exploit_bot

Autonomous pentesting on Apple Silicon

Website • Features • Install • Models • Tools

AI-powered penetration testing toolkit with local LLM inference. No cloud dependency, runs entirely on Apple Silicon.

exploitbot runs local models on Apple Silicon via MLX, integrates real pentesting tools, and generates professional pentest reports from findings.

Features

Local AI Inference — vMLX-based models run on-device via Apple Silicon, with no API keys required.

Ops System — Named persistent workspaces for each engagement. Switch between targets without losing context. The LLM remembers evidence and findings across tabs.

3 Interaction Modes

Autopilot — Give a target, watch it work. Full autonomous recon → exploitation → reporting.
Copilot — AI suggests tools, you approve. Each action explained with risk level.
Manual — You drive, AI advises. Full tool controls with chat-based guidance.

42 integrated tool schemas — from recon and web to exploit, OSINT, report, and supply-chain workflows. Callback tools (search_cve, lookup_cve, search_context) and run_shell are part of the same tool surface so you can mix operator-invoked and context tools per tab.

Stash — Cross-op artifact sharing. Drop credentials, hosts, payloads from any engagement, pull them into any other.

Findings → Reports — The endgame. Confirmed vulnerabilities auto-capture attack chains, evidence, and impact. Generate professional pentest reports in PDF, Markdown, HTML, or JSON.

CVE Knowledge Base + Import — Local CVE database with semantic search plus list import support (CSV/JSON) and include filters.

Supply-Chain + CVE Ops — Supply-chain discovery and CVE lifecycle workflows now include trufflehog, syft, grype, and osv_scanner action coverage in the same tool/agent state system as other recon modules.

5 Languages — Full interface and report generation in English, 한국어, 中文, Español, 日本語.

Live Tool Telemetry — Tool execution status updates are emitted per button/tab (queued, running, done, error), written to logs, and tracked in chat/panel history with CVE and stash workflow visibility.

Beta Release Status (June 3, 2026)

The current beta DMG is published as a GitHub prerelease:

Release: ExploitBot 0.1.0 Beta
Download: ExploitBot-beta.dmg
DMG SHA256: 647bfa9e662c21e37b0cb79473fcf415a6ce058c15097c321dfa23440660175e
Signing: Developer ID Application, hardened runtime
Notarization: app and DMG submitted, stapled, and validated

Latest local beta package sanity build, not yet uploaded to the GitHub release:

Built: June 3, 2026
Command: ./script/package_release.sh --skip-notarize
Local DMG: release/ExploitBot-beta.dmg
Local DMG SHA256: 8bf94bf623a569bc82979b84962a96cb72b4d3742b7c12da352e128f042b3c42
Status: signed app and signed DMG verified locally; notarization still requires EXPLOITBOT_NOTARY_PROFILE or local notary environment variables before replacing the published release asset.

