AI-powered penetration testing framework with intelligent analysis powered by GitHub Models API (GPT-4o/GPT-5).
THIS TOOL IS FOR AUTHORIZED SECURITY TESTING ONLY
By using this tool, you acknowledge that:
- You have EXPLICIT WRITTEN PERMISSION to test target systems
- Unauthorized access to computer systems is ILLEGAL (CFAA, Computer Misuse Act, etc.)
- You assume ALL LEGAL RESPONSIBILITY for your actions
- The authors are NOT LIABLE for misuse of this tool
Violation of computer fraud laws may result in criminal prosecution, civil liability, and imprisonment.
- 🎯 Interactive REPL Mode: Terminal interface with persistent context, command history, and AI chat
- 🤖 AI-Driven Analysis: Powered by GitHub Models API (GPT-4o/GPT-5) for intelligent vulnerability analysis
- 💡 Context-Aware AI: Analyzes actual scan/attack results instead of generic templates
- 🔄 Smart Retry Logic: Automatic exponential backoff for rate limiting (2s, 4s, 8s)
- 🎨 Configurable Models: Switch between AI models on the fly (gpt-4o, openai/gpt-5, etc.)
- 🔍 Pattern Recognition: Automatically categorizes endpoints (auth, API, admin, file operations)
- 🛡️ WAF Bypass Engine: Active fingerprinting and adaptive bypass strategies
- ✅ Interactive Approval: Human-in-the-loop confirmation for attack execution
- 📊 Structured Analysis: Evidence-based recommendations using full scan/attack data
- ⚡ Adaptive Rate Limiting: Token bucket algorithm with circuit breaker pattern
- 🔒 Security Safeguards: Scope validation and audit logging
- Web Applications: SQL injection, XSS, CSRF, XXE, SSRF, LFI/RFI, template injection
- REST APIs: GraphQL introspection, JWT manipulation, OAuth flow testing, mass assignment
- Active Directory: Kerberos attacks, NTLM relay, golden/silver tickets, DCSync
- ADFS: Token manipulation, endpoint enumeration, federation vulnerabilities
- Authentication: Brute force, password spray, session hijacking, MFA bypass
- Authorization: IDOR, privilege escalation, horizontal/vertical bypass
- OAuth2 / OIDC: PKCE downgrade, token leakage, state parameter bypass, implicit flow abuse
- SAML: Signature wrapping, XML injection, assertion replay, broker bypass
- Kubernetes: API server exposure, RBAC misconfiguration, container escape, SSRF, etcd leakage
# Clone repository
git clone https://github.com/htunn/simple-exploit.git
cd simple-exploit
# Build
go build -o exploit cmd/exploit/main.go
# Install globally (optional)
sudo mv exploit /usr/local/bin/go install github.com/htunn/simple-exploit/cmd/exploit@latestDownload pre-compiled binaries from GitHub Releases.
- GitHub Token: Get a GitHub personal access token from https://github.com/settings/tokens
- GitHub Models Access: Ensure you have access to GitHub Models (requires GitHub Copilot subscription or free tier)
The tool runs in REPL-only mode with integrated AI assistance:
# Set your GitHub token
export GITHUB_TOKEN="github_pat_xxxxxxxxxxxxx"
# or
export COPILOT_GITHUB_TOKEN="github_pat_xxxxxxxxxxxxx"
# Run the tool (automatically starts REPL)
./exploit
# Inside REPL:
🔥 exploit> target https://example.com
✅ Target set to: https://example.com
🔥 exploit> model gpt-4o
✅ Model set to: gpt-4o
🔥 exploit> scan
🔧 Initializing orchestrator...
🎯 Starting scan on: https://example.com
...
🤖 Analyzing results with AI...
📋 AI Security Analysis:
[Detailed analysis based on actual scan results]
🔥 exploit> ask how to bypass cloudflare waf?
💬 AI Response:
[Specific WAF bypass techniques]
🔥 exploit> attack sqli
⚔️ Execute sqli attack on https://example.com? [y/N]: y
...
