{"id":13538603,"url":"https://github.com/knownsec/pocsuite3","last_synced_at":"2025-06-19T00:08:43.375Z","repository":{"id":37431841,"uuid":"175766427","full_name":"knownsec/pocsuite3","owner":"knownsec","description":"pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.","archived":false,"fork":false,"pushed_at":"2025-02-28T08:18:52.000Z","size":23193,"stargazers_count":3703,"open_issues_count":13,"forks_count":782,"subscribers_count":98,"default_branch":"master","last_synced_at":"2025-04-02T05:43:45.441Z","etag":null,"topics":["pentesting","python","security","security-tools"],"latest_commit_sha":null,"homepage":"https://pocsuite.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/knownsec.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-03-15T07:01:04.000Z","updated_at":"2025-04-01T10:18:12.000Z","dependencies_parsed_at":"2023-12-13T15:24:29.612Z","dependency_job_id":"754e9fa7-87c0-402c-9146-7204cd10cfee","html_url":"https://github.com/knownsec/pocsuite3","commit_stats":null,"previous_names":[],"tags_count":76,"template":false,"template_full_name":null,"purl":"pkg:github/knownsec/pocsuite3","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knownsec%2Fpocsuite3","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knownsec%2Fpocsuite3/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knownsec%2Fpocsuite3/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knownsec%2Fpocsuite3/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/knownsec","download_url":"https://codeload.github.com/knownsec/pocsuite3/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knownsec%2Fpocsuite3/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260654687,"owners_count":23042679,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["pentesting","python","security","security-tools"],"created_at":"2024-08-01T09:01:13.980Z","updated_at":"2025-06-19T00:08:38.357Z","avatar_url":"https://github.com/knownsec.png","language":"Python","readme":"# pocsuite3\n\n[![Python 3.x](https://img.shields.io/badge/python-3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/knownsec/pocsuite3/master/COPYING) [![Twitter](https://img.shields.io/badge/twitter-@seebug-blue.svg)](https://twitter.com/seebug_team)\n\n## Legal Disclaimer\nUsage of pocsuite3 for attacking targets without prior mutual consent is illegal.\npocsuite3 is for security testing purposes only\n\n## 法律免责声明\n未经事先双方同意，使用 pocsuite3 攻击目标是非法的。\npocsuite3 仅用于安全测试目的\n\n## Overview\n\npocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the [**Knownsec 404 Team**](http://www.knownsec.com/). \nIt comes with a powerful proof-of-concept engine, many nice features for the ultimate penetration testers and security researchers.\n\n## Features\n* PoC scripts can running with `verify`, `attack`, `shell` mode in different way\n* Plugin ecosystem\n* Dynamic loading PoC script from anywhere (local file, redis, database, Seebug ...)\n* Load multi-target from anywhere (CIDR, local file, redis, database, Zoomeye, Shodan ...)\n* Results can be easily exported\n* Dynamic patch and hook requests \n* Both command line tool and python package import to use\n* IPv6 support\n* Global HTTP/HTTPS/SOCKS proxy support\n* Simple spider API for PoC script to use\n* YAML PoC support, compatible with [nuclei](https://github.com/projectdiscovery/nuclei)\n* Integrate with [Seebug](https://www.seebug.org) (for load PoC from Seebug website)\n* Integrate with [ZoomEye](https://www.zoomeye.org), [Shodan](https://www.shodan.io), etc.  (for load target use `Dork`)\n* Integrate with [Ceye](http://ceye.io/), [Interactsh](https://github.com/projectdiscovery/interactsh) (for verify blind DNS and HTTP request)\n* Friendly debug PoC scripts with IDEs\n* More ...