The nullsploit engine is a work in progress exploitation framework. Currently only a limited number of exploits are available, but these should be stable across multiple Windows installations.

Features currently implemented include payload choices as well as options and a completely custom encoder and payload handler. At present the available payloads include the WinExec API and a bind shell.

A short demo of the WorldMail IMAP exploit module is shown below.

The project is available on GitHub at the following link: https://github.com/TheNullSecXero/nullsploit

You May Also Enjoy