Exploitation
Advanced exploitation engine covering web, crypto, DeFi, and infrastructure targets.
What It Does
Active exploitation of confirmed vulnerabilities across multiple domains: SQLi data extraction, IDOR mass enumeration, JWT token forging, XSS session harvesting, KeePass cracking, cPanel credential sniping, webshell deployment, DeFi oracle manipulation, flash loan attacks, reentrancy, nonce reuse cracking, proxy storage collision, and monorepo dependency resolution for supply chain attacks.
Scripts
| Script | Description |
|---|---|
sqli_exploit | SQL injection data extraction — union, error-based, blind, out-of-band |
idor_exploit | IDOR mass enumeration with role-switching and pattern discovery |
oracle_manipulation | DeFi oracle price manipulation via flash loans and TWAP manipulation |
cpanel_sniping | cPanel credential bruteforce with rate-limit evasion and proxy rotation |
keepass_cracking | KeePass database cracking — dictionary, rule-based, and brute-force modes |
xss_harvester | XSS session harvesting — cookie capture, keystroke logging, DOM exfil |
jwt_forger | JWT token forging using recovered secrets, kid injection, and alg confusion |
monorepo_resolver | Monorepo dependency analysis for supply chain attack surface mapping |
crypto_tool_finder | Discovery of crypto wallets, private keys, mnemonic phrases in filesystems |
nonce_reuse_crack | ECDSA nonce reuse detection and private key recovery |
auth_bypass_chain | Multi-step auth bypass via chained logic flaws and race conditions |
reentrancy | Smart contract reentrancy exploitation with gas optimization |
flash_loan | DeFi flash loan attack execution across Aave, Uniswap, and lending protocols |
upload_webshell | Webshell delivery via file upload, LFI-to-RCE, and deserialization vectors |
proxy_storage | Proxy/UUPS storage collision exploitation for contract upgrades |
anvil_fork_manager | Local chain fork management for pre-execution simulation |
When to Use
Use after vulnerability scanning confirms exploitable findings. Each script targets a specific vulnerability class. Run AttackImproviseTool on first failure of any script before retrying.
Usage
RedTeamScript(skill="exploitation", script="sqli_exploit", args="--url https://target.com/products?id=1 --technique union --dump-all")