Showing preview only (234K chars total). Download the full file or copy to clipboard to get everything.
Repository: Z4nzu/hackingtool
Branch: master
Commit: 01a51bbca6d0
Files: 58
Total size: 219.9 KB
Directory structure:
gitextract_i3uowkw6/
├── .dockerignore
├── .github/
│ ├── FUNDING.yml
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug_report.md
│ │ ├── feature_request.md
│ │ └── tool_request.md
│ ├── PULL_REQUEST_TEMPLATE.md
│ └── workflows/
│ ├── lint_python.yml
│ └── test_install.yml
├── .gitignore
├── Dockerfile
├── LICENSE
├── README.md
├── README_template.md
├── config.py
├── constants.py
├── core.py
├── docker-compose.yml
├── generate_readme.py
├── hackingtool.py
├── images/
│ └── demo
├── install.py
├── install.sh
├── os_detect.py
├── requirements.txt
├── tools/
│ ├── __init__.py
│ ├── active_directory.py
│ ├── anonsurf.py
│ ├── cloud_security.py
│ ├── ddos.py
│ ├── exploit_frameworks.py
│ ├── forensics.py
│ ├── information_gathering.py
│ ├── mobile_security.py
│ ├── other_tools.py
│ ├── others/
│ │ ├── __init__.py
│ │ ├── android_attack.py
│ │ ├── email_verifier.py
│ │ ├── hash_crack.py
│ │ ├── homograph_attacks.py
│ │ ├── mix_tools.py
│ │ ├── payload_injection.py
│ │ ├── socialmedia.py
│ │ ├── socialmedia_finder.py
│ │ ├── web_crawling.py
│ │ └── wifi_jamming.py
│ ├── payload_creator.py
│ ├── phishing_attack.py
│ ├── post_exploitation.py
│ ├── remote_administration.py
│ ├── reverse_engineering.py
│ ├── sql_injection.py
│ ├── steganography.py
│ ├── tool_manager.py
│ ├── web_attack.py
│ ├── wireless_attack.py
│ ├── wordlist_generator.py
│ └── xss_attack.py
└── update.sh
================================================
FILE CONTENTS
================================================
================================================
FILE: .dockerignore
================================================
# Version control
.git/
.gitignore
# GitHub / docs
.github/
images/
*.md
# Python cache
__pycache__/
*.py[cod]
*.pyo
.mypy_cache/
.ruff_cache/
.pytest_cache/
# Tests
tests/
test_*.py
# Docker files themselves (don't recurse)
Dockerfile
docker-compose.yml
.dockerignore
# OS / editor noise
.DS_Store
*.swp
*.swo
================================================
FILE: .github/FUNDING.yml
================================================
buy_me_a_coffee: hardikzinzu
================================================
FILE: .github/ISSUE_TEMPLATE/bug_report.md
================================================
---
name: Bug Report
about: Report a broken install, crash, or unexpected behavior
title: "[BUG] <tool name> — <short description>"
labels: bug
assignees: ''
---
## Description
<!-- Clear, concise description of what went wrong -->
## Affected Tool
- **Category:** <!-- e.g. Web Attack Tools -->
- **Tool name:** <!-- e.g. Nuclei -->
## Steps to Reproduce
1.
2.
3.
## Expected Behavior
<!-- What should have happened? -->
## Error Output
```
<paste the full terminal output / traceback here>
```
## Environment
| Field | Value |
|---|---|
| OS | <!-- e.g. Kali Linux 2024.1, Ubuntu 22.04, macOS 14 --> |
| Python | <!-- `python3 --version` --> |
| hackingtool | v2.0.0 |
## Additional Context
<!-- Screenshots, workarounds tried, etc. -->
================================================
FILE: .github/ISSUE_TEMPLATE/feature_request.md
================================================
---
name: Feature Request
about: Suggest an improvement to hackingtool itself (not a new tool addition — use the Tool Request template for that)
title: "[FEATURE] <short description>"
labels: enhancement
assignees: ''
---
## Problem
<!-- What limitation or friction prompted this request? -->
## Proposed Solution
<!-- Describe the change or new capability you'd like -->
## Alternatives Considered
<!-- Other approaches you thought about -->
## Additional Context
<!-- Screenshots, mockups, links, etc. -->
================================================
FILE: .github/ISSUE_TEMPLATE/tool_request.md
================================================
---
name: Tool Request
about: Suggest a new tool to be added to hackingtool
title: "[Tool Request] <ToolName> — <Category>"
labels: tool-request
assignees: ''
---
<!--
TITLE FORMAT (required): [Tool Request] ToolName — Category
Example: [Tool Request] Subfinder — Information Gathering
Issues without this title format may be closed without review.
-->
## Tool Details
| Field | Value |
|---|---|
| **Tool name** | <!-- e.g. Subfinder --> |
| **GitHub URL** | <!-- e.g. https://github.com/projectdiscovery/subfinder --> |
| **Category** | <!-- Choose one: Anonymously Hiding / Information Gathering / Wordlist Generator / Wireless Attack / SQL Injection / Phishing / Web Attack / Post Exploitation / Forensics / Payload Creation / Exploit Framework / Reverse Engineering / DDOS / RAT / XSS / Steganography / Other --> |
| **Supported OS** | <!-- Linux / macOS / Both --> |
| **Language** | <!-- Python / Go / Rust / C / Bash / etc. --> |
| **Install method** | <!-- pip / go install / apt / git clone / etc. --> |
## Why should it be added?
<!-- What does this tool do that isn't already covered? Min 2 sentences. -->
## Install Command
```bash
# paste the install command(s) here
```
## Run Command
```bash
# paste the run/usage command here
```
## Is the tool actively maintained?
<!-- Yes / No — link to last commit or release date -->
## Additional Notes
<!-- Anything else the maintainer should know -->
================================================
FILE: .github/PULL_REQUEST_TEMPLATE.md
================================================
<!--
TITLE FORMAT
─────────────────────────────────────────────────────────────────
Adding a new tool → [New Tool] ToolName — Category
Bug fix → [Fix] Short description of what was fixed
Improvement → [Improve] Short description
─────────────────────────────────────────────────────────────────
PRs without a properly formatted title may be closed without review.
-->
## Type of Change
- [ ] New tool addition
- [ ] Bug fix
- [ ] Improvement / refactor
- [ ] Documentation update
---
## For New Tool Additions — Required Fields
| Field | Value |
|---|---|
| **Tool name** | |
| **GitHub URL** | |
| **Category** | |
| **Supported OS** | Linux / macOS / Both |
| **Install method** | pip / go install / apt / git clone |
**Why should it be added?**
<!-- What gap does this fill? Min 2 sentences. -->
**Is the tool actively maintained?**
<!-- Link to last release / commit -->
---
## Checklist
- [ ] Title follows the format above
- [ ] New tool class added to the correct `tools/*.py` file
- [ ] `TITLE`, `DESCRIPTION`, `INSTALL_COMMANDS`, `RUN_COMMANDS`, `PROJECT_URL` all set
- [ ] `SUPPORTED_OS` set correctly (`["linux"]` / `["linux", "macos"]`)
- [ ] Tool added to the `TOOLS` list in the collection class at the bottom of the file
- [ ] No new dependencies added to `requirements.txt` without discussion
- [ ] Tested locally — install and run commands work
================================================
FILE: .github/workflows/lint_python.yml
================================================
name: lint_python
on:
pull_request:
branches: [master]
push:
branches: [master]
jobs:
lint_python:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.12"
- run: pip install --upgrade pip ruff setuptools wheel
- name: "Ruff: Show stopper (must-fix) issues"
run: ruff check . --select=E9,F63,F7,F82,PLE,YTT --output-format=full
- name: "Ruff: All issues"
run: ruff check --exit-zero --select=ALL --statistics --target-version=py310 .
- name: "Ruff: All fixable (ruff --fix) issues"
run: ruff check --exit-zero --select=ALL --ignore=ANN204,COM812,ERA001,RSE102 --statistics --target-version=py310 . | grep "\[\*\]" || true
- run: pip install black codespell mypy pytest
- run: black --check . || true
- run: codespell
- run: pip install -r requirements.txt || true
- run: mkdir --parents --verbose .mypy_cache
- run: mypy --ignore-missing-imports --install-types --non-interactive . || true
- run: pytest . || true
================================================
FILE: .github/workflows/test_install.yml
================================================
name: test_install
on:
pull_request:
branches: [master]
push:
branches: [master]
jobs:
test_install:
runs-on: ubuntu-latest
env:
TERM: "linux"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: 'pip'
- run: pip install --upgrade pip
- run: pip install -r requirements.txt
- run: sudo python3 install.py 1
# Verify the hackingtool entrypoint is on PATH
- run: which hackingtool
# Smoke test: launch and immediately quit (99)
- name: "Smoke test: launch and quit"
run: echo -e "99\n" | hackingtool || true
# Navigate into first category and back out
- name: "Navigation test: enter category 1, quit"
