Frameworks

Frameworks to easily design and deploy exploits

12 listed tools Last update on 2025-04-28

Up a Level Contribute

Cyber Kill Chain

Recon: Information gathering stage, where attackers gather as much information as possible about the target.

Weaponization: Crafting of tools or payloads to exploit vulnerabilities.

Delivery: The transmission of the weaponized payload to the target.

Exploitation: Exploiting a vulnerability to gain access to the target system.

Installation: Establishing a foothold on the target system.

Command & Control (C2): Setting up channels for communication with the compromised system.

Actions on Objectives: Achieving the intended goal of the attack, such as data exfiltration or system disruption.

Caldera 

Open-source        

A framework for adversary emulation by MITRE

Cobalt Strike 

Commercial        

A Fortra VM & threat emulation framework

Dshell 

Open-source        

Network forensic analysis framework

Empire 

Open-source        

Post-exploitation adversary emulation framework

ExploitPack 

Commercial      

Graphical tool with 39,000+ exploits for pentest automation

Metasploit 

Commercial   Open-source        

Post-exploitation pentest tools to verify vulnerabilities, manage assessments, and more.

Pupy 

Open-source      

Cross-platform remote administration and post-exploitation tool in Python & C

Recon-ng 

Open-source    

A web-based reconnaissance framework

ReNgine 

Open-source    

Open-source reconnaissance framework

routersploit 

Open-source      

Open-source exploitation framework for embedded devices

shellsploit 

Open-source      

Exploit development framework

WordPress Exploit Framework 

Open-source    

Ruby framework for WordPress pentesting