Skip to content

A client-server application for CVE analysis and exploit detection with bilingual support, detailed reports, and a modern web interface.

License

Notifications You must be signed in to change notification settings

cansolele/exploit-seek

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

51 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

Exploit Seek Logo

πŸ” Exploit Seek

A client-server application for comprehensive CVE analysis, exploit detection and vulnerability assessment. The system provides a modern web interface with powerful features to aggregate data from multiple trusted sources, helping security professionals evaluate risks, detect available exploits and determine patching priorities through detailed analysis and reporting capabilities.

Installation Guide β€’ Features β€’ Examples β€’ Roadmap

Dashboard Screenshot

πŸ“‹ Table of Contents

Click to expand

🎯 Overview

Exploit Seek is a comprehensive client-server application designed to analyze CVE vulnerabilities and detect available exploits. The system features an intuitive web interface with bilingual support, customizable themes, and real-time analysis tracking. It collects and processes data from multiple trusted sources, including exploit databases, security research repositories, and vulnerability intelligence platforms, helping security professionals assess exploitation risks, identify public exploits, and generate detailed analytical reports.

✨ Features

Web Interface Features

  • Dark/Light theme support for comfortable work at any time
  • Bilingual interface (English/Russian)
  • Real-time analysis progress tracking
  • File history with quick access to previous reports
  • User-friendly settings management:
    • Server configuration
    • API keys management
    • Language selection
    • Theme preferences
  • Secure authentication system

CVE Analysis & Exploit Detection

  • Comprehensive vulnerability assessment using CVSS scoring system
  • Exploitation probability evaluation through EPSS
  • Public exploit detection from multiple sources:
    • ExploitDB repository scanning
    • GitHub security research monitoring
    • VulnCheck intelligence integration
  • Integration with CISA Known Exploited Vulnerabilities (KEV) catalog
  • Nuclei template matching for vulnerability verification
  • Advanced patching priority assessment (A+ to D rating) based on:
    • CVSS base scores
    • EPSS probability
    • Public exploit availability
    • Presence in CISA KEV catalog

Input Processing

  • Multiple vulnerability scanner format support:
    • REDCheck reports
    • Nmap Vulners output
    • Custom XML formats
  • Direct CVE list input
  • PDF report analysis
  • Plain text file processing

Report Generation

  • Detailed Excel reports with:
    • Summary statistics
    • Color-coded priority indicators
    • Data filtering capabilities
    • Multiple sheets for exploits and references
  • HTML report generation with interactive elements
  • Bilingual report support (English/Russian)

πŸ“Š Examples

View sample reports and outputs in our examples directory:

Excel Report Example Excel Report Example

Download sample Excel report: Exploit Seek Report.xlsx

HTML Report Example HTML Report Example

View sample HTML report: Exploit Seek Report.html

Application Screenshot Application Settings

πŸš€ Installation

πŸ‹ Docker Installation (Recommended)

# Clone repository
git clone https://github.com/cansolele/exploit-seek.git
cd exploit-seek

# Build and start containers
docker-compose build --no-cache
docker-compose up -d

# The server will be available at http://0.0.0.0:5000
# The client will be available at http://0.0.0.0:8080

πŸ”§ Manual Installation

Server Setup
  1. Install system dependencies:
sudo apt update
sudo apt install -y python3 python3-pip python3-venv libxml-xpath-perl pdfgrep
  1. Create and activate virtual environment:
python3 -m venv venv
source venv/bin/activate
  1. Install Python dependencies:
cd server
pip install -r requirements.txt
  1. Run the server:
# Development mode
python server.py

# Production mode with Gunicorn
gunicorn --worker-class geventwebsocket.gunicorn.workers.GeventWebSocketWorker \
         --workers 1 --bind 0.0.0.0:5000 server:app
Client Setup
  1. Navigate to the client directory:
cd exploit-seek/client
  1. Install client dependencies:
npm install
  1. Build the client application:
npm run build
  1. Serve the client application:
  • Using Python's HTTP server:
python3 -m http.server 8080 --directory dist
  • Or using Node.js serve package:
npx serve -s dist

