Pocsuite – Remote Vulnerability Testing Framework


Scanning systems is very important when you are evaluating the security on your internal assets. One of the tools that can be used during a security assessment is Pocsuite. Pocsuite is a Python based open source tool that is used for remote vulnerability assessment and exploitation.

The framework currently support 2 mode:

  1. Verify
  2. Attack

The tool allow to scan several systems simultaneously by listing targets in text file or you load your targets from directory. The verify mode will run vulnerability scanning with executing any exploit which usually preferred to not affecting the system or crashing applications.

The second mode which is attack is more intensive and will make the tool run exploits and break into the system which is usually used in penetration test to prove that the vulnerability is exploitable.


Pocsuite remote vulnerability testing framework

The exploit kit in this tool is very similar to metasploit where you can add new attack module and extend or integrate new exploits for new published vulnerabilities. Pocsuite also integrates with Seebug or ZoomEye API, this function allows to test batch API targeting criteria by ZoomEye.

You can download and read more about this tool over here: https://github.com/knownsec/