Exploit-DB (exploit-db.com) is a public archive of exploits and vulnerable software — searchable by CVE, software, type. searchsploit is the command-line interface.
searchsploit [software name] searches the offline exploit database. Common workflow: Nmap version scan → searchsploit [identified service version] → find matching exploits. Always verify exploits match exact version — wrong version = service crash risk. Verify PoC code before executing (may contain malicious code itself).