\n\n## Screenshots\n\n### pocsuite3 console mode\n[![asciicast](https://asciinema.org/a/219356.png)](https://asciinema.org/a/219356)\n\n### pocsuite3 shell mode\n[![asciicast](https://asciinema.org/a/203101.png)](https://asciinema.org/a/203101)\n\n### pocsuite3 load PoC from Seebug \n[![asciicast](https://asciinema.org/a/207350.png)](https://asciinema.org/a/207350)\n\n### pocsuite3 load multi-target from ZoomEye\n[![asciicast](https://asciinema.org/a/133344.png)](https://asciinema.org/a/133344)\n\n### pocsuite3 load multi-target from Shodan\n[![asciicast](https://asciinema.org/a/207349.png)](https://asciinema.org/a/207349)\n\n### pocsuite3 load nuclei template\n![](./asset/img/yaml_poc_showcase.png)\n\n### build a docker vulnerability environment\n**require Docker**\n\nwrite dockerfile in poc\n```python\nclass DemoPOC(POCBase):\n    vulID = ''  # ssvid\n    version = '1.0'\n    author = ['']\n    vulDate = '2029-5-8'\n    createDate = '2019-5-8'\n    updateDate = '2019-5-8'\n    references = ['']\n    name = 'Struts2 045 RCE CVE-2017'\n    appPowerLink = ''\n    appName = 'struts2'\n    appVersion = ''\n    vulType = ''\n    desc = '''S2-045:影响版本Struts 2.3.20-2.3.28(除了2.3.20.3和2.3.24.3)'''\n    samples = []\n    category = POC_CATEGORY.EXPLOITS.WEBAPP\n    dockerfile = '''FROM isxiangyang/struts2-all-vul-pocsuite:latest'''\n```\n#### only run vulnerable environments\n```python\npocsuite -r pocs/Apache_Struts2/20170129_WEB_Apache_Struts2_045_RCE_CVE-2017-5638.py  --docker-start  --docker-port 127.0.0.1:8080:8080 --docker-env A=test --docker-port 8899:7890\n\n,------.                        ,--. ,--.       ,----.   {2.0.6-cc19ae5}\n|  .--. ',---. ,---.,---.,--.,--`--,-'  '-.,---.'.-.  |\n|  '--' | .-. | .--(  .-'|  ||  ,--'-.  .-| .-. : .' \u003c\n|  | --'' '-' \\ `--.-'  `'  ''  |  | |  | \\   --/'-'  |\n`--'     `---' `---`----' `----'`--' `--'  `----`----'   https://pocsuite.org\n[*] starting at 15:34:12\n\n[15:34:12] [INFO] loading PoC script 'pocs/Apache_Struts2/20170129_WEB_Apache_Struts2_045_RCE_CVE-2017-5638.py'\n[15:34:12] [INFO] Image struts2_045_rce_cve-2017:pocsuite exists\n[15:34:12] [INFO] Run container fa5b3b7bb2ea successful!\n[15:34:12] [INFO] pocsusite got a total of 0 tasks\n[15:34:12] [INFO] Scan completed,ready to print\n```\n\n#### run vulnerable environments and run poc \n```python\n pocsuite -r pocs/Apache_Struts2/20170129_WEB_Apache_Struts2_045_RCE_CVE-2017-5638.py -u http://127.0.0.1:8080/S2-032-showcase/fileupload/doUpload.action --docker-start  --docker-port 127.0.0.1:8080:8080 \n\n,------.                        ,--. ,--.       ,----.   {2.0.6-cc19ae5}\n|  .--. ',---. ,---.,---.,--.,--`--,-'  '-.,---.'.-.  |\n|  '--' | .-. | .--(  .-'|  ||  ,--'-.  .-| .-. : .' \u003c\n|  | --'' '-' \\ `--.-'  `'  ''  |  | |  | \\   --/'-'  |\n`--'     `---' `---`----' `----'`--' `--'  `----`----'   https://pocsuite.org\n[*] starting at 15:38:46\n\n[15:38:46] [INFO] loading PoC script 'pocs/Apache_Struts2/20170129_WEB_Apache_Struts2_045_RCE_CVE-2017-5638.py'\n[15:38:46] [INFO] Image struts2_045_rce_cve-2017:pocsuite exists\n[15:38:47] [INFO] Run container 1a6eae1e8953 successful!\n[15:38:47] [INFO] pocsusite got a total of 1 tasks\n[15:38:47] [INFO] running poc:'Struts2 045 RCE CVE-2017' target 'http://127.0.0.1:8080/S2-032-showcase/fileupload/doUpload.action'\n[15:39:17] [+] URL : http://127.0.0.1:8080/S2-032-showcase/fileupload/doUpload.action\n[15:39:17] [+] Headers : {'Server': 'Apache-Coyote/1.1', 'nyvkx': '788544', 'Set-Cookie': 'JSESSIONID=0A9892431B32A541B51D4721FA0D2728; Path=/S2-032-showcase/; HttpOnly', 'Content-Type': 'text/html;charset=ISO-8859-1', 'Transfer-Encoding': 'chunked', 'Date': 'Mon, 25 Dec 2023 07:39:17 GMT'}\n[15:39:17] [INFO] Scan completed,ready to print\n\n+------------------------------------------------------------------+--------------------------+--------+-----------+---------+---------+\n| target-url                                                       |         poc-name         | poc-id | component | version |  status |\n+------------------------------------------------------------------+--------------------------+--------+-----------+---------+---------+\n| http://127.0.0.1:8080/S2-032-showcase/fileupload/doUpload.action | Struts2 045 RCE CVE-2017 |        |  struts2  |         | success |\n+------------------------------------------------------------------+--------------------------+--------+-----------+---------+---------+\nsuccess : 1 / 1\n```\n\n\n#### Introduction to vulnerability environment construction\n```shell\nDocker Environment:\n  Docker Environment options\n\n  --docker-start        Run the docker for PoC\n  --docker-port DOCKER_PORT\n                        Publish a container's port(s) to the host\n  --docker-volume DOCKER_VOLUME\n                        Bind mount a volume\n  --docker-env DOCKER_ENV\n                        Set environment variables\n  --docker-only         Only run docker environment\n\n```\n - `--docker-start` Start environment parameters. If specified, docker images will be obtained from poc.