Exploits and Security Tools Framework 2.0.1
Switch branches/tags
Nothing to show
Clone or download
C0reL0ader New free modules #SCADA #ICS
1) DirectAdmin (1.491) CSRF Vulnerability
2) Proxmox VE < 3.4-10 Configuration file overwriting
3) Promise WebPAM v2.2.0.13 Add admin user
4) Siemens WINCC flixible runtime 2008 SP2 + SP 1, miniweb.exe Directory traversal
5) DATAC RealWin SCADA 2.1 Buffer Overflow Exploit
6) Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow
7) Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow
8) Yokogawa CENTUM CS 3000 Remote Denial of Service
Latest commit 89d8a09 Jun 5, 2018


EaST Framework

«EAST» – «Exploits And Security Tools» penetration testing framework.

1. Overview

Pentest framework environment is the basis of IT security specialist’s toolkit. This software is essential as for learning and improving of knowledge in IT systems attacks and for inspections and proactive protection. The need of native comprehensive open source pen test framework with high level of trust existed for a long time. That is why EAST framework was created for native and native friendly IT security markets. EAST is a framework that has all necessary resources for wide range exploits to run, starting from Web to buffer overruns. EAST differs from similar toolkits by its ease of use. Even a beginner can handle it and start to advance in IT security.

Main features:

  • Framework security. Software used for IT security must have a high level of user trust. Easy to check open source Python code realized in EAST. It is used for all parts of the framework and modules. Relative little amount of code eases its verification by any user. No OS changes applied during software installation.
  • Framework maximum simplicity. Archive downloads, main python script start.py launches, which allows exploits start-stop and message traffic. All handled local or remotely via browser.
  • Exploits simplicity of creation and editing. Possibility to edit and add modules and exploits on the fly without restart. Module code body is easy and minimal in terms of amount.
  • Cross-platform + minimal requirements and dependencies. Tests for Windows and Linux. Should function everywhere where Python is installed. Framework contains all dependencies and does not download additional libraries.
  • Full capacity of vanilla pen test framework. In spite of simplicity and “unoverload” the framework has all necessary resources for wide range exploits to run, starting from Web to buffer overruns.
  • Wide enhancement possibilities. Third party developers can create their own open source solutions or participate in EAST development by use of Server-client architecture, message traffic API and support libraries.

2. Requirements

3. Usage

git clone https://github.com/C0reL0ader/EaST && cd EaST
python start.py [-p PORT] [--all-interfaces]

4. Additional resources