Done in the current beta lane

Autonomous agent loop: deployed agents run in autopilot mode, inherit model/settings state, expose live tool status, and can request the full registered tool schema set instead of only the active tab subset.
Broad tool surface: the in-app model tool catalogue covers recon, web, network, credentials, exploit, post-exploit, OSINT, supply-chain, CVE, context, and shell execution.
Supply-chain + CVE workflow: first-class supply-chain tab, CVE search/import actions, SBOM/dependency/secrets actions, CLI routing, installer taxonomy, and per-action status state are wired.
CVE import/include + embeddings gate: /qa/cve-import-embedding-coverage proves CVE list import with an includeOnly CVE-ID allowlist, selected/excluded import audit state, semantic CVE embedding search, on-demand CVE/context retrieval, and the bounded prompt-injection policy.
Shell tool safety: run_shell remains visible to the agent/tool catalogue, but destructive command samples are blocked through an auditable pattern policy covered by registry and QA proofs.
Security abuse-boundary matrix: /qa/security-abuse-boundary-matrix ties authorized pentest tooling, destructive shell blocklists, manual/copilot/autopilot authorization modes, supply-chain/CVE include-only guardrails, bounded prompt/context policy, and audit/tool-status logging into one app-visible QA contract.
Runtime packaging path: release packaging bundles the vMLX Python engine, selects a valid bundled/runtime interpreter, verifies required modules, signs the app/DMG, and records manifest evidence.
Qwen + MiniMax cache proofs: live/release harnesses cover Qwen MXFP4-MTP hybrid SSM attention, MiniMax full-KV attention, TurboQuant KV cache, prefix cache, paged/block L2 cache, and repeat-prompt cache hits.
Local low-RAM Qwen lane: /qa/runtime-local-model-lane pins the active small local Qwen beta target to /Users/eric/models/JANGQ/Qwen3.6-27B-MXFP4-MTP, verifies the release-app live chat/cache artifact, enforces a sub-20 GB active-memory ceiling for the Qwen smoke and batching artifacts, and keeps active beta families to Qwen/MiniMax only.
Parallel/session + batching gates: scripts/parallel-agent-session-proof.py drives two autonomous agents against a delayed mock Qwen engine and proves overlapping app requests (max_in_flight=2) plus live workingCount/status-line state; /qa/continuous-batching-coverage source-checks the vMLX server, launcher --max-num-seqs path, BatchedEngine, LLM scheduler, MLLM scheduler, MLLM batch generator, BatchKV/BatchMamba cache, TurboQuant KV, L2 disk cache, and hybrid SSM companion contracts.
Qwen live continuous batching: scripts/prove-live-continuous-batching.py live-loads /Users/eric/models/JANGQ/Qwen3.6-27B-MXFP4-MTP with --max-num-seqs 2, sends two concurrent chat completions, and records max_running_observed=2, max_waiting_observed=2, num_requests_processed=2, TurboQuant q4 KV, block L2 disk writes, and SSM companion async rederive completion in docs/live-proofs/checkpoint-452-qwen-continuous-batching-live.json.
Qwen 4-way batching stress: scripts/prove-live-qwen-continuous-batching-4.py live-loads the same smallest Qwen MXFP4-MTP target with --max-num-seqs 4, sends four concurrent chat completions, and records max_running_observed=4, max_waiting_observed=4, num_requests_processed=4, TurboQuant q4 KV, block L2 disk writes, SSM async rederive completion, and sub-20 GB active memory in docs/live-proofs/checkpoint-465-qwen-continuous-batching-4-live.json.
Live loaded-model agent stress: scripts/prove-live-loaded-model-agent-stress.py launches the smallest Qwen MXFP4-MTP target, points two app agents at the loaded engine, and records appMaxWorkingObserved=2, max_running_observed=2, num_requests_processed=2, TurboQuant q4 KV, block L2 disk writes, SSM async rederive completion, and sub-20 GB active memory in docs/live-proofs/checkpoint-466-qwen-live-agent-stress.json.
MiniMax live continuous batching: scripts/prove-live-minimax-continuous-batching.py live-loads /Users/eric/models/JANGQ/MiniMax-M2.7-Small-JANGTQ with --max-num-seqs 2, proves overlapping requests, records max_running_observed=2, max_waiting_observed=2, num_requests_processed=2, TurboQuant q4 KV, and four block-L2 disk writes in docs/live-proofs/checkpoint-464-minimax-continuous-batching-live.json.
Startup cache/defaults gate: /qa/startup-cache-defaults proves the app starts from required parser/cache defaults, Settings apply re-forces them, engine launch paths carry parser, TurboQuant, prefix/L2/paged/block cache, and --max-num-seqs flags, and settings/runtime coverage mirror the same contract.
Context budget + compaction gate: /qa/context-budget-compaction proves bounded automatic context injection, a hard 6,000-character/8-snippet /qa/context-packet budget, single-line catalog snippet compaction, max-token/max-iteration forwarding, cache-preserving new-context behavior, and on-demand stash/CVE retrieval under the prompt-injection policy search-on-demand-not-force-injected.
