roxysploit is a community-supported, open-source and penetration testing suite that supports attacks for numerous scenarios. conducting attacks in the field.

roxysploit - Penetration Testing Suite

Some containing Plugins in roxysploit

  • Scan is a automated Information gathering plugin it gives the user the ability to have a rest while the best Information gathering plugin can be executed.
  • Jailpwn is a useful plugin for any iphone device that has been jailbroken it will attempt to login to the ssh using its default password giving you a full shell.
  • Eternalblue is a recent plugin we added it Exploits a vulnerability on SMBv1/SMBv2 protocols these were collected from the nsa cyberweapons.
  • Internalroute Exploits multiple vulnerabilities in routers this can become very useful such as hotel wifi’s.
    Aurora this is a old plugin that can become very useful for pen-testers it exploits Internet Explorer 6 URL vulnerability.
  • Doublepulsar is giving you the ability to Remotely inject a malicious dll backdoor into a windows computer.
  • Kodi is a fantastic movie streaming platform but however it runs on linux we have Created a malicious addon(backdoor) via
  • Bleed uses a mass vulnerability check on finding any SSL Vulnerabilities.
  • Tresspass is a way of managing your php backdoor and gaining shell or even doing single commands it requires password authentication stopping any lurker.
  • Handler is commonly used to create a listener on a port.
  • Poppy is a mitm plugin allowing you to Arp spoof and sniff unencrypted passwords on all protocals such as ftp and http.
  • Redcarpet is a nice plugin keeping you safe from malicious hackers this will Encrypt a user directory.
  • Picklock is a local bruteforce plugin that you can Picklock/bruteforce Mulitple devices Pincodes such as android usb debugging.
  • Passby can load a usb to steal all credentials from a windows computer in seconds.
  • Dnsspoof is common for man in the middle attacks, it can redirect any http requests to your dns.
  • Smartremote this is more of a funny remote exploit you can Take over a smart tv’s remote control without authentication.
  • Blueborne is a recent Bluetooth memory leak all devices even cars.
  • Credswipe you have to have a card reader to clone them.
  • Rfpwn suitable device to bruteforce a special AM OOK or raw binary signal.
  • Ftpbrute Brute-force attack an ftp (file transfer protocol) server WiFi Jammer you can Deauth wifi networks around your area, meaning disconnecting all users connected to the network.

It is frequently updated

Tested on          ..
 Arch Linux  Working
 Kali Linux  Working
 Ubuntu  Working
 Debian  Working
 Centos Not Tested
 MacOSX Needs Porting
 Windows Ha no.

How To Install

Executing Plugins Examples

What operating systems support roxysploit?

All Linux distros are currently supported, it is recommended for a prebuilt pentesting os like kali linux although.


0x5a Aaronius Witt TDHU Team(InsaneLand) @2017

Download roxysploit