Exploit development tools

Tools

Bowcaster (exploit development framework)

exploit development, penetration testing

Bowcaster is a framework to create exploits. It is written in Python and comes with a set of tool and modules to help exploit development.

Halcyon IDE (development interface for Nmap NSE scripts)

exploit development, penetration testing, security awareness

Halcyon IDE provides an interface to develop Nmap scripts (NSE). These scripts can be used to extend the functionality of Nmap and perform more advanced scans on applications and infrastructures. By using an IDE, the development of NSE scripts can be simplified.

PEDA (Python Exploit Development Assistance for GDB)

debugging, exploit development, reverse engineering

PEDA is an extension for GDB (GNU DeBugger) to help with the development of exploit code. It can be used by reverse engineers and pentesters.

radare2 (reverse engineering tool and binary analysis)

digital forensics, reverse engineering, software exploitation, troubleshooting

Radare2 is a popular framework to perform reverse engineering on many different file types. It can be used to analyze malware, firmware, or any other type of binary files. Besides reverse engineering, it can be used for forensics on filesystems and do data carving. Tasks can be scripted and support languages like JavaScript, Go, and Python. Even software exploitation is one of the functions it can be used in.

ShellPop (toolkit for popping shells)

penetration testing

During a penetration test, you might have an opportunity to gain shell access to a system. This tool helps with crafting the required type of reverse or bind shell for the task. PopShell also helps with encoding, staging, or switching between different protocols.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.