Welcome

The VolatileMinds store offers exploits for known vulnerabilities, custom tools, and packs focused on open source and enterprise software. Our custom plugin extends the open-source Metasploit Framework, allowing you to search for and purchase material directly from the console. Free or purchased items can be synced and loaded automatically. Security engineers and penetration testers can use the plugin to more efficiently find, audit, and verify software on modern and dynamic enterprise networks.

Multiple types of products are available such as exploits, scanners, and tools for bruteforcing weak credentials. All scanners are free, so simply create an account, load the volatileminds plugin, then sync all the free scanners from the store to your local Metasploit installation.

Packs are collections of products, generally focused on a particular brand or piece of software. Purchasing a pack is always cheaper than purchasing its contents separately. You can then subscribe for a small fee to any purchased packs and automatically gain access to products added to the pack in the future at no extra cost.

New Products

osTicket Scanner

This module scans for instances of osTicket on a network.


0 credits
osTicket file.php Blind SQL Injection

This module exploits an unauthenticated blind SQL injection in versions of osTicket <= 1.10.


5 credits
Wordpress Loginizer SQL Injection Scanner

This module scans for vulnerable instances of the Loginizer Wordpress plugin.


0 credits
Wordpress Loginizer Blind SQL Injection

This module exploits an unauthenticated blind SQL injection in the Loginizer Wordpress plugin to enumerate users.


6 credits

Top Products

Discourse Forums Bruteforce

This module bruteforces Discourse Forums credentials.


2 credits
MyBB Username/Salt/Password hash/Email Enumeration via Unathenticated SQL injection

This module enumerates MyBB usernames and password hashes on vulnerable instances.


1 credits
MediaWiki SyntaxHighlight Remote Code Execution

This module exploits vulnerable instances in order to gain a remote shell.


7 credits
Joomla com_fields SQL Injection User Enumeration

This module exploits an unauthenticated SQL injection in Joomla in order to enumerate users and password hashes.


5 credits

Top Packs

Wordpress Pack

This pack focuses on Wordpress products


More info
Splunk Pack

This pack focuses on Splunk products


More info
Joomla Pack

This pack focuses on Joomla products


More info
MediaWiki Pack

This pack focuses on MediaWiki modules


More info

Top Categories

Wordpress   Enterprise   SQL Injection   Command Execution  

Stay up to date!

Sign up for our regular newsletter (usually weekly), detailing new products on the store.