Pocsuite – Vulnerability Testing Framework

Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many niche features for the ultimate penetration testers and security researchers.

Pocsuite – Vulnerability Testing Framewor

The tool will allow penetration tester or RedTeam to test different exploit against the target. Current features with the tool are:

  • PoC scripts can running with `attack`,`verify`, `shell` mode in different way
  • Plugin ecosystem
  • Dynamic loading PoC script from any where (local file, redis , database, Seebug …)
  • Load multi-target from any where (CIDR, local file, redis , database, Zoomeye …)
  • Results can be easily exported
  • Dynamic patch and hook requests
  • Both command line tool and python package import to use
  • IPV6 support
  • Global HTTP/HTTPS/SOCKS proxy support
  • Simple spider API for PoC script to use
  • Integrate with [Seebug](https://www.seebug.org) (for load PoC from Seebug website)
  • Integrate with [ZoomEye](https://www.zoomeye.org) (for load target from ZoomEye `Dork`)
  • Integrate with [Ceye](http://ceye.io/) (for verify blind DNS and HTTP request)

You can use Pocsuite to verify and exploit the vulnerability directly; you can also develop PoC/Exp based on Pocsuite because it is a PoC development framework; That’s all beside the possibility to integrate it directly in your vulnerability management tool.

You can read more and download this tool over here: https://github.com/knownsec/Pocsuite

Share