API Documentation

The EIP API gives you programmatic access to our full vulnerability and exploit database. Search CVEs, pull exploit metadata, download proof-of-concept code, and integrate real-time intelligence into your own tools and workflows. Free, public exploit intelligence — by design. Our rate limits are here to keep EIP stable, responsive, and fair for the whole community.

Base URL: https://exploit-intel.com/api/v1

All responses are JSON. No authentication required.

GET /api/v1/vulns

Search and list vulnerabilities with rich filtering.

Parameters

q string Full-text search (CVE IDs, keywords, products)

severity string Filter by severity: critical, high, medium, low

has_exploits bool Only CVEs with public exploit code

is_kev bool Only CISA Known Exploited Vulnerabilities

any_exploited bool Only CVEs exploited in the wild (CISA KEV + VulnCheck KEV + InTheWild.io)

ransomware bool Only CVEs with confirmed ransomware campaign use

has_nuclei bool Only CVEs with Nuclei scanner templates

vendor string Filter by vendor name (partial match)

product string Filter by product name (partial match)

ecosystem string Filter by ecosystem (e.g. pypi, npm, maven)

cwe string Filter by CWE ID (e.g. CWE-79 or just 79)

year int Filter by CVE year (e.g. 2024)

min_cvss float Minimum CVSS v3 score (0-10)

min_epss float Minimum EPSS score (0-1)

date_from string Start date (YYYY-MM-DD)

date_to string End date (YYYY-MM-DD)

sort string Sort order: newest, oldest, cvss_desc, epss_desc, relevance

page int Page number (default: 1)

per_page int Results per page (default: 20, max: 100)

Example

curl 'https://exploit-intel.com/api/v1/vulns?q=log4j&severity=critical&has_exploits=true'

GET /api/v1/vulns/{cve_id}

Get full vulnerability detail by CVE-ID or EIP-ID, including exploits, products, references, and Nuclei templates.

Parameters

cve_id path CVE-2024-3400 or EIP-2024-12345

Example

curl 'https://exploit-intel.com/api/v1/vulns/CVE-2021-44228'

GET /api/v1/exploits/{id}/files

List code files in an exploit archive. Used by the code viewer.

Parameters

id path Exploit ID (integer)

Example

curl 'https://exploit-intel.com/api/v1/exploits/77423/files'

GET /api/v1/exploits/{id}/code

Get source code content for a specific file in an exploit. Use /files to get valid file paths first.

Parameters

id path Exploit ID (integer)

file string File path from the /files endpoint (includes archive prefix for tarballs)

Example

curl 'https://exploit-intel.com/api/v1/exploits/77423/code?file=xwikisas--xwiki-pro-macros--049716df415a.patch'

GET /api/v1/exploits/{id}/download

Download exploit code as a password-protected ZIP (password: eip). Archive size varies by source and may be small.

Parameters

id path Exploit ID (integer)

Example

curl -o exploit.zip 'https://exploit-intel.com/api/v1/exploits/77423/download'

GET /api/v1/health

Health check endpoint. Returns service status.

Example

curl 'https://exploit-intel.com/api/v1/health'

GET /api/v1/stats

Platform statistics: total CVEs, exploits, KEV count, etc.

Example

curl 'https://exploit-intel.com/api/v1/stats'

GET /api/v1/stats/overview

Snapshot overview metrics from dashboard materialized view.

Example

curl 'https://exploit-intel.com/api/v1/stats/overview'

GET /api/v1/stats/trends

Time-series datasets for CVE growth, exploitation discovery, exploit supply, and time-to-exploit.

Example

curl 'https://exploit-intel.com/api/v1/stats/trends'

GET /api/v1/stats/leaderboards

Ranked vendor/CWE/source statistics for exploited vulnerabilities and exploit ecosystem coverage.

Example

curl 'https://exploit-intel.com/api/v1/stats/leaderboards'

GET /api/v1/stats/freshness

Per-source ingestion freshness (latest completed run timestamps).

Example

curl 'https://exploit-intel.com/api/v1/stats/freshness'

GET /api/v1/exploits

Search and browse exploits with rich filtering. Returns exploits with CVE context and AI analysis (attack type, complexity, reliability, MITRE techniques).

Parameters

source string Filter by source: github, metasploit, exploitdb, nomisec, writeup

language string Filter by language: python, ruby, go, c, etc.

llm_classification string Filter by AI classification: working_poc, trojan, suspicious, scanner, stub, writeup

attack_type string Filter by attack type: RCE, SQLi, XSS, DoS, LPE, auth_bypass, info_leak, deserialization

complexity string Filter by complexity: trivial, simple, moderate, complex

reliability string Filter by reliability: reliable, unreliable, untested

requires_auth bool Filter by whether exploit requires authentication

author string Filter by author name

min_stars int Minimum GitHub stars

has_code bool Only exploits with downloadable code

cve string Filter by CVE ID (e.g. CVE-2024-3400)

vendor string Filter by vendor name (e.g. mitel, fortinet)

product string Filter by product name (e.g. micollab, pan-os)

sort string Sort order: newest, stars_desc

page int Page number (default: 1)

per_page int Results per page (default: 10, max: 25)

Example

curl 'https://exploit-intel.com/api/v1/exploits?llm_classification=trojan'

GET /api/v1/authors

List exploit authors/researchers ranked by exploit count.

Parameters

page int Page number (default: 1)

per_page int Results per page (default: 25, max: 50)

Example

curl 'https://exploit-intel.com/api/v1/authors?per_page=10'

GET /api/v1/authors/{name}

Get an exploit author's profile with all their exploits, GitHub stars, and CVE context.

Parameters

name path Author name (e.g. Chocapikk, muts)

page int Page number (default: 1)

per_page int Results per page (default: 25, max: 50)

Example

curl 'https://exploit-intel.com/api/v1/authors/Chocapikk'

GET /api/v1/cwe

List CWE categories ranked by vulnerability count. Returns CWE IDs, names, short labels, and exploit likelihood.

Example

curl 'https://exploit-intel.com/api/v1/cwe'

GET /api/v1/cwe/{cwe_id}

Get CWE detail including full name, description, exploit likelihood, parent CWE hierarchy, and vulnerability count.

Parameters

cwe_id path CWE identifier (e.g. CWE-79 or just 79)

Example

curl 'https://exploit-intel.com/api/v1/cwe/CWE-79'

GET /api/v1/vendors

List software vendors ranked by vulnerability count. Returns top 200 vendors.

Example

curl 'https://exploit-intel.com/api/v1/vendors'

GET /api/v1/vendors/{vendor}/products

List products for a specific vendor with vulnerability counts. Useful for discovering exact CPE product names for filtering.

Parameters

vendor path Vendor name (e.g. microsoft, apache, fortinet)

Example

curl 'https://exploit-intel.com/api/v1/vendors/microsoft/products'

GET /api/v1/lookup

Resolve an alternate identifier (EDB-XXXXX, GHSA-XXXXX) to its CVE. Returns the matching CVE-ID with basic severity info.

Parameters

alt_id string Alternate ID (e.g. EDB-48537, GHSA-jfh8-c2jp-5v3q)

Example

curl 'https://exploit-intel.com/api/v1/lookup?alt_id=EDB-48537'

RSS Feeds

/feed/recent.rss Latest CVEs (30 items)

/feed/exploits.rss CVEs with public exploits

/feed/kev.rss CISA KEV additions

Rate Limits About