Share
## https://sploitus.com/exploit?id=D2F3C5FA-4526-5345-87E1-681F8B6B23FC
# ๐Ÿ”ฅ Vlang Pentest Framework



```
โ–ˆโ–ˆโ•—   โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ•—   โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—     
โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•โ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•‘โ•šโ•โ•โ–ˆโ–ˆโ•”โ•โ•โ•โ–ˆโ–ˆโ•”โ•โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•”โ•โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘     
โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—  โ–ˆโ–ˆโ•”โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘     
โ•šโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•”โ•โ•โ•โ• โ–ˆโ–ˆโ•”โ•โ•โ•  โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘     
 โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ• โ–ˆโ–ˆโ•‘     โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘ โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ•‘   โ–ˆโ–ˆโ•‘   โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—
  โ•šโ•โ•โ•โ•  โ•šโ•โ•     โ•šโ•โ•โ•โ•โ•โ•โ•โ•šโ•โ•  โ•šโ•โ•โ•โ•   โ•šโ•โ•    โ•šโ•โ•โ•โ•โ•โ•  โ•šโ•โ•โ•โ•โ•โ• โ•šโ•โ•โ•โ•โ•โ•โ•
```

**Lightning-Fast Offensive Security Framework Written in V**

[![V](https://img.shields.io/badge/V-0.4.12-blue.svg)](https://vlang.io/)
[![License](https://img.shields.io/badge/license-BSD3-green.svg)](LICENSE)
[![Payloads](https://img.shields.io/badge/payloads-700%2B-red.svg)](#)
[![Languages](https://img.shields.io/badge/languages-30%2B-orange.svg)](#)



## ๐Ÿ“‹ Features

- ๐Ÿ”ฅ **700+ Exploit Payloads** - SQLi, XSS, XXE, SSRF, SSTI, LFI/RFI, CMDi
- ๐Ÿš **30+ Reverse Shells** - All major languages (Bash, Python, PHP, Go, Rust, Java, C++)
- ๐ŸŒ **Web Shells** - PHP, ASP, JSP, ASPX variants
- ๐ŸŽญ **Advanced Obfuscation** - PowerShell, Bash, JavaScript, PHP, Python (4 levels)
- ๐Ÿ” **Encoding Suite** - Base64, Hex, URL, Unicode, Binary, and more
- ๐ŸŽจ **Metasploit-Style Interface** - Professional CLI with random banners
- ๐Ÿ“ฆ **YAML-Based** - Easy to customize and extend
- โšก **Blazing Fast** - Native compiled binary (328KB)

## ๐Ÿš€ Quick Start

### Installation

```bash
# Install V language
brew install vlang

# Clone repository
git clone https://github.com/ibrahmsql/Vlang-Pentest-Framework.git
cd Vlang-Pentest-Framework

# Build
v -o vpentest vpentools.v

# Run
./vpentest --help
```

## ๐Ÿ’ป Usage

### SQL Injection

```bash
# MySQL Authentication Bypass
./vpentools sqli --db mysql --technique auth_bypass

# PostgreSQL Time-Based Blind
./vpentools sqli --db postgresql --technique time_blind

# MongoDB NoSQL Injection
./vpentools sqli --db mongodb --technique auth_bypass_json

# MSSQL xp_cmdshell
./vpentools sqli --db mssql --technique execute
```

### Available Databases
- `mysql` - MySQL/MariaDB
- `postgresql` - PostgreSQL
- `mssql` - Microsoft SQL Server
- `oracle` - Oracle Database
- `sqlite` - SQLite
- `mongodb` - MongoDB (NoSQL)

### Available Techniques
- `auth_bypass` - Authentication bypass payloads
- `union` - Union-based SQL injection
- `error_based` - Error-based SQL injection
- `boolean_blind` - Boolean-based blind SQL injection
- `time_blind` - Time-based blind SQL injection
- `file_ops` - File read/write operations
- `stacked` - Stacked queries
- `rce` - Remote code execution
- `waf_bypass` - WAF bypass techniques