run: echo -e "1\n99\n99\n" | hackingtool || true
================================================
FILE: .gitignore
================================================
# Created by https://www.toptal.com/developers/gitignore/api/python,venv
# Edit at https://www.toptal.com/developers/gitignore?templates=python,venv
### Python ###
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
# C extensions
*.so
# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
*.py,cover
.hypothesis/
.pytest_cache/
cover/
.idea/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
.pybuilder/
target/
# Jupyter Notebook
.ipynb_checkpoints
# IPython
profile_default/
ipython_config.py
# pyenv
# For a library or package, you might want to ignore these files since the code is
# intended to run in multiple environments; otherwise, check them in:
# .python-version
# pipenv
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
# However, in case of collaboration, if having platform-specific dependencies or dependencies
# having no cross-platform support, pipenv may install dependencies that don't work, or not
# install all needed dependencies.
#Pipfile.lock
# poetry
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
# This is especially recommended for binary packages to ensure reproducibility, and is more
# commonly ignored for libraries.
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
#poetry.lock
# pdm
# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
#pdm.lock
# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
# in version control.
# https://pdm.fming.dev/#use-with-ide
.pdm.toml
# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
__pypackages__/
# Celery stuff
celerybeat-schedule
celerybeat.pid
# SageMath parsed files
*.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
.dmypy.json
dmypy.json
# Pyre type checker
.pyre/
# pytype static type analyzer
.pytype/
# Cython debug symbols
cython_debug/
# PyCharm
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
# and can be added to the global gitignore or merged into this file. For a more nuclear
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/
### Python Patch ###
# Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration
poetry.toml
# ruff
.ruff_cache/
### venv ###
# Virtualenv
# http://iamzed.com/2009/05/07/a-primer-on-virtualenv/
[Bb]in
[Ii]nclude
[Ll]ib
[Ll]ib64
[Ll]ocal
[Ss]cripts
pyvenv.cfg
pip-selfcheck.json
# End of https://www.toptal.com/developers/gitignore/api/python,venv
================================================
FILE: Dockerfile
================================================
# syntax=docker/dockerfile:1
# Enables BuildKit features (cache mounts, faster builds)
FROM kalilinux/kali-rolling:latest
LABEL org.opencontainers.image.title="hackingtool" \
org.opencontainers.image.description="All-in-One Hacking Tool for Security Researchers" \
org.opencontainers.image.source="https://github.com/Z4nzu/hackingtool" \
org.opencontainers.image.licenses="MIT"
# Install system dependencies
# - sudo and python3-venv are not needed (container runs as root, venv unused)
# - --no-install-recommends keeps the layer lean
RUN apt-get update && \
apt-get install -y --no-install-recommends \
git python3-pip python3-venv curl wget php && \
rm -rf /var/lib/apt/lists/*
WORKDIR /root/hackingtool
# Copy requirements first so this layer is cached unless requirements change
COPY requirements.txt ./
# --mount=type=cache persists the pip cache across rebuilds (BuildKit only)
# --break-system-packages required on Kali (PEP 668 externally-managed env)
RUN --mount=type=cache,target=/root/.cache/pip \
pip3 install --break-system-packages -r requirements.txt
# Copy the rest of the source (respects .dockerignore)
COPY . .
# Ensure the tools directory exists for installs performed at runtime
RUN mkdir -p /root/.hackingtool/tools
ENTRYPOINT ["python3", "/root/hackingtool/hackingtool.py"]
================================================
FILE: LICENSE
================================================
MIT License
Copyright (c) 2020 Mr.Z4nzu
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
================================================
FILE: README.md
================================================
<div align="center">
<img src="images/logo.svg" alt="HackingTool" width="600">
<p><b>All-in-One Hacking Tool for Security Researchers & Pentesters</b></p>
[](LICENSE)
[](https://www.python.org/)
[](#)
[](https://github.com/Z4nzu/hackingtool/stargazers)
[](https://github.com/Z4nzu/hackingtool/network/members)
[](https://github.com/Z4nzu/hackingtool/issues)
[](https://github.com/Z4nzu/hackingtool/commits/master)
<a href="#installation"><img src="https://img.shields.io/badge/Install_Now-00FF88?style=for-the-badge&logo=rocket&logoColor=black" alt="Install Now"></a>
<a href="#quick-commands"><img src="https://img.shields.io/badge/Quick_Commands-7B61FF?style=for-the-badge&logo=terminal&logoColor=white" alt="Quick Commands"></a>
<a href="https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md"><img src="https://img.shields.io/badge/Suggest_a_Tool-FF61DC?style=for-the-badge&logo=plus&logoColor=white" alt="Suggest a Tool"></a>
</div>
---
## What's New in v2.0.0
<table>
<tr><td>
| | Feature | Description |
|:---:|---|---|
| **🐍** | **Python 3.10+** | All Python 2 code removed, modern syntax throughout |
| **🖥** | **OS-aware menus** | Linux-only tools hidden automatically on macOS |
| **📦** | **185+ tools** | 35 new modern tools added across 6 categories |
| **🔍** | **Search** | Type `/` to search all tools by name, description, or keyword |
| **🏷** | **Tag filter** | Type `t` to filter by 19 tags — osint, web, c2, cloud, mobile... |
| **💡** | **Recommend** | Type `r` — "I want to scan a network" → shows relevant tools |
| **✅** | **Install status** | ✔/✘ shown next to every tool — know what's ready |
| **⚡** | **Install all** | Option `97` in any category — batch install at once |
| **🔄** | **Smart update** | Each tool has Update — auto-detects git pull / pip upgrade / go install |
| **📂** | **Open folder** | Jump into any tool's directory for manual inspection |
| **🐳** | **Docker** | Builds locally — no unverified external images |
| **🚀** | **One-liner install** | `curl -sSL .../install.sh \| sudo bash` — zero manual steps |
| **🏢** | **3 new categories** | Active Directory, Cloud Security, Mobile Security |
</td></tr>
</table>
---
## Quick Commands
<div align="center">
| Command | Action | Works in |
|:---:|---|:---:|
| `/query` | **Search** — find tools instantly by keyword | Main menu |
| `t` | **Tags** — filter by osint, scanner, c2, cloud, mobile... | Main menu |
| `r` | **Recommend** — "I want to do X" → matching tools | Main menu |
| `?` | **Help** — quick reference card | Everywhere |
| `q` | **Quit** — exit from any depth | Everywhere |
| `97` | **Install All** — batch install all tools in category | Category |
| `99` | **Back** — return to previous menu | Everywhere |
</div>
---
## Tool Categories
<div align="center">
| # | Category | Tools | | # | Category | Tools |
|:---:|---|:---:|---|:---:|---|:---:|
| 1 | 🛡 [Anonymously Hiding](#anonymously-hiding-tools) | 2 | | 11 | 🧰 [Exploit Framework](#exploit-framework) | 4 |
| 2 | 🔍 [Information Gathering](#information-gathering-tools) | 26 | | 12 | 🔁 [Reverse Engineering](#reverse-engineering-tools) | 5 |
| 3 | 📚 [Wordlist Generator](#wordlist-generator) | 7 | | 13 | ⚡ [DDOS Attack](#ddos-attack-tools) | 5 |
| 4 | 📶 [Wireless Attack](#wireless-attack-tools) | 13 | | 14 | 🖥 [RAT](#remote-administrator-tools-rat) | 1 |
| 5 | 🧩 [SQL Injection](#sql-injection-tools) | 7 | | 15 | 💥 [XSS Attack](#xss-attack-tools) | 9 |
| 6 | 🎣 [Phishing Attack](#phishing-attack-tools) | 17 | | 16 | 🖼 [Steganography](#steganography-tools) | 4 |
| 7 | 🌐 [Web Attack](#web-attack-tools) | 20 | | 17 | 🏢 [Active Directory](#active-directory-tools) | 6 |
| 8 | 🔧 [Post Exploitation](#post-exploitation-tools) | 10 | | 18 | ☁ [Cloud Security](#cloud-security-tools) | 4 |
| 9 | 🕵 [Forensics](#forensic-tools) | 8 | | 19 | 📱 [Mobile Security](#mobile-security-tools) | 3 |
| 10 | 📦 [Payload Creation](#payload-creation-tools) | 8 | | 20 | ✨ [Other Tools](#other-tools) | 24 |
</div>
---
## 🛡 Anonymously Hiding Tools
- [Anonymously Surf](https://github.com/Und3rf10w/kali-anonsurf)
- [Multitor](https://github.com/trimstray/multitor)
## 🔍 Information Gathering Tools
- [Network Map (nmap)](https://github.com/nmap/nmap)
- [Dracnmap](https://github.com/Screetsec/Dracnmap)
- Port scanning
- Host to IP
- [Xerosploit](https://github.com/LionSec/xerosploit)
- [RED HAWK](https://github.com/Tuhinshubhra/RED_HAWK)
- [ReconSpider](https://github.com/bhavsec/reconspider)
- IsItDown
- [Infoga](https://github.com/m4ll0k/Infoga)
- [ReconDog](https://github.com/s0md3v/ReconDog)
- [Striker](https://github.com/s0md3v/Striker)
- [SecretFinder](https://github.com/m4ll0k/SecretFinder)
- [Shodanfy](https://github.com/m4ll0k/Shodanfy.py)
- [rang3r](https://github.com/floriankunushevci/rang3r)
- [Breacher](https://github.com/s0md3v/Breacher)
- [theHarvester](https://github.com/laramies/theHarvester) ★
- [Amass](https://github.com/owasp-amass/amass) ★
- [Masscan](https://github.com/robertdavidgraham/masscan) ★
- [RustScan](https://github.com/RustScan/RustScan) ★
- [Holehe](https://github.com/megadose/holehe) ★
