go-exploit is an exploit development framework for Go. The framework helps exploit developers create small, self-contained, portable, and consistent exploits.
Many proof-of-concept exploits rely on interpreted languages with complicated packaging systems. They implement wildly differing user interfaces, and have limited ability to be executed within a target network. Some exploits are integrated into massive frameworks that are burdened by years of features and dependencies which overwhelm developers and hinder the attacker's ability to deploy the exploits from unconventional locations.
To overcome these challenges, go-exploit offers a lightweight framework with minimal dependencies, written in Go—a language renowned for its portability and cross-compilation capabilities. The framework strikes a balance between simplicity for rapid proof-of-concept development and the inclusion of sophisticated built-in features for operational use.
This project is developed and maintained by VulnCheck.
Developer and user documentation can be found in the /docs/ directory. You can refer to this directory for detailed guidance on utilizing the framework. Additionally, the /examples/ directory contains various examples to assist you in understanding its usage.
Community contributions in the form of issues and features are welcome. When submitting issues, please ensure they include sufficient information to reproduce the problem. For new features, provide a reasonable use case, appropriate unit tests, and ensure compliance with our .golangci.yml without generating any complaints.
go-exploit is licensed under the Apache License, Version 2.0. For more details, refer to the LICENSE file.