Packages and Binaries:
sploitscan
Search for CVE information
SploitScan is an efficient and easy-to-use command-line tool designed to
consult CVE (Common Vulnerabilities and Exposures).
Extremely important for professionals, as it allows them to implement
measures that prevent the exploitation of discovered vulnerabilities.
Tool is capable of exporting in a single run results for JSON and CSV formats, from the main databases of entities and organizations linked to cybersecurity: - MITER Corporation. non-profit organization that provides technical solutions to critical security issue - EPSS (Exploit Prediction Scoring System) is a system that aims to predict the probability of a specific vulnerability, helping organizations prioritize their mitigation activities. - Gather PoCs (Proof of Concepts) Collecting PoCs is a common activity among vulnerability researchers and security professionals, who reproduce the severity of vulnerabilities in a controlled environment, aiming to take preventive measures. - CISA Infrastructure Security Agency - responsible for keeping Known Exploited Vulnerabilities Catalog (KEV) updated. - Capable of interacting with the Patch Priority System, responsible for evaluating and assigning a patch priority rating based on several factors, including the availability of public exploits.
Installed size: 269 KB
How to install: sudo apt install sploitscan
Dependencies:
- python3
- python3-git
- python3-jinja2
- python3-openai
- python3-requests
- python3-tabulate
- python3-tqdm
sploitscan
A tool to fetch and display vulnerability information and public exploits for given CVE IDs.
root@kali:~# sploitscan -h
███████╗██████╗ ██╗ ██████╗ ██╗████████╗███████╗ ██████╗ █████╗ ███╗ ██╗
██╔════╝██╔══██╗██║ ██╔═══██╗██║╚══██╔══╝██╔════╝██╔════╝██╔══██╗████╗ ██║
███████╗██████╔╝██║ ██║ ██║██║ ██║ ███████╗██║ ███████║██╔██╗ ██║
╚════██║██╔═══╝ ██║ ██║ ██║██║ ██║ ╚════██║██║ ██╔══██║██║╚██╗██║
███████║██║ ███████╗╚██████╔╝██║ ██║ ███████║╚██████╗██║ ██║██║ ╚████║
╚══════╝╚═╝ ╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚══════╝ ╚═════╝╚═╝ ╚═╝╚═╝ ╚═══╝
v0.14.3 / Alexander Hagenah / @xaitax / [email protected]
usage: sploitscan [-h] [-e {json,csv,html}]
[-t {nessus,nexpose,openvas,docker}]
[--ai {openai,google,grok,deepseek}]
[-k KEYWORDS [KEYWORDS ...]] [-local] [-f] [-m METHODS]
[-i IMPORT_FILE] [--input-dir INPUT_DIR] [-c CONFIG] [-d]
[cve_ids ...]
SploitScan: Retrieve and display vulnerability and exploit data for specified
CVE ID(s).
positional arguments:
cve_ids Enter one or more CVE IDs (e.g., CVE-YYYY-NNNNN). This
is optional if an import file is provided via -i.
options:
-h, --help show this help message and exit
-e, --export {json,csv,html}
Export the results in the specified format ('json',
'csv', or 'html').
-t, --type {nessus,nexpose,openvas,docker}
Specify the type of the import file ('nessus',
'nexpose', 'openvas', or 'docker').
--ai {openai,google,grok,deepseek}
Select the AI provider for risk assessment (e.g.,
'openai', 'google', 'grok', or 'deepseek').
-k, --keywords KEYWORDS [KEYWORDS ...]
Search for CVEs related to specific keywords (e.g.,
product name).
-local, --local-database
Download the cvelistV5 repository into the local
directory. Use the local database over online research
if available.
-f, --fast-mode Enable fast mode: only display basic CVE information
without fetching additional exploits or data.
-m, --methods METHODS
Specify which methods to run, separated by commas
(e.g., 'cisa,epss,hackerone,ai,prio,references').
-i, --import-file IMPORT_FILE
Path to an import file. When provided, positional CVE
IDs can be omitted. The file should be a plain text
list with one CVE per line.
--input-dir INPUT_DIR
Path to a directory containing vulnerability reports
to scan for CVE IDs.
-c, --config CONFIG Path to a custom configuration file.
-d, --debug Enable debug output.
Updated on: 2026-May-25