Context/session efficiency matrix: /qa/context-session-efficiency-matrix ties max-token forwarding, max-iteration budget, context cap, compaction format, new-context cache preservation, stash/CVE retrieval, Responses reuse, streaming usage telemetry, parallel sessions, Qwen/MiniMax batching, L2 hits, TurboQuant KV, and hybrid SSM async rederive into one counter-backed matrix.
Context efficiency invariant gate: /qa/context-efficiency-invariants hard-checks automatic context caps, 6,000-character/8-snippet packet budget, max-token forwarding, cache-preserving new context, stash/CVE retrieval, bounded prompt policy, Responses reuse, streaming deltas, parallel batching, sub-20 GB Qwen memory, L2 hits, q4 TurboQuant KV, and hybrid SSM async rederive.
Tool/engine/context ops matrix: /qa/tool-engine-context-ops-matrix joins live tool progress telemetry, tool execution coverage, engine parser/cache defaults, Responses streaming/reasoning/tool deltas, prompt-injection boundaries, CVE import/semantic embeddings, stash memory retrieval, context/session efficiency, Qwen/MiniMax batching, L2/TurboQuant/SSM cache counters, and local Qwen/MiniMax runtime lane proof into one auditable matrix.
Engine API/cache proof matrix: /qa/engine-api-cache-proof-matrix exposes an engine pytest-backed QA route for Responses previous_response_id session reuse, OpenAI-shaped reasoning/tool parser output, cache defaults, TurboQuant KV modes, prompt/block L2 disk cache, and hybrid SSM rederive status.
Streamed Responses session reuse: streamed /v1/responses turns now store replayable context when store=true, including streamed text and parsed tool calls, so later streamed requests can use previous_response_id while preserving reasoning/tool-call delta evidence.
State-dependent contract matrix: /qa/state-dependent-contract-matrix separates fixture-required CVE semantic embedding and parser-result state from implementation failures, then proves the same rows turn ready after CVE import/include, semantic context, and parser fixture seeds.
Prompt-injection boundary gate: /qa/context-prompt-injection-boundary proves context is bounded/on-demand instead of broad prompt stuffing, callback CVE/context tools stay available, per-turn tool schemas are capped, full agent tool schemas remain separate, run_shell is visible but blocklisted for destructive samples, and streaming/Responses reuse surfaces are isolated.
Streaming/parser + Responses reuse gate: /qa/streaming-parser-reuse source-checks Chat Completions SSE deltas, ChatService content/reasoning/tool-call delta handling, streamed usage with cached-token telemetry, /v1/responses streaming events, previous_response_id session reuse, and Qwen/MiniMax streaming tool parser coverage. It now also names the engine pytest/parser proof commands that verify Responses session-chain replay and API-shaped reasoning/tool-call output.
Session/context/cache lifecycle gate: /qa/session-context-cache-flow ties new-context cache preservation, bounded context carry, stash/CVE on-demand retrieval, Responses previous_response_id reuse, streaming delta parser surfaces, parallel agent sessions, Qwen/MiniMax live continuous batching, TurboQuant KV, L2/block disk cache, and hybrid SSM async rederive into one app-backed matrix.
Cache artifact matrix: /qa/cache-artifact-matrix reads live proof JSON and exposes row-level counters for Qwen cross-restart scheduler/block/SSM disk hits, scheduler tokens saved, block-L2 store/read hits, TurboQuant q4 KV, Qwen continuous-batching block writes and SSM async rederive, plus MiniMax q4 KV and block-L2 writes.
Chat quality evidence matrix: /qa/chat-quality-evidence-matrix reads the current Qwen MXFP4-MTP and MiniMax JANGTQ live artifacts, proves non-empty release-app chat responses, repeat/cache reuse, TurboQuant q4 KV, Qwen hybrid SSM/block-L2 replay, MiniMax continuous batching, and keeps broadQualityComplete=false while MiniMax first-turn instruction-following and broader reasoning/tool-call quality remain open.
Live artifact ledger: /qa/artifact-ledger keeps failed live-proof JSON visible, separates known historical failures from superseded failures, and requires a passing replacement artifact before clearing current live-proof failure status.
Remaining false-flag classifier: /qa/coverage-false-flag-classification reads the live /qa/coverage-index false booleans and classifies every remaining false value as a known gap, fixture-required state, intentional negative policy, distribution hold, not-required local gate, bundled-runtime info, historical artifact, or unsupported-multimodal inventory state.
Objective runtime coverage map: /qa/objective-runtime-coverage rolls tool flow, runtime, local model lanes, context/compaction, prompt-injection boundaries, CVE import/embeddings, stash retrieval, parallel sessions, Responses/streaming parser reuse, L2 cache, TurboQuant KV, hybrid SSM async rederive, proof ledgers, and release readiness into one auditable map. It intentionally reports objectiveComplete=false while known gaps remain, with zero blocked objective requirements at this checkpoint.
