AutoSploit este un framework de exploatare automatizat conceput pentru descoperirea gazdelor la distanță și executarea modulelor de exploit la scară largă pentru a stabili reverse shell-uri. Acesta funcționează ca un instrument de recunoaștere a rețelei și un orchestrator de execuție de cod la distanță, gestionând desfășurarea modulelor de atac împotriva țintelor multiple.
The main features of nullarray/autosploit are: Automated Exploit Execution, Automated Exploitation Frameworks, Target Discovery, Search Engine, Traffic Masking Proxies, User Agent Rotation, Exploitation Workflow Managers, Exploit Orchestration Managers.
Open-source alternatives to nullarray/autosploit include: r0oth3x49/ghauri — Ghauri is an automated SQL injection scanner and exploitation tool designed to detect and extract data from vulnerable… owasp/nettacker — Nettacker is an automated penetration testing framework designed to orchestrate reconnaissance, port scanning, and… manisso/fsociety — fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits.… zhzyker/exphub — Exphub is a CVE exploit script library and enterprise software vulnerability suite designed to verify and exploit… mantvydasb/redteaming-tactics-and-techniques — This project is a red teaming knowledge base and offensive security playbook designed to simulate adversary behavior.… speedyapply/jobspy — JobSpy is a job board scraper and listing aggregator designed to extract employment opportunities from multiple…
Ghauri is an automated SQL injection scanner and exploitation tool designed to detect and extract data from vulnerable databases. It functions as a database exfiltration framework that identifies security flaws and retrieves system banners, hostnames, and database schemas. The tool identifies boolean, error, time-based, and stacked query vulnerabilities across multiple input vectors, including HTTP headers, cookies, JSON, SOAP, and XML. It provides capabilities for automated database exfiltration and the processing of bulk target lists to identify flaws across multiple environments. The syst
Nettacker is an automated penetration testing framework designed to orchestrate reconnaissance, port scanning, and vulnerability detection. It functions as a network reconnaissance tool and vulnerability scanner that identifies open ports, fingerprints services, and checks systems against databases of known security flaws. The framework distinguishes itself by combining a web application crawler for discovering hidden paths via fuzzing with a vulnerability management system that persists scan results in a database to track historical assessments. It also includes specialized capabilities for
fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits. It functions as a wrapper that integrates external security binaries into a unified, menu-driven interface, providing a centralized system for command-line parameter mapping and execution. The project distinguishes itself by organizing specialized utilities into domain-specific collections for structured navigation. It automates the transition between different phases of an audit by chaining reconnaissance and exploitation tools through sequential workflow automation. The fram
Exphub is a CVE exploit script library and enterprise software vulnerability suite designed to verify and exploit known security flaws in server environments such as WebLogic, Struts2, Tomcat, and JBoss. It functions as a remote code execution toolkit and a web shell deployment framework for triggering unauthorized command execution and establishing persistent access on remote systems. The project includes specialized utilities for internal network reconnaissance, specifically using server-side request forgery to scan for open ports and services. It further provides mechanisms for bypassing a