Skip to content
/ DrXploit Public

DrXploit is a powerful and open-source penetration testing and exploitation tool for web applications. This tool is designed to automate the process of discovering and exploiting vulnerabilities, saving time and effort for security researchers.

www.cyber1101.com

License

MIT license
14 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DrDataYE/DrXploit

BranchesTags

Repository files navigation

DrXploit 🔥

License Python Version Contributions

DrXploit is an open-source web application security assessment toolkit. It automates the detection and verification of known vulnerabilities across popular CMS platforms, helping security researchers save time during authorized testing.

Use this tool only on systems you own or have explicit permission to test.

Features 🌟

  • Multi-CMS coverage: WordPress, Joomla, Drupal, PrestaShop, and more.
  • Curated exploit checks: A broad collection of known issues for multiple CMS ecosystems.
  • Parallel execution: ThreadPoolExecutor-based scanning of multiple targets.
  • Simple CLI: Clean, easy-to-use command-line interface.
  • Rich output: Nicely formatted console output via Rich.

Exploits Count 🔢

  • SITE: 158+ exploits

Usage 🚀

Requirements 📋

  • Python 3.x
  • Python packages: rich, argparse, bs4, requests, colorama

Installation 🔧

Using setup script

git clone https://github.com/DrDataYE/DrXploit.git
cd DrXploit
bash setup.sh

Note: The setup script installs dependencies and configures a launcher.

Uninstallation 🧹

From the project directory:

bash uninstall.sh

For system-wide installs (e.g., if setup was run with sudo):

sudo bash uninstall.sh

The script removes installed files, the virtual environment, the launcher, and related PATH entries.

Running 🏃‍♂️

List files in the result directory 📁

drxploit -l

Scan from a file or a single domain 🌐

drxploit path_to_file_or_domain

Add an email for important notifications 📧

drxploit -e "your_email@example.com"

Examples 💡

Scan domains from a file:

drxploit sites.txt

Scan a single domain:

drxploit example.com

Options ⚙️

  • -h, --help: Show help.
  • -l, --list-files: List files in the result directory.
  • -c, --list-cms: List files in the cms directory.
  • -e, --email: Set an email address for important data.

Output Directory 📂

All logs and findings are saved to the result directory in the project. Review this folder after scans to inspect results.

Targeted Websites 🎯

DrXploit supports multiple CMS platforms, including:

  • WordPress: Plugin and theme issues.
  • Joomla: Component and module vulnerabilities.
  • Drupal: Core and module checks.
  • PrestaShop: Module and theme vulnerabilities.
  • Other CMS: Custom and lesser-known platforms.

Example Screenshot 📸

DrXploit Usage

Contributing 🤝

Contributions are welcome. Open an issue to report bugs or request features, or submit a pull request.

Note: We do not condone unethical use of this tool.

License 📄

This project is licensed under the MIT License. See the LICENSE file for details.

Developed by DrDataYETelegram 📬

About

DrXploit is a powerful and open-source penetration testing and exploitation tool for web applications. This tool is designed to automate the process of discovering and exploiting vulnerabilities, saving time and effort for security researchers.

www.cyber1101.com

Topics

exploit hacking python3 bugbounty scanning hacking-tool exploit-db hackweb

Resources

Readme

License

MIT license
Activity

Stars

14 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases 1

DrXploit Latest
Jun 11, 2024

Packages

No packages published

Contributors 2

  •  
  •  

Languages