

The E.S. code will be extended to perform queries against other databases such as 1337day.com, exploit-db.com and possibly perform threat analysis streaming of RSS/Twitter feeds after the challenge is complete. This is just the beginning. Code CRUNCH! #20lines!

Though it is a CLI tool with module requirements here is a link to the codepin.io for code examination: http://codepen.io/anon/pen/KweNyX

Code Pasted Below >>>


var a=process.argv.slice(2);var c=require('colors');var i=0;ret=a[1];
var rss = require('parserss');if(a[0]===undefined){console.log(
"Usage: node esd.js <search> <#res>\nUsage: node esd.js rss <#res>");
process.exit();}if(a[0] == 'rss'){rss('http://www.exploit-db.com/rss.xml', 5,
function (e, r){console.log('\nQuerying Exploitd-DB RSS'.yellow);
var x=0;for(var ar in r.articles){if(x != ret) {
console.log("\n----------------------------------\n".red+"Title: ".green+
r.articles[x].title+"\n"+"Date: ".green+r.articles[x].date+"\n"+
"Link: ".green+r.articles[x].link+
"\n----------------------------------".red);x++;}}
});} else {console.log('\nQuerying ExploitSearch Database'.yellow);
var ExploitSearch=require('exploitsearch'),options={timeout:10000,exploits:true
},client;client=new ExploitSearch(options);client.search(a[0],function (e, d)
{if(e){console.log('ERROR: client.search:'+e);} else {var z=0;for(var o in d)
{z++};console.log(c.red("Results: "+z));for(o in d){if(i != ret) {
console.log("\n----------------------------------\n".red+
"Title: ".green+d[o].info.title+"\n"+"Source: ".green+d[o].info.src
+"\n"+"Description: ".green+d[o].info.desc+"\n\n"+"CVE: ".green+
d[o].refs.CVE+"\n"+"Updated: ".green+d[o].dates.updated+
"\n----------------------------------".red);i++;}else {process.exit()}}}})}

Built With

Share this project:
×

Updates