- [Maigret](https://github.com/soxoj/maigret) ★
- [httpx](https://github.com/projectdiscovery/httpx) ★
- [SpiderFoot](https://github.com/smicallef/spiderfoot) ★
- [Subfinder](https://github.com/projectdiscovery/subfinder) ★
- [TruffleHog](https://github.com/trufflesecurity/trufflehog) ★
- [Gitleaks](https://github.com/gitleaks/gitleaks) ★
## 📚 Wordlist Generator
- [Cupp](https://github.com/Mebus/cupp)
- [WordlistCreator](https://github.com/Z4nzu/wlcreator)
- [Goblin WordGenerator](https://github.com/UndeadSec/GoblinWordGenerator)
- [Password list (1.4B)](https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got)
- [Hashcat](https://github.com/hashcat/hashcat) ★
- [John the Ripper](https://github.com/openwall/john) ★
- [haiti](https://github.com/noraj/haiti) ★
## 📶 Wireless Attack Tools
- [WiFi-Pumpkin](https://github.com/P0cL4bs/wifipumpkin3)
- [pixiewps](https://github.com/wiire/pixiewps)
- [Bluetooth Honeypot (bluepot)](https://github.com/andrewmichaelsmith/bluepot)
- [Fluxion](https://github.com/FluxionNetwork/fluxion)
- [Wifiphisher](https://github.com/wifiphisher/wifiphisher)
- [Wifite](https://github.com/derv82/wifite2)
- [EvilTwin](https://github.com/Z4nzu/fakeap)
- [Fastssh](https://github.com/Z4nzu/fastssh)
- Howmanypeople
- [Airgeddon](https://github.com/v1s1t0r1sh3r3/airgeddon) ★
- [hcxdumptool](https://github.com/ZerBea/hcxdumptool) ★
- [hcxtools](https://github.com/ZerBea/hcxtools) ★
- [Bettercap](https://github.com/bettercap/bettercap) ★
## 🧩 SQL Injection Tools
- [Sqlmap](https://github.com/sqlmapproject/sqlmap)
- [NoSqlMap](https://github.com/codingo/NoSQLMap)
- [DSSS](https://github.com/stamparm/DSSS)
- [Explo](https://github.com/dtag-dev-sec/explo)
- [Blisqy](https://github.com/JohnTroony/Blisqy)
- [Leviathan](https://github.com/leviathan-framework/leviathan)
- [SQLScan](https://github.com/Cvar1984/sqlscan)
## 🎣 Phishing Attack Tools
- [Autophisher](https://github.com/CodingRanjith/autophisher)
- [PyPhisher](https://github.com/KasRoudra/PyPhisher)
- [AdvPhishing](https://github.com/Ignitetch/AdvPhishing)
- [Setoolkit](https://github.com/trustedsec/social-engineer-toolkit)
- [SocialFish](https://github.com/UndeadSec/SocialFish)
- [HiddenEye](https://github.com/Morsmalleo/HiddenEye)
- [Evilginx3](https://github.com/kgretzky/evilginx2)
- [I-See-You](https://github.com/Viralmaniar/I-See-You)
- [SayCheese](https://github.com/hangetzzu/saycheese)
- [QR Code Jacking](https://github.com/cryptedwolf/ohmyqr)
- [BlackEye](https://github.com/thelinuxchoice/blackeye)
- [ShellPhish](https://github.com/An0nUD4Y/shellphish)
- [Thanos](https://github.com/TridevReddy/Thanos)
- [QRLJacking](https://github.com/OWASP/QRLJacking)
- [Maskphish](https://github.com/jaykali/maskphish)
- [BlackPhish](https://github.com/iinc0gnit0/BlackPhish)
- [dnstwist](https://github.com/elceef/dnstwist)
## 🌐 Web Attack Tools
- [Web2Attack](https://github.com/santatic/web2attack)
- Skipfish
- [Sublist3r](https://github.com/aboul3la/Sublist3r)
- [CheckURL](https://github.com/UndeadSec/checkURL)
- [Sub-Domain TakeOver](https://github.com/edoardottt/takeover)
- [Dirb](https://gitlab.com/kalilinux/packages/dirb)
- [Nuclei](https://github.com/projectdiscovery/nuclei) ★
- [ffuf](https://github.com/ffuf/ffuf) ★
- [Feroxbuster](https://github.com/epi052/feroxbuster) ★
- [Nikto](https://github.com/sullo/nikto) ★
- [wafw00f](https://github.com/EnableSecurity/wafw00f) ★
- [Katana](https://github.com/projectdiscovery/katana) ★
- [Gobuster](https://github.com/OJ/gobuster) ★
- [Dirsearch](https://github.com/maurosoria/dirsearch) ★
- [OWASP ZAP](https://github.com/zaproxy/zaproxy) ★
- [testssl.sh](https://github.com/drwetter/testssl.sh) ★
- [Arjun](https://github.com/s0md3v/Arjun) ★
- [Caido](https://github.com/caido/caido) ★
- [mitmproxy](https://github.com/mitmproxy/mitmproxy) ★
## 🔧 Post Exploitation Tools
- [Vegile](https://github.com/Screetsec/Vegile)
- [Chrome Keylogger](https://github.com/UndeadSec/HeraKeylogger)
- [pwncat-cs](https://github.com/calebstewart/pwncat) ★
- [Sliver](https://github.com/BishopFox/sliver) ★
- [Havoc](https://github.com/HavocFramework/Havoc) ★
- [PEASS-ng (LinPEAS/WinPEAS)](https://github.com/peass-ng/PEASS-ng) ★
- [Ligolo-ng](https://github.com/nicocha30/ligolo-ng) ★
- [Chisel](https://github.com/jpillora/chisel) ★
- [Evil-WinRM](https://github.com/Hackplayers/evil-winrm) ★
- [Mythic](https://github.com/its-a-feature/Mythic) ★
## 🕵 Forensic Tools
- Autopsy
- Wireshark
- [Bulk extractor](https://github.com/simsong/bulk_extractor)
- [Guymager](https://guymager.sourceforge.io/)
- [Toolsley](https://www.toolsley.com/)
- [Volatility 3](https://github.com/volatilityfoundation/volatility3) ★
- [Binwalk](https://github.com/ReFirmLabs/binwalk) ★
- [pspy](https://github.com/DominicBreuker/pspy) ★
## 📦 Payload Creation Tools
- [The FatRat](https://github.com/Screetsec/TheFatRat)
- [Brutal](https://github.com/Screetsec/Brutal)
- [Stitch](https://nathanlopez.github.io/Stitch)
- [MSFvenom Payload Creator](https://github.com/g0tmi1k/msfpc)
- [Venom](https://github.com/r00t-3xp10it/venom)
- [Spycam](https://github.com/indexnotfound404/spycam)
- [Mob-Droid](https://github.com/kinghacker0/Mob-Droid)
- [Enigma](https://github.com/UndeadSec/Enigma)
## 🧰 Exploit Framework
- [RouterSploit](https://github.com/threat9/routersploit)
- [WebSploit](https://github.com/The404Hacking/websploit)
- [Commix](https://github.com/commixproject/commix)
- [Web2Attack](https://github.com/santatic/web2attack)
## 🔁 Reverse Engineering Tools
- [Androguard](https://github.com/androguard/androguard)
- [Apk2Gold](https://github.com/lxdvs/apk2gold)
- [JadX](https://github.com/skylot/jadx)
- [Ghidra](https://github.com/NationalSecurityAgency/ghidra) ★
- [Radare2](https://github.com/radareorg/radare2) ★
## ⚡ DDOS Attack Tools
- [DDoS Script](https://github.com/the-deepnet/ddos)
- [SlowLoris](https://github.com/gkbrk/slowloris)
- [Asyncrone](https://github.com/fatihsnsy/aSYNcrone)
- [UFOnet](https://github.com/epsylon/ufonet)
- [GoldenEye](https://github.com/jseidl/GoldenEye)
## 🖥 Remote Administrator Tools (RAT)
- [Pyshell](https://github.com/knassar702/pyshell)
## 💥 XSS Attack Tools
- [DalFox](https://github.com/hahwul/dalfox)
- [XSS Payload Generator](https://github.com/capture0x/XSS-LOADER)
- [Extended XSS Searcher](https://github.com/Damian89/extended-xss-search)
- [XSS-Freak](https://github.com/PR0PH3CY33/XSS-Freak)
- [XSpear](https://github.com/hahwul/XSpear)
- [XSSCon](https://github.com/menkrep1337/XSSCon)
- [XanXSS](https://github.com/Ekultek/XanXSS)
- [XSStrike](https://github.com/UltimateHackers/XSStrike)
- [RVuln](https://github.com/iinc0gnit0/RVuln)
## 🖼 Steganography Tools
- SteganoHide
- [StegoCracker](https://github.com/W1LDN16H7/StegoCracker)
- [Whitespace](https://github.com/beardog108/snow10)
## 🏢 Active Directory Tools
- [BloodHound](https://github.com/BloodHoundAD/BloodHound) ★
- [NetExec (nxc)](https://github.com/Pennyw0rth/NetExec) ★
- [Impacket](https://github.com/fortra/impacket) ★
- [Responder](https://github.com/lgandx/Responder) ★
- [Certipy](https://github.com/ly4k/Certipy) ★
- [Kerbrute](https://github.com/ropnop/kerbrute) ★
## ☁ Cloud Security Tools
- [Prowler](https://github.com/prowler-cloud/prowler) ★
- [ScoutSuite](https://github.com/nccgroup/ScoutSuite) ★
- [Pacu](https://github.com/RhinoSecurityLabs/pacu) ★
- [Trivy](https://github.com/aquasecurity/trivy) ★
## 📱 Mobile Security Tools
- [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) ★
- [Frida](https://github.com/frida/frida) ★
- [Objection](https://github.com/sensepost/objection) ★
## ✨ Other Tools
#### SocialMedia Bruteforce
- [AllinOne SocialMedia Attack](https://github.com/Matrix07ksa/Brute_Force)
- [Facebook Attack](https://github.com/Matrix07ksa/Brute_Force)
- [Application Checker](https://github.com/jakuta-tech/underhanded)
#### Android Hacking Tools
- [Keydroid](https://github.com/F4dl0/keydroid)
- [MySMS](https://github.com/papusingh2sms/mysms)
- [Lockphish](https://github.com/JasonJerry/lockphish)
- [DroidCam / WishFish](https://github.com/kinghacker0/WishFish)
- [EvilApp](https://github.com/crypticterminal/EvilApp)
#### IDN Homograph Attack
- [EvilURL](https://github.com/UndeadSec/EvilURL)
#### Email Verify Tools
- [Knockmail](https://github.com/4w4k3/KnockMail)
#### Hash Cracking Tools
- [Hash Buster](https://github.com/s0md3v/Hash-Buster)
#### Wifi Deauthenticate
- [WifiJammer-NG](https://github.com/MisterBianco/wifijammer-ng)
- [KawaiiDeauther](https://github.com/aryanrtm/KawaiiDeauther)
#### SocialMedia Finder
- [Find SocialMedia By Facial Recognition](https://github.com/Greenwolf/social_mapper)
- [Find SocialMedia By UserName](https://github.com/xHak9x/finduser)
- [Sherlock](https://github.com/sherlock-project/sherlock)
- [SocialScan](https://github.com/iojw/socialscan)
#### Payload Injector
- [Debinject](https://github.com/UndeadSec/Debinject)
- [Pixload](https://github.com/chinarulezzz/pixload)
#### Web Crawling
- [Gospider](https://github.com/jaeles-project/gospider)
#### Mix Tools
- Terminal Multiplexer (tilix)
- [Crivo](https://github.com/GMDSantana/crivo)
---
## Contributing — Add a New Tool
<table>
<tr>
<td width="50%">
### Open an Issue
> **Title:** `[Tool Request] ToolName — Category`
Use the [Tool Request](.github/ISSUE_TEMPLATE/tool_request.md) template.
