Skip to main content
Glama

MCP Vulnerability Checker Server

by firetix
OverviewInspectSchemaRelated ServersScoreDiscussions
Python
Remote
MIT License
9
exploit_availability.pyโ€ข11.8 kB
""" Exploit Availability Checker Tool This module provides functionality to check for the availability of public exploits for a given CVE across multiple databases and sources. """ import re from datetime import datetime from typing import List import httpx import mcp.types as types async def get_exploit_availability( cve_id: str, ) -> List[types.TextContent | types.ImageContent | types.EmbeddedResource]: """ Check for the availability of public exploits for a CVE. Searches multiple databases and sources including ExploitDB, Metasploit, and others. Args: cve_id: CVE identifier in format CVE-YYYY-NNNN Returns: List of content containing exploit availability information or error messages """ # Clean up CVE ID format cve_id = cve_id.upper().strip() if not cve_id.startswith("CVE-"): cve_id = f"CVE-{cve_id}" # Validate CVE ID format (CVE-YYYY-NNNN) if not re.match(r"^CVE-\d{4}-\d{4,}$", cve_id): return [ types.TextContent( type="text", text=f"Error: Invalid CVE ID format. Expected format: CVE-YYYY-NNNN (e.g., CVE-2021-44228). Got: {cve_id}", ) ] headers = { "User-Agent": "MCP Exploit Availability Checker v1.0", "Accept": "application/json", } exploit_sources = {} try: timeout = httpx.Timeout(15.0, connect=10.0) async with httpx.AsyncClient( follow_redirects=True, headers=headers, timeout=timeout ) as client: # Check 1: NIST NVD for CVE references that might indicate exploits nvd_url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId={cve_id}" try: nvd_response = await client.get(nvd_url) if nvd_response.status_code == 200: nvd_data = nvd_response.json() if nvd_data.get("totalResults", 0) > 0: cve_item = nvd_data["vulnerabilities"][0]["cve"] # Check references for exploit indicators exploit_indicators = [] references = cve_item.get("references", []) for ref in references: url = ref.get("url", "").lower() tags = [tag.lower() for tag in ref.get("tags", [])] # Look for exploit-related keywords if ( "exploit" in tags or "exploit" in url or "poc" in url or "proof" in url or "github.com" in url or "packetstorm" in url or "metasploit" in url or "rapid7" in url ): exploit_indicators.append( { "url": ref.get("url", ""), "source": ref.get("source", ""), "tags": ref.get("tags", []), } ) if exploit_indicators: exploit_sources["NVD_References"] = { "status": "POTENTIAL_EXPLOITS_FOUND", "count": len(exploit_indicators), "details": exploit_indicators[:5], # Limit to first 5 } else: exploit_sources["NVD_References"] = { "status": "NO_EXPLOIT_INDICATORS", "count": 0, "details": [], } except Exception as e: exploit_sources["NVD_References"] = { "status": "ERROR", "error": str(e), } # Check 2: Search CVE Mitre for additional exploit references try: mitre_url = f"https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword={cve_id}" # Note: This is a basic check since MITRE doesn't have a simple API mitre_response = await client.get(mitre_url) if mitre_response.status_code == 200: content = mitre_response.text.lower() exploit_keywords = [ "exploit", "proof of concept", "poc", "metasploit", "weaponized", ] found_keywords = [kw for kw in exploit_keywords if kw in content] if found_keywords: exploit_sources["MITRE_Page"] = { "status": "EXPLOIT_KEYWORDS_FOUND", "keywords": found_keywords, } else: exploit_sources["MITRE_Page"] = { "status": "NO_EXPLOIT_KEYWORDS", "keywords": [], } except Exception as e: exploit_sources["MITRE_Page"] = { "status": "ERROR", "error": str(e), } # Check 3: Search GitHub for potential PoCs (indirect check) try: # Note: This would require GitHub API for full search # For now, we'll provide guidance on manual checking exploit_sources["GitHub_Search"] = { "status": "MANUAL_CHECK_RECOMMENDED", "search_url": f"https://github.com/search?q={cve_id}+exploit&type=repositories", "search_url_poc": f"https://github.com/search?q={cve_id}+poc&type=repositories", } except Exception as e: exploit_sources["GitHub_Search"] = { "status": "ERROR", "error": str(e), } # Check 4: ExploitDB search guidance (since they don't have a public API) exploit_sources["ExploitDB"] = { "status": "MANUAL_CHECK_RECOMMENDED", "search_url": f"https://www.exploit-db.com/search?cve={cve_id}", "description": "Check ExploitDB manually for verified exploits", } # Check 5: Metasploit modules guidance