🔥 exploit> show scan
[Display last scan results]
🔥 exploit> help
[Show all available commands]
🔥 exploit> exitTarget Management:
target <url>- Set the target URLshow target- Display current target
AI Model Configuration:
model <name>- Set AI model (gpt-4o, openai/gpt-5, etc.)show model- Display current model
Scanning & Attacks:
scan [url]- Scan target for vulnerabilitiesattack [type]- Execute attack with confirmationanalyze scan|attack- Get AI analysis of resultsshow scan|attack- Display raw results
AI Assistance:
ask <question>- Ask AI security questionsbypass <waf-type>- Get WAF bypass techniques? <question>- Quick ask (alias)
Utilities:
history- Show command historyclear- Clear screenhelp- Show helpexit|quit- Exit REPL
Configuration files are located in ~/.exploit/configs/:
trusted-authors.yaml- Plugin author allowlistpre-approval.yaml- Target → exploit category mappingslimits.yaml- Rate limits and concurrency settingsscope.yaml- Authorized target ranges
Create custom exploit modules using the plugin interface:
package main
import (
"context"
"github.com/htunn/simple-exploit/pkg/pluginkit"
"github.com/hashicorp/go-plugin"
)
type MyExploit struct{}
func (e *MyExploit) Name() string {
return "my-exploit"
}
func (e *MyExploit) Metadata() pluginkit.ExploitMetadata {
return pluginkit.ExploitMetadata{
Name: "My Exploit",
Category: pluginkit.CategoryWeb,
RiskLevel: pluginkit.RiskLevelMedium,
}
}
func (e *MyExploit) Validate(target pluginkit.Target) error {
return nil
}
func (e *MyExploit) Execute(ctx context.Context, target pluginkit.Target) (pluginkit.Result, error) {
// Exploit implementation
return pluginkit.Result{Success: true}, nil
}
func main() {
plugin.Serve(&plugin.ServeConfig{
HandshakeConfig: pluginkit.HandshakeConfig,
Plugins: map[string]plugin.Plugin{
"exploit": &pluginkit.ExploitPlugin{Impl: &MyExploit{}},
},
})
}cmd/exploit/ # REPL entry point
internal/
├── agent/ # Vulnerability scanner orchestration
├── approval/ # Interactive approval workflow
├── bypass/ # WAF detection & bypass strategies
├── cmd/ # REPL command handlers
├── copilot/ # GitHub Models API integration
├── ratelimit/ # Rate limiting & concurrency control
└── reporter/ # Structured reporting
pkg/
└── pluginkit/ # Plugin interface
plugins/
├── auth-attack/ # OAuth2/OIDC/SAML/JWT attack suite
└── kubernetes/ # Kubernetes cluster attack suite
configs/ # Configuration files
Tests identity providers for authentication and token security vulnerabilities.
Supported IdP targets: Keycloak · Auth0 · Okta · Azure AD / ADFS · PingFederate
CVE coverage:
| CVE | Description |
|---|---|
| CVE-2015-9235 | JWT alg:none / weak secret brute-force |
| CVE-2016-5431 | OAuth2 implicit flow token leakage |
| CVE-2022-29361 | PKCE code verifier downgrade |
| CVE-2020-7692 | PKCE code_challenge_method=plain acceptance |
| CVE-2019-3778 | Open redirect in OAuth2 redirect_uri |
| CVE-2023-6927 | Keycloak open redirect |
| CVE-2021-27582 | Keycloak consent bypass |
| CVE-2023-4784 | Keycloak OIDC token injection |
| CVE-2023-0264 | Keycloak error body injection |
| CVE-2021-36949 | Azure AD MFA bypass |
| CVE-2017-11427 / CVE-2017-11428 | SAML XML signature wrapping |
| CVE-2021-28550 | SAML assertion replay |
| CVE-2017-6370 | SAML comment injection |
| CVE-2018-0489 | Shibboleth SAML XML injection |
Attack categories and REPL usage:
# Scanner — passive enumeration of OAuth/OIDC endpoints and IdP fingerprinting
scan auth-attack https://login.example.com
# Attack — active exploitation of discovered vulnerabilities
attack auth-attack https://login.example.comBuild, test, and sign:
make build-plugin-auth-attack
make test-plugin-auth-attack
make sign-plugin-auth-attackScans Kubernetes control-node IPs for misconfigurations and known CVEs.
