,--. ,--.
,---. ,---. ,---.,---.,--.,--`--,-' '-.,---.
| .-. | .-. | .--( .-'| || ,--'-. .-| .-. :
| '-' ' '-' \ `--.-' `' '' | | | | \ --.
| |-' `---' `---`----' `----'`--' `--' `----'
`--' https://pocsuite.org
Introduction
Pocsuite3 is an open-sourced remote vulnerability testing and PoC development framework developed by the Knownsec 404 Team. It serves as the cornerstone of the team.
You can use Pocsuite3 to verify and exploit vulnerabilities or write PoC/Exp based on it. You can also integrate Pocsuite3 in your vulnerability testing tool, which provides a standard calling class.
Features
- PoC scripts can running with `verify`, `attack`, `shell` mode in different way
- Plugin ecosystem
- Dynamic loading PoC script from any where (local file, redis, database, Seebug ...)
- Load multi-target from any where (CIDR, local file, redis, database, ZoomEye ...)
- Results can be easily exported
- Dynamic patch and hook requests
- Both command line tool and python package import to use
- IPV6 support
- Global HTTP/HTTPS/SOCKS proxy support
- Simple spider API for PoC script to use
- Integrate with [Seebug](https://www.seebug.org) (for load PoC from Seebug website)
- Integrate with [ZoomEye](https://www.zoomeye.org) (for load target from ZoomEye `Dork`)
- Integrate with [Shodan](https://www.shodan.io) (for load target from Shodan `Dork`)
- Integrate with [Fofa](https://fofa.info) (for load target from Fofa `Dork`)
- Integrate with [Quake](https://quake.360.cn)(for load target from Quake `Dork`)
- Integrate with [Hunter](https://hunter.qianxin.com) (for load target from Hunter `Dork`)
- Integrate with [Censys](https://censys.io) (for load target from Censys `Dork`)
- Integrate with [Ceye](http://ceye.io/) (for verify blind DNS and HTTP request)
- Integrate with [Interactsh](https://github.com/projectdiscovery/interactsh) (for verify blind DNS and HTTP request)
- More ...
Functions
Vulnerability Testing Framework
Written in Python3 and supported both validation and exploitation two plugin-invoked modes, Pocsuite3 could import batch targets from files and test those targets against multiple exploit-plugins in advance.(See "Pocsuite3 usage")
PoC/Exp Development Kit
Like Metasploit, it is a development kit for pentesters to develope their own exploits. Based on Pocsuite3, you can write the most core code of PoC/Exp without caring about the resulting output etc. There are at least several hundred people writing PoC/Exp based on Pocsuite3 up to date.
Integratable Module
Users could utilize some auxiliary modules packaged in Pocsuite3 to extend their exploit functions or integrate Pocsuite3 to develop other vulnerability assesment tools.
Integrated ZoomEye And Seebug APIs
Pocsuite3 is also an extremely useful tool to integrate Seebug and ZoomEye APIs in a collaborative way. Vulnerablity assessment can be done automatically and effectively by searching targets through ZoomEye and acquiring PoC scripts from Seebug or locally.
Installation
Pocsuite3 works out of the box with Python version 3.6+ on any platform. you can install Pocsuite3 in one of the following ways:
Python pip
$ pip3 install pocsuite3
$ pocsuite --version
MacOS
$ brew update
$ brew info pocsuite3
$ brew install pocsuite3
Debian, Ubuntu, Kali
$ sudo apt update
$ sudo apt install pocsuite3
Docker
$ docker run -it pocsuite3/pocsuite3
ArchLinux
$ yay pocsuite3
You can use git to clone the latest source code repository and install from source.
$ https://github.com/knownsec/pocsuite3.git
$ cd pocsuite3
$ pip3 install -r requirements.txt
$ python3 setup.py install
Usage
- How to use Pocsuite3 test vulnerability
- How to develop PoC/Exp based on Pocsuite3
- How to integrate Pocsuite3 in applications