exploit_sources["Metasploit"] = { "status": "MANUAL_CHECK_RECOMMENDED", "search_guidance": f"Search for '{cve_id}' in Metasploit Framework", "command": f"msfconsole -q -x 'search cve:{cve_id}; exit'", } except Exception as e: return [ types.TextContent( type="text", text=f"Error: Failed to check exploit availability: {str(e)}", ) ] # Analyze results and determine overall risk exploit_found = False potential_exploits = False for source, data in exploit_sources.items(): if isinstance(data, dict): status = data.get("status", "") if "FOUND" in status or "POTENTIAL" in status: if "POTENTIAL" in status: potential_exploits = True else: exploit_found = True # Format the response result = f"๐Ÿ›ก๏ธ **Exploit Availability Report: {cve_id}**\n\n" # Overall assessment if exploit_found: risk_level = "๐Ÿ”ด HIGH RISK" risk_desc = "Public exploits appear to be available" elif potential_exploits: risk_level = "๐ŸŸ  MEDIUM RISK" risk_desc = "Potential exploit indicators found" else: risk_level = "๐ŸŸข LOW RISK" risk_desc = "No obvious public exploits found" result += f"โš ๏ธ **Risk Assessment:** {risk_level}\n" result += f"๐Ÿ“ **Assessment:** {risk_desc}\n\n" result += "๐Ÿ” **Detailed Source Analysis:**\n\n" # NVD References Analysis nvd_data = exploit_sources.get("NVD_References", {}) if nvd_data.get("status") == "POTENTIAL_EXPLOITS_FOUND": result += f"**๐Ÿ“š NVD References:** โœ… Found {nvd_data.get('count', 0)} potential exploit references\n" for detail in nvd_data.get("details", [])[:3]: # Show first 3 result += f" โ€ข {detail.get('url', '')}\n" if detail.get("tags"): result += f" Tags: {', '.join(detail.get('tags', []))}\n" elif nvd_data.get("status") == "NO_EXPLOIT_INDICATORS": result += "**๐Ÿ“š NVD References:** โšช No exploit indicators in references\n" elif nvd_data.get("status") == "ERROR": result += f"**๐Ÿ“š NVD References:** โŒ Error checking ({nvd_data.get('error', 'Unknown')})\n" # MITRE Analysis mitre_data = exploit_sources.get("MITRE_Page", {}) if mitre_data.get("status") == "EXPLOIT_KEYWORDS_FOUND": result += f"**๐Ÿ›๏ธ MITRE Page:** โš ๏ธ Exploit-related keywords found: {', '.join(mitre_data.get('keywords', []))}\n" elif mitre_data.get("status") == "NO_EXPLOIT_KEYWORDS": result += "**๐Ÿ›๏ธ MITRE Page:** โšช No exploit keywords detected\n" result += "\n๐Ÿ”— **Manual Verification Recommended:**\n\n" # GitHub Search github_data = exploit_sources.get("GitHub_Search", {}) result += "**๐Ÿ™ GitHub Search:**\n" result += f" โ€ข Repository search: {github_data.get('search_url', '')}\n" result += f" โ€ข PoC search: {github_data.get('search_url_poc', '')}\n\n" # ExploitDB exploitdb_data = exploit_sources.get("ExploitDB", {}) result += "**๐Ÿ’ฅ ExploitDB:**\n" result += f" โ€ข Search URL: {exploitdb_data.get('search_url', '')}\n" result += f" โ€ข Description: {exploitdb_data.get('description', '')}\n\n" # Metasploit metasploit_data = exploit_sources.get("Metasploit", {}) result += "**๐ŸŽฏ Metasploit Framework:**\n" result += f" โ€ข Command: `{metasploit_data.get('command', '')}`\n" result += f" โ€ข Guidance: {metasploit_data.get('search_guidance', '')}\n\n" result += "๐Ÿ’ก **Additional Resources:**\n" result += f" โ€ข VulnCheck: https://vulncheck.com/search?q={cve_id}\n" result += f" โ€ข PacketStorm: https://packetstormsecurity.com/search/?q={cve_id}\n" result += " โ€ข SecLists: Check security mailing lists and advisories\n\n" result += "๐Ÿšจ **Security Recommendations:**\n" if risk_level.startswith("๐Ÿ”ด"): result += " โ€ข ๐Ÿšจ **URGENT:** Treat as actively exploited\n" result += " โ€ข ๐Ÿ›ก๏ธ Implement immediate mitigations\n" result += " โ€ข ๐Ÿ“Š Enhanced monitoring for attack attempts\n" result += " โ€ข โšก Emergency patching procedures\n" elif risk_level.startswith("๐ŸŸ "): result += " โ€ข โš ๏ธ **HIGH PRIORITY:** Assume exploitable\n" result += " โ€ข ๐Ÿ“‹ Accelerated patching timeline\n" result += " โ€ข ๐Ÿ‘€ Monitor for new exploit releases\n" result += " โ€ข ๐Ÿ”’ Additional security controls\n" else: result += " โ€ข ๐Ÿ“… **STANDARD:** Follow normal patching schedule\n" result += " โ€ข ๐Ÿ“Š Continue monitoring threat landscape\n" result += " โ€ข ๐Ÿ” Periodic re-evaluation recommended\n" result += ( f"\n๐Ÿ“Š **Report Generated:** {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}" ) return [types.TextContent(type="text", text=result)]

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/firetix/vulnerability-intelligence-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server