pocsuite3 is a remote vulnerability testing framework.
It supports three modes: verify, attack and shell. You can specify a single target or import multiple targets from a file, and use a single PoC or a set of PoCs to verify or exploit vulnerabilities. It can be run in command line mode, and also supports Metasploit-like interactive mode. In addition, it also includes some basic functions such as output results reports.
pocsuite3 is also a PoC/Exp SDK, that is, a development kit. We encapsulate the basic PoC classes and some commonly used methods, such as Webshell related methods. To develop PoC/Exp based on Pocsuite3, you can just write the core code of the Vulnerability, without having to care about the overall result output and other processing. PoC/Exp written based on Pocsuite3 can be used directly by Pocsuite3, Seebug website also has thousands of PoC/Exp based on Pocsuite3.
In addition to being a security tool, pocsuite3 can also be integrated into the vulnerability testing module as a Python package. You can also develop your own applications based on Pocsuite3. You can perform secondary development based on Pocsuite3 and use Pocsuite3 to develop your own vulnerability verification tools.
This is free and open source software.
Key Features
- PoC scripts can run with verify, attack, shell mode in different ways.
- Plugin ecosystem.
- Dynamic loading PoC script from anywhere (local file, redis, database, Seebug …).
- Load multi-target from anywhere (CIDR, local file, redis, database, Zoomeye, Shodan …).
- Results can be easily exported.
- Dynamic patch and hook requests.
- Both command line tool and python package import to use.
- IPv6 support.
- Global HTTP/HTTPS/SOCKS proxy support.
- Simple spider API for PoC script to use.
- YAML PoC support, compatible with nuclei.
- Integrate with Seebug,
- Integrate with ZoomEye, Shodan, etc.
- Integrate with Ceye, Interactsh.
- Friendly debug PoC scripts with IDEs.
Website: pocsuite.org
Support: GitHub Code Repository
Developer: Knownsec 404 Team
License: GNU General Public License v2.0
pocsuite3 is written in Python. Learn Python with our recommended free books and free tutorials.
Related Software
| Vulnerability Analysis Tools | |
|---|---|
| sqlmap | Penetration testing tool |
| BeEF | The Browser Exploitation Framework |
| pocsuite3 | Remote vulnerability testing framework |
| AFL++ | Security-oriented fuzzer |
| Wapiti | "Black-box" vulnerability scanner |
| jSQL Injection | Automatic SQL database injection |
| sif | Pentesting (recon/exploitation) suite |
| XSSer | Detect, exploit and report XSS vulnerabilities |
| Kanha | Web-app pentesting suite |
| simple fuzzer | A fuzzer with two network modes of operation |
| Doona | Fork of the Bruteforce Exploit Detector Tool |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |