Exploit-DB Update

What’s New with Exploit Database?

New Features in the Exploit Database

Over the past 6 years, we have been maintaining and updating the Exploit Database on a daily basis, which now boasts over 35,000 exploits. While we constantly work on improving our back-end and entry quality. Over the years there haven’t really been any updates to the front-end, which has traditionally stayed ominously dark and foreboding. As you may have already seen this changed about two weeks ago, with the introduction of the new and improved Exploit Database website. This blog post will highlight a few of the new features and where the project is heading.

Web Front-End Updates

Since the database came online back in 2009, we had the same dark design and we thought it was clearly about time to create a new look. We have retired the black theme and brought in the clean white design you see now. At the same time, we have tried to make the URLs structure a little easier on the eyes too.

HTTPS Support

Before you even get to the new site, you may have noticed something a little different. The site now has HTTPS enabled, adding a layer of security, privacy, and integrity to the service.

Exploit Search & Ordering

Not only is searching for exploits quicker than before, your results should be more relevant to your criteria, making it easier to find the right exploit for the task at hand. You are also finally able to sort the results by date, architecture, etc. or filter out any unwanted results. Also, we are fully CVE compatible and have been matching up both CVE and Open Source Vulnerability Database (OSVDB) identifiers for our exploits for quite a while now.

Back-End & Caching

We have re-built all of our old servers and have brought additional ones online. On top of this, we improved the caching methods over all of our systems. These infrastructure changes gives a greater performance boost so the site is much more responsive than it was in the past.

Mobile UI Support

Over the years, we have noticed an increasing trend of mobile users visiting the site. The new Exploit Database front-end should accommodate everyones surfing habits, giving you the same experience whether you’re on a laptop, tablet, or phone.

Hidden Easter Eggs

We’ve added support for some handy vulnerability search shortcuts for any quick queries you may have. For example, quickly searching for all of the exploits with “wordpress” in their title, or an exploit for a certain CVE is as simple as:

  • Quick searching: https://www.exploit-db.com/search/>Exploit Title>
  • Quick CVEs: https://www.exploit-db.com/cve/>CVE Value>

GIT Repository

When Exploit-DB first started, we were hosting an SVN repository. Recently, we have transitioned this service over to GitHub. You can find our repositories at the following URLs:

Getting Updates

Keeping up-to-date with the latest exploits can be done various ways. The following sources are updated every hour:

You can now auto get an individual RSS feed for authors and platforms on their respective pages.

If you wish to get a daily updates, you can use either of the following links:

The  Future of the Exploit Database

Our work is far from done and we are actively developing features for it! Just a few things that are on our wish list are:

  • Tagging of exploits
  • Improved searching abilities
  • Interaction with authors when accepting new submissions
  • API interface (Exploit-DB partners only)
  • Package improvements
  • Statistics

We are really happy with this latest update, giving the Exploit Database a much needed upgrade – ushering it into 2015 and beyond!