Required: tool name, GitHub URL, category, OS, install command, reason.
</td>
<td width="50%">
### Open a Pull Request
> **Title:** `[New Tool] ToolName — Category`
Use the [PR template](.github/PULL_REQUEST_TEMPLATE.md) checklist.
Required: class in `tools/*.py`, TITLE, DESCRIPTION, INSTALL/RUN commands, SUPPORTED_OS, test locally.
</td>
</tr>
</table>
> Issues or PRs that don't follow the title format will be closed without review.
---
## Installation
<table>
<tr>
<td>
### One-liner (recommended)
```bash
curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash
```
Handles everything — prerequisites, clone, venv, launcher.
</td>
<td>
### Manual
```bash
git clone https://github.com/Z4nzu/hackingtool.git
cd hackingtool
sudo python3 install.py
```
Then run: `hackingtool`
</td>
</tr>
</table>
### Docker
```bash
# Build
docker build -t hackingtool .
# Run (direct)
docker run -it --rm hackingtool
# Run (Compose — recommended)
docker compose up -d
docker exec -it hackingtool bash
# Dev mode (live source mount)
docker compose --profile dev up
docker exec -it hackingtool-dev bash
# Stop
docker compose down # stop container
docker compose down -v # also remove data volume
```
### Requirements
| Dependency | Version | Needed for |
|---|---|---|
| Python | 3.10+ | Core |
| Go | 1.21+ | nuclei, ffuf, amass, httpx, katana, dalfox, gobuster, subfinder |
| Ruby | any | haiti, evil-winrm |
| Docker | any | Mythic, MobSF (optional) |
```bash
pip install -r requirements.txt
```
---
## Star History
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date&theme=dark" />
<source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date" />
<img alt="HackingTool Star History Chart" src="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date" />
</picture>
---
## Support
If this project helps you, consider buying me a coffee:
<a href="https://buymeacoffee.com/hardikzinzu" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png" alt="Buy Me A Coffee" height="50"></a>
## Social
[](https://twitter.com/_Zinzu07)
[](https://github.com/Z4nzu/)
> **For authorized security testing only.**
> Thanks to all original authors of the tools included in hackingtool.
Your favourite tool is not listed? [Suggest it here](https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md)
================================================
FILE: README_template.md
================================================
<div align="center">
# HackingTool
**All-in-One Hacking Tool for Security Researchers & Pentesters**
[](LICENSE)
[](https://www.python.org/)
[](#)
[](#)
[](https://github.com/Z4nzu/hackingtool/stargazers)
[](https://github.com/Z4nzu/hackingtool/network/members)
[](https://github.com/Z4nzu/hackingtool/issues)
[](https://github.com/Z4nzu/hackingtool/commits/master)
</div>
---
## What's New in v2.0.0
- Python 3.10+ required — all Python 2 code removed
- OS-aware menus — Linux-only tools are hidden automatically on macOS
- Archived tools (Python 2, unmaintained) shown in a separate sub-menu
- All `os.chdir()` bugs fixed — tools install to `~/.hackingtool/tools/`
- No more `sudo git clone` — tools install to user home, no root needed
- 22 new modern tools added across 6 categories
- Rich terminal UI with shared theme — no more 32 different console instances
- Iterative menus — no more recursion stack overflow on deep navigation
- Docker image builds locally — no unverified external images
- `requirements.txt` cleaned — removed unused flask/boxes/lolcat/requests
---
## Menu
{{toc}}
---
## Tools
{{tools}}
---
## Contributing — Add a New Tool
Want a tool included? **Raise an Issue or open a PR** using the templates below.
### Issue (Tool Request)
> Title format: `[Tool Request] ToolName — Category`
> Example: `[Tool Request] Subfinder — Information Gathering`
Use the **Tool Request** issue template and fill in all required fields:
tool name, GitHub URL, category, supported OS, install command, and why it should be added.
### Pull Request
> Title format: `[New Tool] ToolName — Category`
> Example: `[New Tool] Subfinder — Information Gathering`
Use the **PR template** checklist. Key requirements:
1. Add your tool class to the correct `tools/*.py` file
2. Set `TITLE`, `DESCRIPTION`, `INSTALL_COMMANDS`, `RUN_COMMANDS`, `PROJECT_URL`
3. Set `SUPPORTED_OS = ["linux"]` or `["linux", "macos"]` appropriately
4. Add the instance to the `TOOLS` list in the collection class
5. Test install and run locally before submitting
Issues or PRs that don't follow the title format may be closed without review.
---
## Installation
### One-liner (recommended)
```bash
curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash
```
This handles everything — installs prerequisites, clones the repo, sets up a venv, and creates the `hackingtool` command.
### Manual install
```bash
git clone https://github.com/Z4nzu/hackingtool.git
cd hackingtool
sudo python3 install.py # detects local source, copies instead of re-cloning
```
Then run:
```bash
hackingtool
```
## Docker
### Step 1 — Clone the repository
```bash
git clone https://github.com/Z4nzu/hackingtool.git
cd hackingtool
```
### Step 2 — Build the image
```bash
docker build -t hackingtool .
```
> First build takes a few minutes (Kali base + apt packages). Subsequent builds are fast thanks to BuildKit layer caching.
### Step 3 — Run
**Option A — Direct (no Compose):**
```bash
docker run -it --rm hackingtool
```
**Option B — With Docker Compose (recommended):**
```bash
# Start in background
docker compose up -d
# Open an interactive shell
docker exec -it hackingtool bash
# Then launch the tool inside the container
python3 hackingtool.py
```
**Option C — Dev mode (live source mount, changes reflected without rebuild):**
```bash
docker compose --profile dev up
docker exec -it hackingtool-dev bash
```
### Stopping
```bash
docker compose down # stop and remove container
docker compose down -v # also remove the tools data volume
```
## Requirements
- Python 3.10+
- Linux (Kali, Parrot, Ubuntu) or macOS
- Go 1.21+ (for nuclei, ffuf, amass, httpx, katana, dalfox)
- Ruby (for haiti)
```bash
pip install -r requirements.txt
```
---
## Star History
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date&theme=dark" />
<source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date" />
<img alt="HackingTool Star History Chart" src="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date" />
</picture>
---
## Social
[](https://twitter.com/_Zinzu07)
[](https://github.com/Z4nzu/)
> **Please don't use for illegal activity.**
> Thanks to all original authors of the tools included in hackingtool.
Your favourite tool is not listed? [Suggest it here](https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md)
================================================
FILE: config.py
================================================
import json
import logging
from pathlib import Path
from typing import Any
from constants import USER_CONFIG_FILE, USER_TOOLS_DIR, DEFAULT_CONFIG
logger = logging.getLogger(__name__)
def load() -> dict[str, Any]:
"""Load config from disk, merging with defaults for any missing keys."""
if USER_CONFIG_FILE.exists():
try:
on_disk = json.loads(USER_CONFIG_FILE.read_text())
return {**DEFAULT_CONFIG, **on_disk}
except (json.JSONDecodeError, OSError) as exc:
logger.warning("Config file unreadable (%s), using defaults.", exc)
return dict(DEFAULT_CONFIG)
def save(cfg: dict[str, Any]) -> None:
"""Write config to disk, creating parent directories if needed."""
USER_CONFIG_FILE.parent.mkdir(parents=True, exist_ok=True)
USER_CONFIG_FILE.write_text(json.dumps(cfg, indent=2, sort_keys=True))
def get_tools_dir() -> Path:
"""
Return the directory where external tools are stored.
Creates it if it does not exist.
Always an absolute path — never relies on process CWD.