Objective flow requirement matrix: /qa/objective-flow-requirement-matrix expands the objective map into per-requirement rows with routes, proofs, evidence level, live-artifact parity, and streaming event details for tool flow, context/memory, CVEs, sessions, Responses reuse, L2 hits, TurboQuant KV, and hybrid SSM async rederive.
Objective execution graph: /qa/objective-flow-execution-graph orders the objective rows into an end-to-end flow from session start through context budget/compaction, CVE include/semantic retrieval, stash retrieval, prompt-injection boundary, tool schema selection, Responses reuse, streaming deltas, reasoning/tool parser handling, parallel sessions, continuous batching, L2 disk cache, TurboQuant KV, hybrid SSM async rederive, beta readiness, and the known-gap boundary.
Per-turn runtime contract: /qa/per-turn-runtime-contract turns the objective graph into turn-level contracts with input requirements, visible status surfaces, route/proof evidence, max-token/context compaction, CVE include filters, stash retrieval, tool status, Responses reuse, streaming deltas, reasoning/tool parser, batching, L2, TurboQuant, SSM, and known-gap boundary rows.
Turn lifecycle evidence: /qa/turn-lifecycle-evidence presents the full per-turn chain in execution order: turn input, context budget/compaction, CVE include/semantic retrieval, stash retrieval, prompt-injection boundary, tool schema/live status, Responses reuse/streaming, reasoning/tool parser, parallel batching, L2 disk cache, TurboQuant KV, hybrid SSM async rederive, and result/known-gap boundary.
Active objective audit: /qa/active-objective-audit maps the current broad goal into explicit rows for tool flow, engine/runtime, cache/memory, prompt-injection boundaries, CVE embeds/import, max-token/context compaction, stash memory, sessions, parallel continuous batching, Responses reuse, content/reasoning/tool deltas, L2 disk hits, TurboQuant KV, hybrid SSM async rederive, tool status/logs, and the known-gap boundary. It keeps completionClaimAllowed=false while open gaps remain.
Settings and persistence: parser, generation, reasoning, engine cache, KV quantization, model path, session, terminal/tool path, and result-store state have QA proof coverage.
UI status coverage: chat, sidebar, active agent lists, supply-chain actions, CVE import/search, terminal path state, and visual proof screenshots have checkpoint coverage. /qa/visual-coverage now carries per-tab visual proof-family parity across recon, web, network, creds, exploit, post, supply-chain, OSINT, report, and stash.
Live status/log/preview flow gate: /qa/live-status-preview-flow ties tool status indicators, agent status lines, activity-feed telemetry, parsed result previews, stash context handoffs, report/finding management, and evidence lifecycle handoffs into one user-facing flow.
Qwen multimodal promotion boundary: /qa/qwen-multimodal-promotion-readiness keeps Qwen VL promotion live-proof gated, names the exact missing loader/prefix-cache/context-routing proof commands, and keeps ZAYA/non-Qwen/MiniMax folders outside the active beta lane.
Qwen multimodal live-result gate: Qwen VL promotion now requires each promotion proof to have both the expected script and a passing docs/live-proofs/live-qwen-multimodal-*.json result artifact, so adding a proof file alone cannot mark loader/prefix-cache/context-routing work as proven.
Qwen multimodal loader harness: scripts/live-qwen-multimodal-loader-proof.py is now the guarded live loader path. It requires an explicit Qwen/MiniMax multimodal model folder, rejects ZAYA and Qwen3.5/3.6 text-lane folders without explicit VL markers, and only writes docs/live-proofs/live-qwen-multimodal-loader-proof.json after a real engine load and multimodal chat response.
Deep runtime/tool-flow gate: /qa/deep-runtime-flow-coverage now rolls up tool flow, agent phases, local model lane selection, session/context/cache lifecycle, prompt-injection boundaries, bounded context, CVE taxonomy/import, semantic CVE embeddings, stash retrieval, parser matrix, Responses/SSE streaming delta handling, session workflows, and Qwen/MiniMax cache contracts into one app-backed beta gate.
Website refresh: exploit.bot now points at the notarized beta DMG, uses the current dark app theme, preserves the logo treatment, includes cleaned current screenshot/proof assets, and has desktop/mobile browser verification across EN/KO/ZH/ES/JA.
Website SEO/i18n: the live site has current Open Graph/Twitter metadata, favicon/manifest assets, sitemap image entries, llms.txt, llms-full.txt, security.txt, localized visible copy, localized page title/description updates, and live Playwright coverage for missing i18n keys, broken images, and mobile overflow.

