pocsuite3 https://github.com/knownsec/pocsuite3
Usage of pocsuite3 for attacking targets without prior mutual consent is illegal. pocsuite3 is for security testing purposes only
未经事先双方同意,使用 pocsuite3 攻击目标是非法的。 pocsuite3 仅用于安全测试目的
pocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many nice features for the ultimate penetration testers and security researchers.
- PoC scripts can running with
verify,attack,shellmode in different way - Plugin ecosystem
- Dynamic loading PoC script from any where (local file, redis, database, Seebug ...)
- Load multi-target from any where (CIDR, local file, redis, database, Zoomeye, Shodan ...)
- Results can be easily exported
- Dynamic patch and hook requests
- Both command line tool and python package import to use
- IPV6 support
- Global HTTP/HTTPS/SOCKS proxy support
- Simple spider API for PoC script to use
- Integrate with Seebug (for load PoC from Seebug website)
- Integrate with ZoomEye (for load target from ZoomEye
Dork) - Integrate with Shodan (for load target from Shodan
Dork) - Integrate with Ceye (for verify blind DNS and HTTP request)
- Integrate with Interactsh (for verify blind DNS and HTTP request)
- Integrate with Fofa (for load target from Fofa
Dork) - Friendly debug PoC scripts with IDEs
- More ...
- Python 3.6+
- Works on Linux, Windows, Mac OSX, BSD, etc.
Paste at a terminal prompt:
pip3 install pocsuite3
# use other pypi mirror
pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple pocsuite3brew update
brew info pocsuite3
brew install pocsuite3sudo apt update
sudo apt install pocsuite3yay pocsuite3Or click here to download the latest source zip package and extract
$ wget https://github.com/knownsec/pocsuite3/archive/master.zip
$ unzip master.zip
$ cd pocsuite3-master
$ pip3 install -r requirements.txt
$ python3 setup.py installThe latest version of this software is available at: https://pocsuite.org
Documentation is available in the docs directory.
cli mode
# basic usage, use -v to set the log level
pocsuite -u http://example.com -r example.py -v 2
# run poc with shell mode
pocsuite -u http://example.com -r example.py -v 2 --shell
# search for the target of redis service from ZoomEye and perform batch detection of vulnerabilities. The thread is set to 20
pocsuite -r redis.py --dork service:redis --threads 20
# load all poc in the poc directory and save the result as html
pocsuite -u http://example.com --plugins poc_from_pocs,html_report
# load the target from the file, and use the poc under the poc directory to scan
pocsuite -f batch.txt --plugins poc_from_pocs,html_report
# load CIDR target
pocsuite -u 10.0.0.0/24 -r example.py --plugins target_from_cidr
# the custom parameters `command` is implemented in ecshop poc, which can be set from command line options
pocsuite -u http://example.com -r ecshop_rce.py --attack --command "whoami"
console mode
poc-console
更新
- 重构 --ppt 参数,优化 url 马赛克功能
- 优化 poc 模板
- 优化命令行默认提示信息
- 调整默认超时为 10 秒
- 调整默认线程数为 150
- 目标 url 目前支持 CIDR,用户可使用 -p 指定端口
- 支持本地模式,该模式化下 poc 不需要指定目标,比如本地提权漏洞
- 修复部分 bugs
更新
- 支持 poc 模板生成(--new)
- 支持自定义 interactsh 服务器设置
- 修改 ZoomEye/Seebug/CEYE 认证方式为 APIKEY
- poc 基类添加 check 方法,支持蜜罐识别和 http/https 协议自动纠正- 重构 --update 参数,优化框架更新流程
- 支持对框架版本进行检测,提高 poc 兼容性
更新
- 增加奇安信网络空间搜索引擎数据支持
- 在 POCBase 类中新增 self.rhost & self.rport 字段
更新
- 提供hook版的requests库,poc中可以自行加载
- 重构shell模式,添加键盘中断句柄
- 修复部分bug
修复
- 修复 urllib3 解析 URI 的问题
- 禁用了 URL 编码