"""
cfg = load()
tools_dir = Path(cfg.get("tools_dir", str(USER_TOOLS_DIR))).expanduser().resolve()
tools_dir.mkdir(parents=True, exist_ok=True)
return tools_dir
def get_sudo_cmd() -> str:
"""Return 'doas' if available, else 'sudo'. Never hardcode 'sudo'."""
import shutil
return "doas" if shutil.which("doas") else "sudo"
================================================
FILE: constants.py
================================================
from pathlib import Path
import platform
import shutil as _shutil
# ── Repository ────────────────────────────────────────────────────────────────
REPO_OWNER = "Z4nzu"
REPO_NAME = "hackingtool"
REPO_URL = f"https://github.com/{REPO_OWNER}/{REPO_NAME}.git"
REPO_WEB_URL = f"https://github.com/{REPO_OWNER}/{REPO_NAME}"
# ── Versioning ────────────────────────────────────────────────────────────────
VERSION = "2.0.0"
VERSION_DISPLAY = f"v{VERSION}"
# ── Python requirement ────────────────────────────────────────────────────────
MIN_PYTHON = (3, 10)
# ── User-scoped paths (cross-platform, always computed at runtime) ─────────────
# NEVER hardcode /home/username — use Path.home() so it works for any user,
# including root (/root), regular users (/home/alice), macOS (/Users/alice).
USER_CONFIG_DIR = Path.home() / f".{REPO_NAME}"
USER_TOOLS_DIR = USER_CONFIG_DIR / "tools"
USER_CONFIG_FILE = USER_CONFIG_DIR / "config.json"
USER_LOG_FILE = USER_CONFIG_DIR / f"{REPO_NAME}.log"
# ── System install paths (set per OS) ─────────────────────────────────────────
_system = platform.system()
if _system == "Darwin":
# macOS — Homebrew convention
APP_INSTALL_DIR = Path("/usr/local/share") / REPO_NAME
APP_BIN_PATH = Path("/usr/local/bin") / REPO_NAME
elif _system == "Linux":
APP_INSTALL_DIR = Path("/usr/share") / REPO_NAME
APP_BIN_PATH = Path("/usr/bin") / REPO_NAME
else:
# Fallback (Windows, FreeBSD, etc.)
APP_INSTALL_DIR = USER_CONFIG_DIR / "app"
APP_BIN_PATH = USER_CONFIG_DIR / "bin" / REPO_NAME
# ── UI theme ──────────────────────────────────────────────────────────────────
THEME_PRIMARY = "bold magenta"
THEME_BORDER = "bright_magenta"
THEME_SUCCESS = "bold green"
THEME_ERROR = "bold red"
THEME_WARNING = "bold yellow"
THEME_DIM = "dim white"
THEME_ARCHIVED = "dim yellow"
THEME_URL = "underline bright_blue"
THEME_ACCENT = "bold cyan"
# ── Default config values ──────────────────────────────────────────────────────
DEFAULT_CONFIG: dict = {
"tools_dir": str(USER_TOOLS_DIR),
"version": VERSION,
"theme": "magenta",
"show_archived": False,
"sudo_binary": "sudo",
"go_bin_dir": str(Path.home() / "go" / "bin"),
"gem_bin_dir": str(Path.home() / ".gem" / "ruby"),
}
# ── Privilege escalation ───────────────────────────────────────────────────────
# Prefer doas if present (OpenBSD/some Linux setups), else sudo
PRIV_CMD = "doas" if _shutil.which("doas") else "sudo"
================================================
FILE: core.py
================================================
import os
import shutil
import sys
import webbrowser
from collections.abc import Callable
from platform import system
from rich import box
from rich.console import Console
from rich.panel import Panel
from rich.prompt import Prompt
from rich.table import Table
from rich.text import Text
from rich.theme import Theme
from rich.traceback import install
from constants import (
THEME_PRIMARY, THEME_BORDER, THEME_ACCENT,
THEME_SUCCESS, THEME_ERROR, THEME_WARNING,
THEME_DIM, THEME_ARCHIVED, THEME_URL,
)
# Enable rich tracebacks globally
install()
_theme = Theme({
"purple": "#7B61FF",
"success": THEME_SUCCESS,
"error": THEME_ERROR,
"warning": THEME_WARNING,
"archived": THEME_ARCHIVED,
"url": THEME_URL,
"dim": THEME_DIM,
})
# Single shared console — all tool files do: from core import console
console = Console(theme=_theme)
def clear_screen():
os.system("cls" if system() == "Windows" else "clear")
def validate_input(ip, val_range: list) -> int | None:
"""Return the integer if it is in val_range, else None."""
if not val_range:
return None
try:
ip = int(ip)
if ip in val_range:
return ip
except (TypeError, ValueError):
pass
return None
def _show_inline_help():
"""Quick help available from any menu level."""
console.print(Panel(
Text.assemble(
(" Navigation\n", "bold white"),
(" ─────────────────────────────────\n", "dim"),
(" 1–N ", "bold cyan"), ("select item\n", "white"),
(" 97 ", "bold cyan"), ("install all (in category)\n", "white"),
("\n Tool menu: Install, Run, Update, Open Folder\n", "dim"),
(" 99 ", "bold cyan"), ("go back\n", "white"),
(" 98 ", "bold cyan"), ("open project page / archived\n", "white"),
(" ? ", "bold cyan"), ("show this help\n", "white"),
(" q ", "bold cyan"), ("quit hackingtool\n", "white"),
),
title="[bold magenta] ? Quick Help [/bold magenta]",
border_style="magenta",
box=box.ROUNDED,
padding=(0, 2),
))
Prompt.ask("[dim]Press Enter to return[/dim]", default="")
class HackingTool:
TITLE: str = ""
DESCRIPTION: str = ""
INSTALL_COMMANDS: list[str] = []
UNINSTALL_COMMANDS: list[str] = []
RUN_COMMANDS: list[str] = []
OPTIONS: list[tuple[str, Callable]] = []
PROJECT_URL: str = ""
# OS / capability metadata
SUPPORTED_OS: list[str] = ["linux", "macos"]
REQUIRES_ROOT: bool = False
REQUIRES_WIFI: bool = False
REQUIRES_GO: bool = False
REQUIRES_RUBY: bool = False
REQUIRES_JAVA: bool = False
REQUIRES_DOCKER: bool = False
# Tags for search/filter (e.g. ["osint", "web", "recon", "scanner"])
TAGS: list[str] = []
# Archived tool flags
ARCHIVED: bool = False
ARCHIVED_REASON: str = ""
def __init__(self, options=None, installable=True, runnable=True):
options = options or []
if not isinstance(options, list):
raise TypeError("options must be a list of (option_name, option_fn) tuples")
self.OPTIONS = []
if installable:
self.OPTIONS.append(("Install", self.install))
if runnable:
self.OPTIONS.append(("Run", self.run))
self.OPTIONS.append(("Update", self.update))
self.OPTIONS.append(("Open Folder", self.open_folder))
self.OPTIONS.extend(options)
@property
def is_installed(self) -> bool:
"""Check if the tool's binary is on PATH or its clone dir exists."""
if self.RUN_COMMANDS:
cmd = self.RUN_COMMANDS[0]
# Handle "cd foo && binary --help" pattern
if "&&" in cmd:
cmd = cmd.split("&&")[-1].strip()
if cmd.startswith("sudo "):
cmd = cmd[5:].strip()
binary = cmd.split()[0] if cmd else ""
if binary and binary not in (".", "echo", "cd"):
if shutil.which(binary):
return True
# Check if git clone target dir exists
if self.INSTALL_COMMANDS:
for ic in self.INSTALL_COMMANDS:
if "git clone" in ic:
parts = ic.split()
repo_url = [p for p in parts if p.startswith("http")]
if repo_url:
dirname = repo_url[0].rstrip("/").rsplit("/", 1)[-1].replace(".git", "")
if os.path.isdir(dirname):
return True
return False
def show_info(self):
desc = f"[cyan]{self.DESCRIPTION}[/cyan]"
if self.PROJECT_URL:
desc += f"\n[url]🔗 {self.PROJECT_URL}[/url]"
if self.ARCHIVED:
desc += f"\n[archived]⚠ ARCHIVED: {self.ARCHIVED_REASON}[/archived]"
console.print(Panel(
desc,
title=f"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]",
border_style="purple",
box=box.DOUBLE,
))
def show_options(self, parent=None):
"""Iterative menu loop — no recursion, no stack growth."""
while True:
clear_screen()
self.show_info()
table = Table(title="Options", box=box.SIMPLE_HEAVY)
table.add_column("No.", style="bold cyan", justify="center")
table.add_column("Action", style="bold yellow")
for index, option in enumerate(self.OPTIONS):
table.add_row(str(index + 1), option[0])
if self.PROJECT_URL:
table.add_row("98", "Open Project Page")
table.add_row("99", f"Back to {parent.TITLE if parent else 'Main Menu'}")
console.print(table)
console.print(
" [dim cyan]?[/dim cyan][dim]help "
"[/dim][dim cyan]q[/dim cyan][dim]uit "
"[/dim][dim cyan]99[/dim cyan][dim] back[/dim]"
)
raw = Prompt.ask("[bold cyan]╰─>[/bold cyan]", default="").strip().lower()
if not raw:
continue
if raw in ("?", "help"):
_show_inline_help()
continue
if raw in ("q", "quit", "exit"):
raise SystemExit(0)
try:
choice = int(raw)
except ValueError:
console.print("[error]⚠ Enter a number, ? for help, or q to quit.[/error]")
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
continue
if choice == 99:
return
elif choice == 98 and self.PROJECT_URL:
self.show_project_page()
elif 1 <= choice <= len(self.OPTIONS):
try:
self.OPTIONS[choice - 1][1]()
except Exception:
console.print_exception(show_locals=True)
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
else:
console.print("[error]⚠ Invalid option.[/error]")
def before_install(self): pass
def install(self):
self.before_install()
if isinstance(self.INSTALL_COMMANDS, (list, tuple)):
for cmd in self.INSTALL_COMMANDS:
console.print(f"[warning]→ {cmd}[/warning]")
os.system(cmd)
self.after_install()
def after_install(self):
console.print("[success]✔ Successfully installed![/success]")
def before_uninstall(self) -> bool:
return True
def uninstall(self):
if self.before_uninstall():
if isinstance(self.UNINSTALL_COMMANDS, (list, tuple)):
for cmd in self.UNINSTALL_COMMANDS:
console.print(f"[error]→ {cmd}[/error]")
os.system(cmd)
self.after_uninstall()
def after_uninstall(self): pass
def update(self):
"""Smart update — detects install method and runs the right update command."""
