Share
## https://sploitus.com/exploit?id=854A9C36-B006-573C-8FEA-A71F469D2BB2
# Exploit-Tool

Single-console pentest platform built on authorization, scope, and audit. Correlates best-of-breed scanners; AI handles triage and reports.

## What It Is

A modular platform that gives pentesters single-console coverage across web, API, network, cloud, code/supply-chain, mobile, binary, and AI/LLM attack surfaces. Built on top of best-of-breed open-source scanners, with correlation, exploitability scoring, AI-assisted triage, and report automation as the differentiating layer.

## What It Is Not

- Not an unauthorized scanning tool. Every scan requires an active engagement with signed Rules of Engagement (RoE) and explicit scope.
- Not a C2 framework, not a malware distribution channel, not an evasion-tooling kit.
- Not continuous monitoring (see `siemless` for SOC tooling).

## Status

**Phase 2 โ€” in flight.** Phase 0 scaffolding complete; Phase 1 MVP (engagement, scope-gated scanning, web/API/SAST/SCA/secrets, baseline reporting) merged. Phase 2 work in progress: false-positive learning, SAST reachability scoring, DOCX evidence appendix, network/TLS recon (`dnsrecon`, `sslyze`).

- Architecture: [`docs/architecture.md`](docs/architecture.md)
- Surface coverage roadmap: [`docs/roadmap.md`](docs/roadmap.md)
- Project rules and tech stack: [`CLAUDE.md`](CLAUDE.md)

## Hard Rules

1. No scan runs without an Engagement + signed RoE.
2. Scope enforcement is a hard gate, not a warning.
3. All scanner invocations are audit-logged (legal cover).
4. Exploit code runs only in sandboxed workers.
5. Default to safe/dry-run; destructive checks require explicit per-engagement opt-in.

See [`CLAUDE.md`](CLAUDE.md) ยง2 for full safety rules.

## Repo Layout

```
src/
โ”œโ”€โ”€ core/         engagement, scope, audit (cross-cutting)
โ”œโ”€โ”€ recon/        asset discovery, fingerprinting
โ”œโ”€โ”€ scanners/     wrappers around Nuclei, Semgrep, ZAP, Trivy, ...
โ”œโ”€โ”€ correlation/  dedup, scoring, exploitability
โ”œโ”€โ”€ exploit/      PoC engine, sandboxed executor
โ”œโ”€โ”€ evidence/     artifact storage, chain of custody
โ”œโ”€โ”€ reporting/    PDF/DOCX generation
โ”œโ”€โ”€ api/          FastAPI routers
โ””โ”€โ”€ shared/       DB, queue, logging, config
```

## Tech Stack

Python 3.12 / FastAPI / PostgreSQL 16 / Redis + Arq / MinIO / React+TS+Zod / Keycloak / Docker (dev) + Helm (prod on-prem).

## License

MIT โ€” see [`LICENSE`](LICENSE).

Use only on systems you are explicitly authorized to test. The hard rules above are not optional.