Attack modules:
- Anonymous API server enumeration
- Kubelet unauthenticated read-only API (port 10255)
- etcd key enumeration
- CVE-2018-1002105 (privilege escalation)
- Nginx ingress CVE-2023-5043 (annotation injection)
- Service account token theft via path traversal
- SSRF to cloud metadata services (AWS/GCP/Azure IMDS)
- Container escape (privileged pods, hostPath mounts, hostNetwork)
- Gateway API endpoint discovery
Remediation engine:
- Automatic detection of dangerous pod configurations
- Over-privileged ClusterRoleBindings
- Nginx snippet annotation injection risks
# Inside REPL
scan kubernetes <control-node-ip>
attack kubernetes <control-node-ip>make build-plugin
make test-plugin
make sign-pluginThe AI receives complete scan data and provides:
- Attack Surface Analysis: Identifies specific vulnerabilities from actual endpoints
- Technology-Specific Risks: Known CVEs and attack vectors for detected tech stack
- Endpoint Pattern Recognition: Auto-categorizes endpoints:
- 🔐 Authentication (login, oauth, token, session)
- 🔌 API endpoints (rest, graphql, api/)
- ⚙️ Admin/Management (admin, console, config)
- 📁 File operations (upload, download)
- Recommended Attack Vectors: Prioritized based on actual findings
- Exploitation Roadmap: Step-by-step recommendations with specific endpoints
For Failed Attacks:
- Why it failed (WAF, hardening, wrong vector)
- Alternative approaches and modified payloads
- Bypass techniques for detected security controls
- Prerequisite reconnaissance steps needed
For Successful Attacks:
- Impact assessment and compromised resources
- Evidence extraction and proof of exploitation
- Privilege escalation and lateral movement paths
- Remediation guidance and root cause analysis
This tool uses the GitHub Models API for AI-powered security analysis.
- gpt-4o (default) - Fast, balanced performance
- openai/gpt-5 - Latest GPT model with enhanced reasoning
- Custom models supported via the
modelcommand
Get a GitHub Personal Access Token:
- Go to https://github.com/settings/tokens
- Generate new token (classic or fine-grained)
- Ensure GitHub Models access (requires Copilot subscription or free tier)
- Set environment variable:
export GITHUB_TOKEN="github_pat_xxxxxxxxxxxxx"- Direct HTTP Integration: No SDK dependencies, pure REST API
- Automatic Retry: Exponential backoff for rate limiting (2s, 4s, 8s)
- Error Handling: Clear error messages with status codes
- Configurable: Switch models on-the-fly in REPL
go build -o exploit cmd/exploit/main.gogo test ./...- 🔐 New plugin:
auth-attack— OAuth2/OIDC/PKCE/SAML/JWT attack suite covering 14 CVEs across Keycloak, Auth0, Okta, Azure AD/ADFS, and PingFederate - 🧹 gofmt 100% — zero formatting violations across all source files
- 📉 gocyclo 100% — all functions refactored to cyclomatic complexity ≤ 15 (12+ functions fixed)
- 🔧 Added
make build-plugin-auth-attack,make test-plugin-auth-attack,make sign-plugin-auth-attacktargets - ✅ 31 new passing tests in
plugins/auth-attack
- ✨ Migrated from Copilot SDK to direct GitHub Models API integration
- 🔄 Added automatic retry logic with exponential backoff for rate limits
- 🎨 Added configurable AI model selection (
modelcommand) - 🧠 Improved AI analysis - now uses full scan/attack data instead of templates
- 🔍 Added intelligent endpoint pattern recognition (auth, API, admin, file ops)
- 📊 Enhanced analysis with technology stack identification
- 🎯 Increased AI token limits (4000 → 8000) for detailed analysis
- 🛠️ Fixed API parameter naming (max_tokens → max_completion_tokens)
- ⚡ REPL-only mode - simplified architecture, removed unused CLI commands
- 🔧 Updated default endpoint to https://models.github.ai/inference
- 📝 Improved help documentation and command examples
- Initial release with Copilot SDK integration
Contributions welcome! Please:
- Fork the repository
- Create a feature branch
- Write tests for new functionality
- Submit a pull request
MIT License - see LICENSE file.
This tool is provided for educational and authorized security testing purposes only. The authors assume no liability for misuse or damage caused by this program. Always obtain explicit written permission before testing any systems you do not own.
Built with ❤️ using GitHub Models API