if not self.is_installed:
console.print("[warning]Tool is not installed yet. Install it first.[/warning]")
return
updated = False
for ic in (self.INSTALL_COMMANDS or []):
if "git clone" in ic:
# Extract repo dir name from clone command
parts = ic.split()
repo_urls = [p for p in parts if p.startswith("http")]
if repo_urls:
dirname = repo_urls[0].rstrip("/").rsplit("/", 1)[-1].replace(".git", "")
if os.path.isdir(dirname):
console.print(f"[cyan]→ git -C {dirname} pull[/cyan]")
os.system(f"git -C {dirname} pull")
updated = True
elif "pip install" in ic:
# Re-run pip install (--upgrade)
upgrade_cmd = ic.replace("pip install", "pip install --upgrade")
console.print(f"[cyan]→ {upgrade_cmd}[/cyan]")
os.system(upgrade_cmd)
updated = True
elif "go install" in ic:
# Re-run go install (fetches latest)
console.print(f"[cyan]→ {ic}[/cyan]")
os.system(ic)
updated = True
elif "gem install" in ic:
upgrade_cmd = ic.replace("gem install", "gem update")
console.print(f"[cyan]→ {upgrade_cmd}[/cyan]")
os.system(upgrade_cmd)
updated = True
if updated:
console.print("[success]✔ Update complete![/success]")
else:
console.print("[dim]No automatic update method available for this tool.[/dim]")
def _get_tool_dir(self) -> str | None:
"""Find the tool's local directory — clone target, pip location, or binary path."""
# 1. Check git clone target dir
for ic in (self.INSTALL_COMMANDS or []):
if "git clone" in ic:
parts = ic.split()
# If last arg is not a URL, it's a custom dir name
repo_urls = [p for p in parts if p.startswith("http")]
if repo_urls:
dirname = repo_urls[0].rstrip("/").rsplit("/", 1)[-1].replace(".git", "")
# Check custom target dir (arg after URL)
url_idx = parts.index(repo_urls[0])
if url_idx + 1 < len(parts):
dirname = parts[url_idx + 1]
if os.path.isdir(dirname):
return os.path.abspath(dirname)
# 2. Check binary location via which
if self.RUN_COMMANDS:
cmd = self.RUN_COMMANDS[0]
if "&&" in cmd:
# "cd foo && bar" → check "foo"
cd_part = cmd.split("&&")[0].strip()
if cd_part.startswith("cd "):
d = cd_part[3:].strip()
if os.path.isdir(d):
return os.path.abspath(d)
binary = cmd.split()[0] if cmd else ""
if binary.startswith("sudo"):
binary = cmd.split()[1] if len(cmd.split()) > 1 else ""
path = shutil.which(binary) if binary else None
if path:
return os.path.dirname(os.path.realpath(path))
return None
def open_folder(self):
"""Open the tool's directory in a new shell so the user can work manually."""
tool_dir = self._get_tool_dir()
if tool_dir:
console.print(f"[success]Opening folder: {tool_dir}[/success]")
console.print("[dim]Type 'exit' to return to hackingtool.[/dim]")
os.system(f'cd "{tool_dir}" && $SHELL')
else:
console.print("[warning]Tool directory not found.[/warning]")
if self.PROJECT_URL:
console.print(f"[dim]You can clone it manually:[/dim]")
console.print(f"[cyan] git clone {self.PROJECT_URL}.git[/cyan]")
def before_run(self): pass
def run(self):
self.before_run()
if isinstance(self.RUN_COMMANDS, (list, tuple)):
for cmd in self.RUN_COMMANDS:
console.print(f"[cyan]⚙ Running:[/cyan] [bold]{cmd}[/bold]")
os.system(cmd)
self.after_run()
def after_run(self): pass
def show_project_page(self):
console.print(f"[url]🌐 Opening: {self.PROJECT_URL}[/url]")
webbrowser.open_new_tab(self.PROJECT_URL)
class HackingToolsCollection:
TITLE: str = ""
DESCRIPTION: str = ""
TOOLS: list = []
def __init__(self):
pass
def show_info(self):
console.rule(f"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]", style="purple")
if self.DESCRIPTION:
console.print(f"[italic cyan]{self.DESCRIPTION}[/italic cyan]\n")
def _active_tools(self) -> list:
"""Return tools that are not archived and are OS-compatible."""
from os_detect import CURRENT_OS
return [
t for t in self.TOOLS
if not getattr(t, "ARCHIVED", False)
and CURRENT_OS.system in getattr(t, "SUPPORTED_OS", ["linux", "macos"])
]
def _archived_tools(self) -> list:
return [t for t in self.TOOLS if getattr(t, "ARCHIVED", False)]
def _incompatible_tools(self) -> list:
from os_detect import CURRENT_OS
return [
t for t in self.TOOLS
if not getattr(t, "ARCHIVED", False)
and CURRENT_OS.system not in getattr(t, "SUPPORTED_OS", ["linux", "macos"])
]
def _show_archived_tools(self):
"""Show archived tools sub-menu (option 98)."""
archived = self._archived_tools()
if not archived:
console.print("[dim]No archived tools in this category.[/dim]")
Prompt.ask("[dim]Press Enter to return[/dim]", default="")
return
while True:
clear_screen()
console.rule(f"[archived]Archived Tools — {self.TITLE}[/archived]", style="yellow")
table = Table(box=box.MINIMAL_DOUBLE_HEAD, show_lines=True)
table.add_column("No.", justify="center", style="bold yellow")
table.add_column("Tool", style="dim yellow")
table.add_column("Reason", style="dim white")
for i, tool in enumerate(archived):
reason = getattr(tool, "ARCHIVED_REASON", "No reason given")
table.add_row(str(i + 1), tool.TITLE, reason)
table.add_row("99", "Back", "")
console.print(table)
raw = Prompt.ask("[bold yellow][?] Select[/bold yellow]", default="99")
try:
choice = int(raw)
except ValueError:
continue
if choice == 99:
return
elif 1 <= choice <= len(archived):
archived[choice - 1].show_options(parent=self)
def show_options(self, parent=None):
"""Iterative menu loop — no recursion, no stack growth."""
while True:
clear_screen()
self.show_info()
active = self._active_tools()
incompatible = self._incompatible_tools()
archived = self._archived_tools()
table = Table(title="Available Tools", box=box.SIMPLE_HEAD, show_lines=True)
table.add_column("No.", justify="center", style="bold cyan", width=6)
table.add_column("", width=2) # installed indicator
table.add_column("Tool", style="bold yellow", min_width=24)
table.add_column("Description", style="white", overflow="fold")
for index, tool in enumerate(active, start=1):
desc = getattr(tool, "DESCRIPTION", "") or "—"
desc = desc.splitlines()[0] if desc != "—" else "—"
has_status = hasattr(tool, "is_installed")
status = ("[green]✔[/green]" if tool.is_installed else "[dim]✘[/dim]") if has_status else ""
table.add_row(str(index), status, tool.TITLE, desc)
# Count not-installed tools for "Install All" label (skip sub-collections)
not_installed = [t for t in active if hasattr(t, "is_installed") and not t.is_installed]
if not_installed:
table.add_row(
"[bold green]97[/bold green]", "",
f"[bold green]Install all ({len(not_installed)} not installed)[/bold green]", "",
)
if archived:
table.add_row("[dim]98[/dim]", "", f"[archived]Archived tools ({len(archived)})[/archived]", "")
if incompatible:
console.print(f"[dim]({len(incompatible)} tools hidden — not supported on current OS)[/dim]")
table.add_row("99", "", f"Back to {parent.TITLE if parent else 'Main Menu'}", "")
console.print(table)
console.print(
" [dim cyan]?[/dim cyan][dim]help "
"[/dim][dim cyan]q[/dim cyan][dim]uit "
"[/dim][dim cyan]99[/dim cyan][dim] back[/dim]"
)
raw = Prompt.ask("[bold cyan]╰─>[/bold cyan]", default="").strip().lower()
if not raw:
continue
if raw in ("?", "help"):
_show_inline_help()
continue
if raw in ("q", "quit", "exit"):
raise SystemExit(0)
try:
choice = int(raw)
except ValueError:
console.print("[error]⚠ Enter a number, ? for help, or q to quit.[/error]")
continue
if choice == 99:
return
elif choice == 97 and not_installed:
console.print(Panel(
f"[bold]Installing {len(not_installed)} tools...[/bold]",
border_style="green", box=box.ROUNDED,
))
for i, tool in enumerate(not_installed, start=1):
console.print(f"\n[bold cyan]({i}/{len(not_installed)})[/bold cyan] {tool.TITLE}")
try:
tool.install()
except Exception:
console.print(f"[error]✘ Failed: {tool.TITLE}[/error]")
Prompt.ask("\n[dim]Press Enter to continue[/dim]", default="")
elif choice == 98 and archived:
self._show_archived_tools()
elif 1 <= choice <= len(active):
try:
active[choice - 1].show_options(parent=self)
except Exception:
console.print_exception(show_locals=True)
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
else:
console.print("[error]⚠ Invalid option.[/error]")
================================================
FILE: docker-compose.yml
================================================
# docker-compose.yml
# Use: docker compose up -d then docker exec -it hackingtool bash
#
# Profiles:
# (default) — runs the built image; code is embedded at build time
# dev — mounts source directory for live editing without rebuilding
# docker compose --profile dev up
services:
hackingtool:
build:
context: .
