Offensive Security released an update to Exploit Database (EDB), its archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers worldwide.
Offensive Security’s Exploit Database is the collection of exploits on the Internet. Exploits are gathered through direct submissions, mailing lists and other public sources – and are presented in a CVE-compliant database. EDB is a repository for exploits and proof-of-concepts, rather than advisories, making it a valuable resource for those who need actionable data right away.
The update to EDB includes a redesign to improve the speed and accuracy of searches. This includes an all-new user interface, making it easier for testers and researchers to access the data they want, when they want it. For example, in the new version of EDB, it only takes two clicks to search and filter for remote exploits targeting the Windows platform. Prior to the redesign, this took at least five clicks to accomplish.
Some key elements of the update include:
- Instant searching of displayed results,
- A new dashboard interface that helps users see and do more with the database,
- Dynamic filters that enable switching between types, platforms, authors, ports and tags,
- Clearly defined sections for exploits, papers, shellcode and the Google Hacking Database (GHDB), with a common look and feel throughout,
- Ability to limit results to those that have been verified and those for which Offensive Security has hosted a copy of the vulnerable application.
“Exploit Database was created with the needs of the community in mind – and we’ve been honored to continue that tradition for almost a decade,” said Mati Aharoni, Founder, Offensive Security. “The recent investment in Offensive Security by Spectrum Equity has afforded us the opportunity to re-invest in the community and provide these new capabilities and features that users have been asking for.”
With more than 40,000 exploits at a user’s fingertips, dating from 1988 to the present, the EDB includes remote exploits, web applications, local & privilege escalations, PoC & Denial of Service, a shellcode archive, a vast amount of archived security papers and the GHDB, making it a tool for penetration testers and security researchers that need to access exploit data to aid them in their work.