πŸ“ Project Structure

exploit-seek/
β”œβ”€ client/                    # Frontend application
β”‚  β”œβ”€ Dockerfile
β”‚  β”œβ”€ src/
β”‚  β”‚  β”œβ”€ components/         # React components
β”‚  β”‚  β”‚  β”œβ”€ Auth/           # Authentication components
β”‚  β”‚  β”‚  β”œβ”€ ExploitsTable/  # Main analysis interface
β”‚  β”‚  β”‚  β”œβ”€ Footer/         # Footer components
β”‚  β”‚  β”‚  └─ Header/         # Header and settings
β”‚  β”‚  β”œβ”€ hooks/             # Custom React hooks
β”‚  β”‚  └─ App.jsx            # Main application component
β”‚  └─ vite.config.js        # Vite configuration
β”œβ”€ server/                   # Backend application
β”‚  β”œβ”€ Dockerfile
β”‚  β”œβ”€ auth.py               # Authentication handling
β”‚  β”œβ”€ constants.py          # Configuration constants
β”‚  β”œβ”€ cve_parsers.py       # CVE extraction logic
β”‚  β”œβ”€ data_loaders.py      # External API integrations
β”‚  β”œβ”€ excel_generator.py   # Excel report generation
β”‚  β”œβ”€ html_generator.py    # HTML report generation
β”‚  β”œβ”€ exploitdb_data.py   # ExploitDB integration
β”‚  β”œβ”€ logger_config.py     # Logging configuration
β”‚  β”œβ”€ models.py            # Database models
β”‚  β”œβ”€ routes.py            # API routes
β”‚  └─ server.py            # Server initialization
β”œβ”€ docs/                     # Screenshots and examples
β”‚  └─ images/
β”‚     β”œβ”€ dashboard.png
β”‚     └─ logo.png
└─ docker-compose.yml        # Docker compose configuration

βš™οΈ Configuration

API Keys

The application requires API keys for full functionality:

Configure these in the application settings after installation.

πŸ“± Usage

  1. Initial Setup
    • Configure server address
    • Set up API keys (NVD, VulnCheck)
    • Choose interface language (English/Russian)
    • Select theme mode (Dark/Light)
    • Configure other interface preferences
  2. Data Input
    • Choose input method (manual/file upload)
    • Select vulnerability scanner type
    • Upload or enter CVE data
  3. Analysis Configuration
    • Select data sources
    • Configure output settings
    • Choose sorting options
  4. Report Generation
    • Select report format (HTML/Excel)
    • Configure report details
    • Download and view results

πŸ” Analysis Results

Reports include:

  • Detailed CVE information with CVSS scores
  • Exploitation probability assessments
  • Available public exploits from multiple sources
  • Patching priority recommendations
  • References and additional resources

Excel reports feature:

  • Color-coded priority indicators
  • Custom data filtering
  • Multiple data sheets
  • Summary statistics

HTML reports provide:

  • Interactive elements
  • Comprehensive data presentation
  • Easy navigation
  • Export capabilities

🌐 Resources Used

πŸ› οΈ Built With

Frontend

  • React + Vite
  • Material-UI
  • Socket.IO Client
  • Recharts

Backend

  • Flask
  • SQLAlchemy
  • Flask-SocketIO
  • OpenPyXL
  • Jinja2

Infrastructure

  • Docker
  • Docker Compose
  • Gunicorn
  • Gevent

πŸ—ΊοΈ Roadmap

Upcoming features and improvements:

Intelligence Enhancement

  • 🧠 Neural analysis integration with Ollama
  • πŸ€– AI-powered vulnerability assessment
  • πŸ“ˆ Advanced risk prediction models

Scanner Integration

  • πŸ” Additional vulnerability scanner support
  • πŸ”„ Automated scan result import

Report Improvements

  • πŸ“Š Enhanced interactive HTML reports
  • 🎨 Customizable report templates
  • πŸ“ˆ Advanced data visualization options

Analysis Capabilities

  • πŸ” Deep learning-based exploit detection
  • 🎯 Enhanced risk scoring algorithms
  • πŸ”„ Real-time threat intelligence integration

πŸ“§ Contact

For questions, bug reports, and suggestions, please contact: shvs@cbi-info.ru