dockerfile: Dockerfile
image: hackingtool:latest
container_name: hackingtool
stdin_open: true
tty: true
# Persist tools installed at runtime across container restarts
volumes:
- hackingtool_data:/root/.hackingtool
restart: unless-stopped
hackingtool-dev:
build:
context: .
dockerfile: Dockerfile
image: hackingtool:latest
container_name: hackingtool-dev
stdin_open: true
tty: true
profiles:
- dev
volumes:
# Live source mount — code changes are visible without rebuilding
- .:/root/hackingtool
- hackingtool_data:/root/.hackingtool
restart: "no"
volumes:
hackingtool_data:
================================================
FILE: generate_readme.py
================================================
# coding=utf-8
import re
from rich.console import Console
from rich.theme import Theme
from core import HackingTool
from core import HackingToolsCollection
from hackingtool import all_tools
_theme = Theme({"purple": "#7B61FF"})
console = Console(theme=_theme)
def sanitize_anchor(s):
return re.sub(r"\W", "-", s.lower())
def get_toc(tools, indentation = ""):
md = ""
for tool in tools:
if isinstance(tool, HackingToolsCollection):
md += (indentation + "- [{}](#{})\n".format(
tool.TITLE, sanitize_anchor(tool.TITLE)))
md += get_toc(tool.TOOLS, indentation = indentation + ' ')
return md
def get_tools_toc(tools, indentation = "##"):
md = ""
for tool in tools:
if isinstance(tool, HackingToolsCollection):
md += (indentation + "# {}\n".format(tool.TITLE))
md += get_tools_toc(tool.TOOLS, indentation = indentation + '#')
elif isinstance(tool, HackingTool):
if tool.PROJECT_URL:
md += ("- [{}]({})\n".format(tool.TITLE, tool.PROJECT_URL))
else:
md += ("- {}\n".format(tool.TITLE))
return md
def generate_readme():
toc = get_toc(all_tools[:-1])
tools_desc = get_tools_toc(all_tools[:-1])
with open("README_template.md") as fh:
readme_template = fh.read()
readme_template = readme_template.replace("{{toc}}", toc)
readme_template = readme_template.replace("{{tools}}", tools_desc)
with open("README.md", "w") as fh:
fh.write(readme_template)
if __name__ == '__main__':
generate_readme()
================================================
FILE: hackingtool.py
================================================
#!/usr/bin/env python3
import sys
# ── Python version guard (must be before any other local import) ───────────────
if sys.version_info < (3, 10):
print(
f"[ERROR] Python 3.10 or newer is required.\n"
f"You are running Python {sys.version_info.major}.{sys.version_info.minor}.\n"
f"Upgrade with: sudo apt install python3.10"
)
sys.exit(1)
import os
import platform
import socket
import datetime
import random
import webbrowser
from itertools import zip_longest
from rich.console import Console
from rich.panel import Panel
from rich.table import Table
from rich.prompt import Prompt, Confirm
from rich.align import Align
from rich.text import Text
from rich import box
from rich.rule import Rule
from rich.columns import Columns
from core import HackingToolsCollection, clear_screen, console
from constants import VERSION_DISPLAY, REPO_WEB_URL
from config import get_tools_dir
from tools.anonsurf import AnonSurfTools
from tools.ddos import DDOSTools
from tools.exploit_frameworks import ExploitFrameworkTools
from tools.forensics import ForensicTools
from tools.information_gathering import InformationGatheringTools
from tools.other_tools import OtherTools
from tools.payload_creator import PayloadCreatorTools
from tools.phishing_attack import PhishingAttackTools
from tools.post_exploitation import PostExploitationTools
from tools.remote_administration import RemoteAdministrationTools
from tools.reverse_engineering import ReverseEngineeringTools
from tools.sql_injection import SqlInjectionTools
from tools.steganography import SteganographyTools
from tools.tool_manager import ToolManager
from tools.web_attack import WebAttackTools
from tools.wireless_attack import WirelessAttackTools
from tools.wordlist_generator import WordlistGeneratorTools
from tools.xss_attack import XSSAttackTools
from tools.active_directory import ActiveDirectoryTools
from tools.cloud_security import CloudSecurityTools
from tools.mobile_security import MobileSecurityTools
# ── Tool registry ──────────────────────────────────────────────────────────────
# (full_title, icon, menu_label)
# menu_label is the concise name shown in the 2-column main menu grid.
# full_title is shown when entering the category.
tool_definitions = [
("Anonymously Hiding Tools", "🛡 ", "Anonymously Hiding"),
("Information gathering tools", "🔍", "Information Gathering"),
("Wordlist Generator", "📚", "Wordlist Generator"),
("Wireless attack tools", "📶", "Wireless Attack"),
("SQL Injection Tools", "🧩", "SQL Injection"),
("Phishing attack tools", "🎣", "Phishing Attack"),
("Web Attack tools", "🌐", "Web Attack"),
("Post exploitation tools", "🔧", "Post Exploitation"),
("Forensic tools", "🕵 ", "Forensics"),
("Payload creation tools", "📦", "Payload Creation"),
("Exploit framework", "🧰", "Exploit Framework"),
("Reverse engineering tools", "🔁", "Reverse Engineering"),
("DDOS Attack Tools", "⚡", "DDOS Attack"),
("Remote Administrator Tools (RAT)", "🖥 ", "Remote Admin (RAT)"),
("XSS Attack Tools", "💥", "XSS Attack"),
("Steganography tools", "🖼 ", "Steganography"),
("Active Directory Tools", "🏢", "Active Directory"),
("Cloud Security Tools", "☁ ", "Cloud Security"),
("Mobile Security Tools", "📱", "Mobile Security"),
("Other tools", "✨", "Other Tools"),
("Update or Uninstall | Hackingtool", "♻ ", "Update / Uninstall"),
]
all_tools = [
AnonSurfTools(),
InformationGatheringTools(),
WordlistGeneratorTools(),
WirelessAttackTools(),
SqlInjectionTools(),
PhishingAttackTools(),
WebAttackTools(),
PostExploitationTools(),
ForensicTools(),
PayloadCreatorTools(),
ExploitFrameworkTools(),
ReverseEngineeringTools(),
DDOSTools(),
RemoteAdministrationTools(),
XSSAttackTools(),
SteganographyTools(),
ActiveDirectoryTools(),
CloudSecurityTools(),
MobileSecurityTools(),
OtherTools(),
ToolManager(),
]
# Used by generate_readme.py
class AllTools(HackingToolsCollection):
TITLE = "All tools"
TOOLS = all_tools
# ── Help overlay ───────────────────────────────────────────────────────────────
def show_help():
console.print(Panel(
Text.assemble(
(" Main menu\n", "bold white"),
(" ─────────────────────────────────────\n", "dim"),
(" 1–20 ", "bold cyan"), ("open a category\n", "white"),
(" 21 ", "bold cyan"), ("Update / Uninstall hackingtool\n", "white"),
(" / or s ", "bold cyan"), ("search tools by name or keyword\n", "white"),
(" t ", "bold cyan"), ("filter tools by tag (osint, web, c2, ...)\n", "white"),
(" r ", "bold cyan"), ("recommend tools for a task\n", "white"),
(" ? ", "bold cyan"), ("show this help\n", "white"),
(" q ", "bold cyan"), ("quit hackingtool\n\n", "white"),
(" Inside a category\n", "bold white"),
(" ─────────────────────────────────────\n", "dim"),
(" 1–N ", "bold cyan"), ("select a tool\n", "white"),
(" 99 ", "bold cyan"), ("back to main menu\n", "white"),
(" 98 ", "bold cyan"), ("open project page (if available)\n\n", "white"),
(" Inside a tool\n", "bold white"),
(" ─────────────────────────────────────\n", "dim"),
(" 1 ", "bold cyan"), ("install tool\n", "white"),
(" 2 ", "bold cyan"), ("run tool\n", "white"),
(" 99 ", "bold cyan"), ("back to category\n", "white"),
),
title="[bold magenta] ? Quick Help [/bold magenta]",
border_style="magenta",
box=box.ROUNDED,
padding=(0, 2),
))
Prompt.ask("[dim]Press Enter to return[/dim]", default="")
# ── Header: ASCII art + live system info ──────────────────────────────────────
# Full "HACKING TOOL" block-letter art — 12 lines, split layout with stats
_BANNER_ART = [
" ██╗ ██╗ █████╗ ██████╗██╗ ██╗██╗███╗ ██╗ ██████╗ ",
" ██║ ██║██╔══██╗██╔════╝██║ ██╔╝██║████╗ ██║██╔════╝ ",
" ███████║███████║██║ █████╔╝ ██║██╔██╗ ██║██║ ███╗",
" ██╔══██║██╔══██║██║ ██╔═██╗ ██║██║╚██╗██║██║ ██║",
" ██║ ██║██║ ██║╚██████╗██║ ██╗██║██║ ╚████║╚██████╔╝",
" ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚═╝╚═╝ ╚═══╝ ╚═════╝ ",
" ████████╗ ██████╗ ██████╗ ██╗",
" ╚══██╔══╝██╔═══██╗██╔═══██╗██║",
" ██║ ██║ ██║██║ ██║██║",
" ██║ ██║ ██║██║ ██║██║",
" ██║ ╚██████╔╝╚██████╔╝███████╗",
" ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝",
]
_QUOTES = [
'"The quieter you become, the more you can hear."',
'"Offense informs defense."',
'"There is no patch for human stupidity."',
'"In God we trust. All others we monitor."',
'"Hackers are the immune system of the internet."',
'"Every system is hackable — know yours before others do."',
'"Enumerate before you exploit."',
'"A scope defines your playground."',
'"The more you sweat in training, the less you bleed in battle."',
'"Security is a process, not a product."',
]
def _sys_info() -> dict:
"""Collect live system info for the header panel."""