\n - `--docker-port`  publish a container's port(s) to the host, like: `--docker-port [host port]:[container port]`,you can specify multiple\n - `--docker-volume` bind mount a volume,like `--docker-volume /host/path/:/container/path`,you can specify multiple\n - `--docker-env`  set environment variables `--docker-env VARIBLES=value`,you can specify multiple\n - `--docker-only` only start the docker environment\n\nThe usage is roughly the same as docker’s command line parameters.\n\n## Requirements\n\n- Python 3.8+\n- Works on Linux, Windows, Mac OSX, BSD, etc.\n\n## Installation\n\nPaste at a terminal prompt:\n\n### Python pip\n\n``` bash\npip3 install pocsuite3\n\n# use other pypi mirror\npip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple pocsuite3\n```\n\n### MacOS\n\n``` bash\nbrew update\nbrew info pocsuite3\nbrew install pocsuite3\n```\n\n### [Debian](https://tracker.debian.org/pkg/pocsuite3), [Ubuntu](https://launchpad.net/ubuntu/+source/pocsuite3), [Kali](http://pkg.kali.org/pkg/pocsuite3)\n\n``` bash\nsudo apt update\nsudo apt install pocsuite3\n```\n\n### Docker\n\n```\ndocker run -it pocsuite3/pocsuite3\n```\n\n### ArchLinux\n\n``` bash\nyay pocsuite3\n```\n\n###\n\nOr click [here](https://github.com/knownsec/pocsuite3/archive/master.zip) to download the latest source zip package and extract\n\n``` bash\nwget https://github.com/knownsec/pocsuite3/archive/master.zip\nunzip master.zip\ncd pocsuite3-master\npip3 install -r requirements.txt\npython3 setup.py install\n```\n\n\nThe latest version of this software is available at: https://pocsuite.org\n\n## Documentation\n\nDocumentation is available at: https://pocsuite.org\n\n## Usage\n\n```\ncli mode\n\n\t# basic usage, use -v to set the log level\n\tpocsuite -u http://example.com -r example.py -v 2\n\n\t# run poc with shell mode\n\tpocsuite -u http://example.com -r example.py -v 2 --shell\n\n\t# search for the target of redis service from ZoomEye and perform batch detection of vulnerabilities. The threads is set to 20\n\tpocsuite -r redis.py --dork service:redis --threads 20\n\n\t# load all poc in the poc directory and save the result as html\n\tpocsuite -u http://example.com --plugins poc_from_pocs,html_report\n\n\t# load the target from the file, and use the poc under the poc directory to scan\n\tpocsuite -f batch.txt --plugins poc_from_pocs,html_report\n\n\t# load CIDR target\n\tpocsuite -u 10.0.0.0/24 -r example.py\n\n\t# the custom parameters `command` is implemented in ecshop poc, which can be set from command line options\n\tpocsuite -u http://example.com -r ecshop_rce.py --attack --command \"whoami\"\n\nconsole mode\n    poc-console\n```\n\n## How to Contribute\n\n1. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.\n2. Fork [the repository](https://github.com/knownsec/pocsuite3) on GitHub to start making your changes.\n3. Write a test which shows that the bug was fixed or that the feature works as expected.\n4. Send a pull request or bug to the maintainer until it gets merged or fixed. Make sure to add yourself to [Contributors](./CONTRIBUTORS.md).\n\n\n## Links\n\n* [Contributors](./CONTRIBUTORS.md)\n* [ChangeLog](./CHANGELOG.md)\n* [Bug tracking](https://github.com/knownsec/pocsuite3/issues)\n* [Copyright](./COPYING)\n* [Pocsuite](https://pocsuite.org)\n* [Seebug](https://www.seebug.org)\n* [ZoomEye](https://www.zoomeye.org)\n* [Knownsec](https://www.knownsec.com)\n","funding_links":[],"categories":["\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","漏洞扫描","Python (1887)","Python","其他_安全与渗透"],"sub_categories":["\u003ca id=\"9d1ce4a40c660c0ce15aec6daf7f56dd\"\u003e\u003c/a\u003e未分类-Vul","pocsuite3","网络服务_其他"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknownsec%2Fpocsuite3","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fknownsec%2Fpocsuite3","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknownsec%2Fpocsuite3/lists"}