### List All Payloads

```bash
./vpentools list
```

## ๐Ÿ“ Project Structure

```
vpentools/
โ”œโ”€โ”€ vpentools.v                    # Main application
โ”œโ”€โ”€ v.mod                          # V module definition
โ”œโ”€โ”€ core/                          # Core modules
โ”‚   โ”œโ”€โ”€ cli.v                      # CLI argument parsing
โ”‚   โ”œโ”€โ”€ output.v                   # Output formatting
โ”‚   โ”œโ”€โ”€ validator.v                # Input validation
โ”‚   โ”œโ”€โ”€ config.v                   # Configuration
โ”‚   โ”œโ”€โ”€ interactive.v              # Interactive mode
โ”‚   โ”œโ”€โ”€ template.v                 # Template system
โ”‚   โ””โ”€โ”€ batch.v                    # Batch execution
โ”œโ”€โ”€ modules/                       # Payload modules
โ”‚   โ”œโ”€โ”€ payloads/
โ”‚   โ”‚   โ”œโ”€โ”€ sqli_payloads.yaml     # 700+ SQL injection payloads
โ”‚   โ”‚   โ”œโ”€โ”€ compiled/              # Compiled language payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ go/                # Go payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ rust/              # Rust payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ c/                 # C payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ cpp/               # C++ payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ java/              # Java payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ csharp/            # C# payloads
โ”‚   โ”‚   โ”‚   โ””โ”€โ”€ asm/               # Assembly payloads
โ”‚   โ”‚   โ”œโ”€โ”€ scripts/               # Script language payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ bash/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ python/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ php/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ perl/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ ruby/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ nodejs/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ powershell/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ lua/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ groovy/
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ kotlin/
โ”‚   โ”‚   โ”‚   โ””โ”€โ”€ scala/
โ”‚   โ”‚   โ”œโ”€โ”€ web/                   # Web payloads
โ”‚   โ”‚   โ”‚   โ””โ”€โ”€ javascript/
โ”‚   โ”‚   โ”œโ”€โ”€ shells/                # Shell payloads
โ”‚   โ”‚   โ”‚   โ”œโ”€โ”€ reverse/           # Reverse shells
โ”‚   โ”‚   โ”‚   โ””โ”€โ”€ bind/              # Bind shells
โ”‚   โ”‚   โ”œโ”€โ”€ webshells/             # Web shells
โ”‚   โ”‚   โ””โ”€โ”€ injection/             # Injection payloads
โ”‚   โ”œโ”€โ”€ encoders/                  # Encoding modules
โ”‚   โ”œโ”€โ”€ obfuscators/               # Obfuscation modules
โ”‚   โ”œโ”€โ”€ auxiliary/                 # Auxiliary modules
โ”‚   โ””โ”€โ”€ exploits/                  # Exploit modules
โ””โ”€โ”€ utils/                         # Utility functions
    โ”œโ”€โ”€ banner.v                   # Banner system
    โ”œโ”€โ”€ clipboard.v                # Clipboard operations
    โ”œโ”€โ”€ colors.v                   # Color definitions
    โ””โ”€โ”€ file.v                     # File operations
```

## ๐ŸŽฏ Payload Statistics

- **SQL Injection**: 700+ payloads
  - MySQL/MariaDB: 150+ payloads
  - PostgreSQL: 100+ payloads
  - MSSQL: 120+ payloads
  - Oracle: 80+ payloads
  - SQLite: 60+ payloads
  - MongoDB: 40+ payloads
  - WAF Bypass: 150+ payloads

- **Reverse Shells**: 30+ languages
- **Web Shells**: 8+ variants
- **Encoders**: 12+ types
- **Obfuscators**: 5+ languages (4 levels each)

## ๐Ÿ› ๏ธ Development

### Building from Source

```bash
# Development build
v run vpentools.v

# Production build
v -prod -o vpentools vpentools.v

# With optimizations
v -prod -cc gcc -cflags '-O3' -o vpentools vpentools.v
```

### Adding New Payloads

Edit `modules/payloads/sqli_payloads.yaml`:

```yaml
mysql:
  custom_technique:
    - "' OR 1=1--"
    - "' UNION SELECT NULL--"
```

## โš ๏ธ Legal Disclaimer

**FOR EDUCATIONAL AND AUTHORIZED TESTING ONLY**

This tool is designed for:
- Security professionals conducting authorized penetration tests
- Educational purposes in controlled environments
- Security research with proper authorization

**Unauthorized access to computer systems is illegal.**

The authors and contributors are not responsible for misuse or damage caused by this tool. Always obtain proper authorization before testing any system you do not own.

## ๐Ÿ“ License

BSD License - see [LICENSE](LICENSE) file for details


## ๐Ÿ™ Acknowledgments

- [V Language](https://vlang.io/) - Fast, safe, compiled language
- [PayloadBox](https://github.com/payloadbox/sql-injection-payload-list) - SQL injection payload list
- Metasploit Framework - Inspiration for the interface

## ๐Ÿ“Š Stats

![GitHub stars](https://img.shields.io/github/stars/ibrahmsql/vpentools?style=social)
![GitHub forks](https://img.shields.io/github/forks/ibrahmsql/vpentools?style=social)
![GitHub watchers](https://img.shields.io/github/watchers/ibrahmsql/vpentools?style=social)

---



**"Hack the planet!"** ๐ŸŒ

Made with โค๏ธ and V