The tool is basically a scraper, it scrapes some websites to find repositories, code or videos involving the exploitation of a CVE id. At the time of writing, it supports scraping for:
- GitHub, using their API
- CVEBase, reading from their repository
- ExploitDB, scraping the search page
- Youtube, scraping the results page
I implemented it using Crystal because "Why Not?"
$ pocbrowser --help
___ __ __ ___ ___ __ _ _ ___ ___ ___
( ,\ / \ / _) ( ,)( ,) / \ ( \/\/ )/ __)( _)( ,)
) _/( () )( (_ ) ,\ ) \ ( () ) \ / \__ \ ) _) ) \
(_) \__/ \__) (___/(_)\_) \__/ \/\/ (___/(___)(_)\_)
🔍 by 5amu (https://github.com/5amu)
Usage: pocbrowser [-h|-v|-f <file>|-m <mode>] [CVE1 CVE2 ...]
POSITIONAL ARGUMENTS
<CVE> [CVE1 CVE2 ...] Space separated list of CVEs
ALLOWED MODES
gh: github, cb: cvebase, yt: youtube, ed: exploitdb
OPTIONAL ARGUMENTS
-f F, --file=FILE Newline separated CVE list in file
-o O, --output=OUT Output file (json)
-m M, --mode=MODE Choose one or more modes to search for CVEs
-q, --quiet Don't produce output in stdout
-v, --version Show version
-h, --help Show help
Get it from the release page of this repo.