Needs more work before public beta

Qwen multimodal promotion: The loader live harness exists, but the real loader artifact, multimodal prefix-cache proof, and multimodal context-routing proof are still pending; /qa/qwen-multimodal-promotion-readiness keeps the exact missing live proof list and live result artifact list visible, and blocks completion claims until the scripts and passing artifacts exist.
General chat quality: /qa/chat-quality-evidence-matrix now makes the bounded live evidence visible, but broad reasoning/tool-call quality still needs longer realistic runs, especially MiniMax first-turn instruction-following.
Full app UI pass: source/API/proof coverage is broad and the website has been visually reviewed, but the native app still needs a final hands-on visual pass across every tab, status indicator, hover/detail state, and release build window before calling it polished.
Security review: the app now exposes an abuse-boundary matrix, but the release still needs a manual adversarial review of logging, command safety, and operator misuse cases before wider distribution.

Screenshots


Web vulnerability scanner with CVSS cards	Metasploit module browser + payload config

GPU-accelerated hash cracking via Metal	Username OSINT across 400+ platforms

Install

Download

Download the beta DMG from Releases. Release builds should be signed, notarized, stapled, and verified before publishing.

Requires macOS 14+ and Apple Silicon (M1/M2/M3/M4).

Build from Source

git clone https://github.com/jjang-ai/exploitbot.git
cd exploitbot

# Build and run local verification app
./script/build_and_run.sh --verify

# Package unsigned DMG for beta distribution
./script/package_release.sh --skip-notarize

# Notarized DMG using a keychain profile
EXPLOITBOT_NOTARY_PROFILE=<profile> ./script/package_release.sh --notarize

# Notarized DMG using local notary environment variables
set +x
source /path/to/private/.env.signing
./script/package_release.sh --notarize

Prerequisites:

macOS 14+ on Apple Silicon
Xcode 16+ (Swift toolchain)
A vMLX-compatible model running on localhost:8000 (see vMLX)
Pentesting tools installed via homebrew/pip for tool execution

Models

exploitbot is model-folder driven and currently supports:

Qwen text (qwen) with the active beta proof lane on MXFP4-MTP folders.
MiniMax text (minimax) with MiniMax JANG_K metadata proof and Small JANGTQ low-RAM load/cache proof.

Use local folders from:

export EXPLOITBOT_MODELS=/Users/eric/models
export EXPLOITBOT_RELEASE_QWEN_MODEL=${EXPLOITBOT_MODELS}/JANGQ/Qwen3.6-27B-MXFP4-MTP

# Smallest local Qwen smoke target (lower RAM)
${EXPLOITBOT_MODELS}/JANGQ/Qwen3.6-27B-MXFP4-MTP

# Larger MXFP4 variant
${EXPLOITBOT_MODELS}/JANGQ/Qwen3.6-35B-A3B-MXFP4-MTP

# MiniMax low-RAM proof target and full JANG metadata target
${EXPLOITBOT_MODELS}/JANGQ/MiniMax-M2.7-Small-JANGTQ
${EXPLOITBOT_MODELS}/dealign.ai/MiniMax-M2.7-JANG_K-CRACK

For runtime checks, start with the smallest Qwen target first to keep RAM pressure low. The command examples below also default to this model.

Tools

42 tool definitions across 8 operational areas:

Category	Tools
Recon	subfinder, dnsx, nmap, masscan, httpx, katana, theharvester
Web	nuclei, sqlmap, dalfox, feroxbuster, ffuf, arjun, wpscan, testssl, graphqlmap, jwt_tool
Network	netexec, snmpwalk, tshark, bettercap, chisel
Credentials	hashcat, hydra, haiti, trufflehog
Exploit	metasploit, pwncat, sliver
Post-Exploit	linpeas, impacket
OSINT	sherlock, holehe, exiftool, gowitness
Supply-Chain	trufflehog, syft, grype, osv_scanner
General / Report / Stash	search_cve (local CVE DB), lookup_cve, search_context, run_shell

Lightweight tools are bundled in the app. Heavy tools are installed on first use via homebrew/pip.

