ExploitTool — Active Exploitation

ExploitTool actively exploits confirmed vulnerability findings, proving impact through actual data extraction, token forging, session hijacking, or command execution.

Actions

Action	Purpose
exploit	Actively exploit a confirmed finding
verify	Re-run PoC to confirm a finding is still exploitable
list	Show available exploit types

Exploit Types (13)

Web Application

Type	Description
sqli-auth-bypass	Bypass authentication via SQL injection
sqli-data-extraction	Extract database contents via SQL injection
auth-bypass	Authentication bypass (non-SQLi vectors)
mass-assignment	Exploit mass assignment vulnerabilities
idor	Insecure Direct Object Reference
idor-user-data	IDOR targeting user-specific data
file-upload	Malicious file upload to achieve RCE

Token & Session

Type	Description
jwt-none-alg	JWT none algorithm bypass
jwt-algo-confusion	JWT algorithm confusion attack
jwt-key-exposure	JWT key exposure exploitation

Client-Side

Type	Description
xss-dom	DOM-based XSS exploitation
xss-stored	Stored XSS exploitation
xss-reflected	Reflected XSS exploitation

Blockchain / DeFi

Type	Description
flash-loan-drain	Drain liquidity pools via flash loan attacks
reentrancy-drain	Reentrancy-based fund extraction
oracle-manipulation	Manipulate price oracles for profit
nonce-reuse-crack	Crack keys from nonce reuse
proxy-storage-collision	Exploit proxy storage collisions

Usage

Exploiting a finding

ExploitTool(
  action="exploit",
  findingId="finding-004",
  exploitType="sqli-auth-bypass",
  target="http://target.com/login"
)

Verifying exploitation

ExploitTool(
  action="verify",
  findingId="finding-004",
  exploitType="sqli-auth-bypass",
  target="http://target.com/login"
)

Listing available exploit types

ExploitTool(action="list")

Output

Exploitation results include:

• Success/failure status
• Proof-of-concept evidence (extracted data, forged tokens, session cookies)
• Impact description
• Suggested next steps (AttackChainTool for chaining)