nullsploit is a work in progress exploitation framework. Currently, only a small number of exploits are included, however, the exploits present should be stable across multiple Windows installations.
Features currently available include defining the payload and options, a custom encoder to avoid bad chars as well as an exploit shell handler. At present, only basic payloads exist, such as invoking the WinExec API and a standard CMD bind shell.
A short demo of the WorldMail IMAP exploit running on top of a fully patched Windows 10 installation is shown below:
The project is available on GitHub at the following link: https://github.com/TheNullSecXero/nullsploit