A unified desktop workbench for exploit development, vulnerability research, and penetration testing on Windows.
ExploitWorkbench brings together exploit databases, network reconnaissance, payload generation, and hands-on testing tools into a single native application. Instead of juggling dozens of terminal windows and browser tabs, everything lives in one workspace with a shared target context — set the target once and every module picks it up automatically.
Browse and search over 47,000 exploits from Exploit-DB and more than 1,000 shellcodes. Filter by platform, category, file type, author, or CVE identifier. Full-text content search is available for deep queries across the entire archive.
Query the MITRE cvelistV5 database locally. Filter by vendor, product, version, CWE, CVSS severity, or keywords. Each result shows full metadata — scores, affected configurations, linked patches, and known exploits.
Write and run exploits directly inside the workbench. The built-in editor supports syntax highlighting for Python, C/C++, Perl, Ruby, PHP, PowerShell, Bash, and more. Target variables like {{RHOST}}, {{LHOST}}, and {{LPORT}} are substituted at runtime, so a single exploit template works across different engagements without manual edits.
Integrated Nmap frontend with preset scan profiles — quick discovery, service detection, OS fingerprinting, stealth SYN, full TCP, and UDP. Custom flags are supported for fine-tuned scans. Results appear in real time in the console.
Spin up TCP listeners on any local interface and manage multiple concurrent sessions. Send commands, view output, and switch between active shells from a single panel.
Scan a target for open services, then automatically match them against known exploits in the database. Review suggested matches and launch the selected exploit with one click.
TCP Fuzzer — send templated payloads to a remote service with configurable length ranges and filler characters. The results table tracks connection status and crash indicators for each iteration.
Local Fuzzer — fuzz command-line executables by injecting variable-length arguments. Exit codes and crash events are captured automatically.
Load raw shellcode in binary, hex, escaped, or C-array format and convert between them. Generate ready-to-use loader templates for C and Python. An integrated msfvenom GUI provides access to all Metasploit payloads, encoders, and output formats without leaving the workbench.
Send raw TCP requests to any host and port, inspect the response, and iterate — similar to Burp Suite's Repeater. Useful for manual protocol testing and request crafting.
View and edit binary files byte-by-byte. Search and replace hex patterns for shellcode analysis and binary patching.
Encode and decode strings between Base64, Hex, URL encoding, ROT13, and XOR. Swap input and output for quick round-trip conversions.
A collection of ready-made templates for common offensive tasks: persistence mechanisms (registry keys, scheduled tasks, services, WMI, COM hijacking), privilege escalation helpers (token impersonation, UAC bypass, PPL bypass), and lightweight agents in multiple languages (PowerShell, .NET, VBS, JavaScript, DLL).
An embedded Chromium browser for quick access to Exploit-DB, NVD, MITRE, and CTF practice platforms — HackTheBox, TryHackMe, picoCTF, Root Me, OverTheWire, VulnHub, and others.
Save and load engagement files that preserve target configuration, editor content, compiled implants, and execution history. Generate HTML reports at the end of an assessment.
- Windows 10 or later
- .NET Framework 4.8
- Nmap (optional, for network scanning)
- Metasploit / msfvenom (optional, for payload generation)
- Python 3.x (optional, for running Python-based exploits)
ExploitWorkbench is intended for authorized security testing, research, and educational purposes only. Always obtain proper authorization before testing systems you do not own.