Exploit Sources
We track whether working exploit code exists in the wild.
Metasploit Framework
- What it is: The most widely-used penetration testing framework
- Why it matters: A Metasploit module means point-and-click exploitation is possible
- Link: github.com/rapid7/metasploit-framework
ExploitDB
- What it is: Archive of public exploits and vulnerable software
- Why it matters: Curated database with working proof-of-concept code
- Link: exploit-db.com
GitHub PoCs
- What it is: Proof-of-concept exploits published on GitHub
- Why it matters: Researchers often publish PoCs within days of disclosure
- Source: We use the nomi-sec/PoC-in-GitHub and Trickest CVE databases
CISA KEV (Known Exploited Vulnerabilities)
- What it is: US government catalog of vulnerabilities actively exploited in the wild
- Why it matters: If it's in KEV, attackers are using it right now
- Link: cisa.gov/known-exploited-vulnerabilities-catalog
Active Exploitation
CVEs in the CISA KEV catalog have confirmed real-world exploitation. These should be prioritized for immediate patching.