Architecture

UI: SwiftUI (native macOS 14+)
Inference: vMLX engine (MLX on Apple Silicon) — localhost server, OpenAI-compatible API
IPC: HTTP + SSE streaming to local vMLX server
Persistence: SQLite (GRDB.swift) with WAL mode
Terminal: SwiftTerm (embedded pty)
Reports: HTML → PDF via WKWebView
CVE DB: SQLite + sqlite-vec (semantic search with nomic-embed-text)
Packaging: Hardened runtime, app + DMG signing, app + DMG notarization/stapling, and release manifest hashes

Documentation

Design Document — Product and UX design
Technical Specification — 29 technical decisions with rationale
Feature Matrix — 1,307 checkable items for QA
Tool Definitions — 42 tool schemas in-app
Tool Registry — external CLI mappings for supported binaries (39 entries)
System Prompts — Base + per-tab LLM instruction templates
Beta Release and Website Ops — safe release, notarization, verification, and website update checklist

Runtime Verification

swift build --package-path ExploitBot -c debug
python3 scripts/release-readiness-proof.py
python3 scripts/verify-live-models.py --qwen ${EXPLOITBOT_MODELS}/JANGQ/Qwen3.6-27B-MXFP4-MTP --metadata-only
python3 scripts/verify-live-models.py --qwen ${EXPLOITBOT_RELEASE_QWEN_MODEL} --restart-replay --require-ssm-companion-hit
python3 scripts/release-app-live-qwen-proof.py
EXPLOITBOT_RELEASE_QWEN_MODEL=${EXPLOITBOT_RELEASE_QWEN_MODEL} python3 scripts/release-app-qwen-cross-restart-cache-proof.py
EXPLOITBOT_LIVE_BATCH_QWEN_MODEL=${EXPLOITBOT_MODELS}/JANGQ/Qwen3.6-27B-MXFP4-MTP python3 scripts/prove-live-continuous-batching.py
EXPLOITBOT_LIVE_BATCH_MINIMAX_MODEL=${EXPLOITBOT_MODELS}/JANGQ/MiniMax-M2.7-Small-JANGTQ python3 scripts/prove-live-minimax-continuous-batching.py
python3 scripts/minimax-continuous-batching-readiness-proof.py
python3 scripts/startup-cache-defaults-proof.py
python3 scripts/verify-live-models.py --minimax ${EXPLOITBOT_MODELS}/dealign.ai/MiniMax-M2.7-JANG_K-CRACK --metadata-only
python3 scripts/release-app-live-minimax-proof.py
python3 scripts/agent-live-tool-status-proof.py
python3 scripts/security-abuse-boundary-matrix-proof.py
python3 scripts/context-budget-compaction-proof.py
python3 scripts/session-context-cache-flow-proof.py
python3 scripts/chat-quality-evidence-matrix-proof.py
python3 scripts/tool-engine-context-ops-matrix-proof.py
python3 scripts/engine-api-cache-proof-matrix-proof.py
python3 scripts/state-dependent-contract-matrix-proof.py
python3 scripts/cache-artifact-matrix-proof.py
python3 scripts/artifact-ledger-proof.py
python3 scripts/audit-ledger-proof.py
python3 scripts/visual-coverage-proof.py
python3 scripts/objective-runtime-coverage-proof.py
python3 scripts/turn-lifecycle-evidence-proof.py
python3 scripts/active-objective-audit-proof.py
python3 scripts/context-efficiency-invariants-proof.py
python3 scripts/live-status-preview-flow-proof.py
python3 scripts/qwen-multimodal-promotion-readiness-proof.py
python3 scripts/qwen-multimodal-live-result-gate-proof.py
python3 scripts/qwen-multimodal-loader-harness-gate-proof.py
python3 scripts/supply-chain-cve-ui-proof.py
python3 scripts/cve-settings-actions-proof.py
python3 scripts/terminal-tool-paths-proof.py
python3 scripts/tool-flow-coverage-proof.py

License

Open source. License TBD.

Disclaimer

exploitbot is designed for authorized security testing, penetration testing engagements, CTF competitions, and security research. Always obtain proper authorization before testing any system you do not own. The developers are not responsible for misuse.

exploit.bot · Powered by vMLX engine · Built for Apple Silicon

Name		Name	Last commit message	Last commit date
Latest commit History 601 Commits
.codex/environments		.codex/environments
ExploitBot		ExploitBot
ExploitBotEngine		ExploitBotEngine
ExploitBotXcode		ExploitBotXcode
assets		assets
docs		docs
locales		locales
script		script
scripts		scripts
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

exploit_bot

Features