https://github.com/infosecredd/expw

Scans for Open Ports, then searches ExploitDB for PoC's on that service then rewrites them using OpenAI.
https://github.com/infosecredd/expw

chatgpt chatgpt4 exploit-development exploitation exploitdb openai proof-of-concept

Last synced: about 1 month ago
JSON representation

Scans for Open Ports, then searches ExploitDB for PoC's on that service then rewrites them using OpenAI.

• Host: GitHub
• URL: https://github.com/infosecredd/expw
• Owner: InfoSecREDD
• License: mit
• Created: 2024-11-24T07:53:02.000Z (about 2 months ago)
• Default Branch: main
• Last Pushed: 2024-11-24T07:56:21.000Z (about 2 months ago)
• Last Synced: 2024-11-24T08:27:49.387Z (about 2 months ago)
• Topics: chatgpt, chatgpt4, exploit-development, exploitation, exploitdb, openai, proof-of-concept
• Language: Python
• Homepage:
• Size: 0 Bytes
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        


## **(Ex)ploitDB PoC Writer**

The (Ex)ploitDB PoC Writer is a powerful Python-based tool designed for security professionals and enthusiasts. It combines port scanning, exploit searching, and payload generation into a seamless workflow. Leveraging Nmap for network scanning, SearchSploit for exploit discovery, and OpenAI's GPT-4 for rewriting exploit code, this tool streamlines the process of identifying vulnerabilities and creating proof-of-concept (PoC) payloads.

**Features**

- **Port Scanning:** Efficiently scans specified ports on a target IP using TCP or UDP protocols.

- **Exploit Searching:** Integrates with SearchSploit to find relevant exploits based on discovered services.

- **Payload Generation:** Utilizes OpenAI's GPT-4 to rewrite and enhance exploit code for tailored testing.

- **Payload Execution:** Executes generated payloads directly from the tool.

- **Payload Saving:** Option to save generated payloads for future use.

- **User-Friendly Interface:** Enhanced with Rich library for a visually appealing and interactive command-line experience.

- **Environment Configuration:** Easily manage API keys and configurations using a `.env` file.

**Installation**

1. **Clone the Repository**

   ```

   git clone https://github.com/InfoSecREDD/ExPW.git

   ```

2. **Navigate to the Directory**

   ```

   cd ExPW

   ```

3. **Create a Virtual Environment (Optional but Recommended)**

   ```

   python3 -m venv venv

   source venv/bin/activate

   ```

4. **Install Dependencies**

   ```

   pip3 install -r requirements.txt

   ```

5. **Configure Environment Variables**

   - Create a `.env` file in the root directory.

   - Add your OpenAI API key:

     ```

     OPENAI_API_KEY=your_openai_api_key_here

     ```

**Usage**

Run the script using the following command structure:

```

python3 expw.py target_ip [--ports PORTS] [--protocol PROTOCOL] [--skipports SKIPPORTS]

```

**Arguments:**

- `target_ip` : Target IP address to scan.

**Options:**

- `--ports` or `-p` : Specify port ranges or single ports to scan. Default is `1-1024`.

  - Examples: `80`, `443`, `1-65535`

- `--protocol` : Choose the protocol to scan (`tcp` or `udp`). Default is `tcp`.

- `--skipports` or `-s` : Specify ports or port ranges to skip during scanning.

  - Examples: `81`, `88-89`

**Examples:**

1. **Basic Port Scan on TCP Ports 1-1024**

   ```

   python3 expw.py 192.168.1.100

   ```

2. **Scan Specific Ports and Use UDP Protocol**

   ```

   python3 expw.py 192.168.1.100 --ports 53 161 --protocol udp

   ```

3. **Scan a Range of Ports and Skip Certain Ports**

   ```

   python3 expw.py 192.168.1.100 --ports 1-1024 --skipports 22 80-85

   ```

**Dependencies**

- Python 3.6+

- Nmap

- SearchSploit

- OpenAI Python Library

- Rich

- python-dotenv

**Contributing**

Contributions are welcome! Please fork the repository and submit a pull request with your enhancements or bug fixes. Ensure that your code adheres to the project's coding standards and includes appropriate documentation.

**License**

This project is licensed under the MIT License. See the `LICENSE` file for details.

**Author**

Developed by InfoSecREDD. For any inquiries or support, please contact via Github Issues.

**Security Notice**

**⚠️ WARNING:** Use this tool responsibly and only on systems you have explicit permission to test. Unauthorized scanning and exploitation can be illegal and unethical.

**Disclaimer**

This tool is provided "as is" without any warranties. The developers are not liable for any misuse or damage caused by this tool.