Pocsuite3

An Open-sourced Remote Vulnerability Testing Framework Developed By the Knownsec 404 Team

View project on GitHub
                              ,--. ,--.
 ,---. ,---. ,---.,---.,--.,--`--,-'  '-.,---.
| .-. | .-. | .--(  .-'|  ||  ,--'-.  .-| .-. :
| '-' ' '-' \ `--.-'  `'  ''  |  | |  | \   --.
|  |-' `---' `---`----' `----'`--' `--'  `----'
`--'                        https://pocsuite.org

Introduction

Pocsuite3 is an open-sourced remote vulnerability testing and PoC development framework developed by the Knownsec 404 Team. It serves as the cornerstone of the team.

You can use Pocsuite3 to verify and exploit vulnerabilities or write PoC/Exp based on it. You can also integrate Pocsuite3 in your vulnerability testing tool, which provides a standard calling class.

Features

  • PoC scripts can running with `verify`, `attack`, `shell` mode in different way
  • Plugin ecosystem
  • Dynamic loading PoC script from any where (local file, redis, database, Seebug ...)
  • Load multi-target from any where (CIDR, local file, redis, database, ZoomEye ...)
  • Results can be easily exported
  • Dynamic patch and hook requests
  • Both command line tool and python package import to use
  • IPV6 support
  • Global HTTP/HTTPS/SOCKS proxy support
  • Simple spider API for PoC script to use
  • Integrate with [Seebug](https://www.seebug.org) (for load PoC from Seebug website)
  • Integrate with [ZoomEye](https://www.zoomeye.org) (for load target from ZoomEye `Dork`)
  • Integrate with [Ceye](http://ceye.io/) (for verify blind DNS and HTTP request)
  • More ...

Functions

Vulnerability Testing Framework

Written in Python3 and supported both validation and exploitation two plugin-invoked modes, Pocsuite3 could import batch targets from files and test those targets against multiple exploit-plugins in advance.(See "Pocsuite3 usage"

PoC/Exp Development Kit

Like Metasploit, it is a development kit for pentesters to develope their own exploits. Based on Pocsuite3, you can write the most core code of PoC/Exp without caring about the resulting output etc. There are at least several hundred people writing PoC/Exp based on Pocsuite3 up to date.

Integratable Module

Users could utilize some auxiliary modules packaged in Pocsuite3 to extend their exploit functions or integrate Pocsuite3 to develop other vulnerability assesment tools.

Integrated ZoomEye And Seebug APIs

Pocsuite3 is also an extremely useful tool to integrate Seebug and ZoomEye APIs in a collaborative way. Vulnerablity assessment can be done automatically and effectively by searching targets through ZoomEye and acquiring PoC scripts from Seebug or locally.

Installation

Pocsuite3 works out of the box with Python version 3.6+ on any platform. you can install Pocsuite3 in one of the following ways:

Python pip

$ pip3 install pocsuite3
$ pocsuite --version

MacOS

$ brew update
$ brew info pocsuite3
$ brew install pocsuite3

Debian, Ubuntu, Kali

$ sudo apt update
$ sudo apt install pocsuite3

ArchLinux

$ yay pocsuite3

You can use git to clone the latest source code repository and install from source.

$ https://github.com/knownsec/pocsuite3.git
$ cd pocsuite3
$ pip3 install -r requirements.txt
$ python3 setup.py install

Usage

Demo