info: dict = {}
# OS pretty name
try:
info["os"] = platform.freedesktop_os_release().get("PRETTY_NAME", "")
except Exception:
info["os"] = ""
if not info["os"]:
info["os"] = f"{platform.system()} {platform.release()}"
info["kernel"] = platform.release()
# Current user
try:
info["user"] = os.getlogin()
except Exception:
info["user"] = os.environ.get("USER", os.environ.get("LOGNAME", "root"))
info["host"] = socket.gethostname()
# Local IP — connect to a routable address without sending data
try:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.settimeout(0)
s.connect(("10.254.254.254", 1))
info["ip"] = s.getsockname()[0]
s.close()
except Exception:
info["ip"] = "127.0.0.1"
info["time"] = datetime.datetime.now().strftime("%Y-%m-%d %H:%M")
return info
def _build_header() -> Panel:
info = _sys_info()
# 12 stat lines paired with the 12 art lines
stat_lines = [
(" os › ", info["os"][:34]),
(" kernel › ", info["kernel"][:34]),
(" user › ", f"{info['user']} @ {info['host'][:20]}"),
(" ip › ", info["ip"]),
(" tools › ", f"{len(all_tools)} categories · 185+ modules"),
(" session › ", info["time"]),
("", ""),
(" python › ", f"{sys.version_info.major}.{sys.version_info.minor}.{sys.version_info.micro}"),
(" arch › ", platform.machine()),
(" status › ", "✔ READY"),
("", ""),
("", ""),
]
grid = Table.grid(padding=0)
grid.add_column("art", no_wrap=True)
grid.add_column("sep", no_wrap=True)
grid.add_column("lbl", no_wrap=True)
grid.add_column("val", no_wrap=True)
for art_line, (lbl_text, val_text) in zip(_BANNER_ART, stat_lines):
grid.add_row(
Text(art_line, style="bold bright_green"),
Text(" │ ", style="dim green"),
Text(lbl_text, style="dim green"),
Text(val_text, style="bright_green"),
)
# Quote + warning below the split row
quote = random.choice(_QUOTES)
body = Table.grid(padding=(0, 0))
body.add_column()
body.add_row(grid)
body.add_row(Text(""))
body.add_row(Text(f" {quote}", style="italic dim"))
body.add_row(Text(" ⚠ For authorized security testing only",
style="bold dim red"))
return Panel(
body,
title=f"[bold bright_magenta][ HackingTool {VERSION_DISPLAY} ][/bold bright_magenta]",
title_align="left",
subtitle=f"[dim][ {info['time']} ][/dim]",
subtitle_align="right",
border_style="bright_magenta",
box=box.HEAVY,
padding=(0, 1),
)
# ── Main menu renderer ─────────────────────────────────────────────────────────
def build_menu():
clear_screen()
console.print(_build_header())
# ── 2-column category grid ──
# Items 1-17 in two columns, item 18 (ToolManager) shown separately
categories = tool_definitions[:-1] # 17 items
update_def = tool_definitions[-1] # ToolManager
mid = (len(categories) + 1) // 2 # 9 (left), 8 (right)
left = list(enumerate(categories[:mid], start=1))
right = list(enumerate(categories[mid:], start=mid + 1))
grid = Table.grid(padding=(0, 1), expand=True)
grid.add_column("ln", justify="right", style="bold magenta", width=5)
grid.add_column("li", width=3)
grid.add_column("lt", style="magenta", ratio=1, no_wrap=True)
grid.add_column("gap", width=3)
grid.add_column("rn", justify="right", style="bold magenta", width=5)
grid.add_column("ri", width=3)
grid.add_column("rt", style="magenta", ratio=1, no_wrap=True)
for (li, (_, lic, ll)), r in zip_longest(left, right, fillvalue=None):
if r:
ri, (_, ric, rl) = r
grid.add_row(str(li), lic, ll, "", str(ri), ric, rl)
else:
grid.add_row(str(li), lic, ll, "", "", "", "")
console.print(Panel(
grid,
title="[bold magenta] Select a Category [/bold magenta]",
border_style="bright_magenta",
box=box.ROUNDED,
padding=(0, 1),
))
# ── ToolManager row ──
tm_num = len(categories) + 1
console.print(
f" [bold magenta] {tm_num}[/bold magenta] {update_def[1]} "
f"[magenta]{update_def[2]}[/magenta]"
)
# ── Claude-style dual-line prompt area ──
console.print(Rule(style="dim magenta"))
console.print(
" [dim cyan]/[/dim cyan][dim]search[/dim] "
"[dim cyan]t[/dim cyan] [dim]tags[/dim] "
"[dim cyan]r[/dim cyan] [dim]recommend[/dim] "
"[dim cyan]?[/dim cyan] [dim]help[/dim] "
"[dim cyan]q[/dim cyan] [dim]quit[/dim]"
)
# ── Search ─────────────────────────────────────────────────────────────────────
def _collect_all_tools() -> list[tuple]:
"""Walk all collections and return (tool_instance, category_name) pairs."""
from core import HackingTool, HackingToolsCollection
results = []
def _walk(items, parent_title=""):
for item in items:
if isinstance(item, HackingToolsCollection):
_walk(item.TOOLS, item.TITLE)
elif isinstance(item, HackingTool):
results.append((item, parent_title))
_walk(all_tools)
return results
def _get_all_tags() -> dict[str, list[tuple]]:
"""Build tag → [(tool, category)] index from all tools."""
import re
_rules = {
r'(osint|harvester|maigret|holehe|spiderfoot|sherlock|recon)': 'osint',
r'(subdomain|subfinder|amass|sublist|subdomainfinder)': 'recon',
r'(scanner|scan|nmap|masscan|rustscan|nikto|nuclei|trivy)': 'scanner',
r'(brute|gobuster|ffuf|dirb|dirsearch|ferox|hashcat|john|kerbrute)': 'bruteforce',
r'(web|http|proxy|zap|xss|sql|wafw00f|arjun|caido|mitmproxy)': 'web',
r'(wireless|wifi|wlan|airgeddon|bettercap|wifite|fluxion|deauth)': 'wireless',
r'(phish|social.media|evilginx|setoolkit|social.fish|social.engineer)': 'social-engineering',
r'(c2|sliver|havoc|mythic|pwncat|reverse.shell|pyshell)': 'c2',
r'(privesc|peass|linpeas|winpeas)': 'privesc',
r'(tunnel|pivot|ligolo|chisel|proxy|anon)': 'network',
r'(password|credential|hash|crack|secret|trufflehog|gitleaks)': 'credentials',
r'(forensic|memory|volatility|binwalk|autopsy|wireshark|pspy)': 'forensics',
r'(reverse.eng|ghidra|radare|jadx|androguard|apk)': 'reversing',
r'(cloud|aws|azure|gcp|kubernetes|prowler|scout|pacu)': 'cloud',
r'(mobile|android|ios|frida|mobsf|objection|droid)': 'mobile',
r'(active.directory|bloodhound|netexec|impacket|responder|certipy|kerberos|winrm|smb|ldap)': 'active-directory',
r'(ddos|dos|slowloris|goldeneye|ufonet)': 'ddos',
r'(payload|msfvenom|fatrat|venom|stitch|enigma)': 'payload',
r'(crawler|spider|katana|gospider)': 'crawler',
}
tag_index: dict[str, list[tuple]] = {}
for tool, cat in _collect_all_tools():
combined = f"{tool.TITLE} {tool.DESCRIPTION}".lower()
# Manual tags first
tool_tags = set(getattr(tool, "TAGS", []) or [])
# Auto-derive tags from title/description
for pattern, tag in _rules.items():
if re.search(pattern, combined, re.IGNORECASE):
tool_tags.add(tag)
for t in tool_tags:
tag_index.setdefault(t, []).append((tool, cat))
return tag_index
def filter_by_tag():
"""Show available tags, user picks one, show matching tools."""
tag_index = _get_all_tags()
sorted_tags = sorted(tag_index.keys())
# Show tags in a compact grid
console.print(Panel(
" ".join(f"[bold cyan]{t}[/bold cyan]([dim]{len(tag_index[t])}[/dim])" for t in sorted_tags),
title="[bold magenta] Available Tags [/bold magenta]",
border_style="magenta", box=box.ROUNDED, padding=(0, 2),
))
tag = Prompt.ask("[bold cyan]Enter tag[/bold cyan]", default="").strip().lower()
if not tag or tag not in tag_index:
if tag:
console.print(f"[dim]Tag '{tag}' not found.[/dim]")
Prompt.ask("[dim]Press Enter to return[/dim]", default="")
return
matches = tag_index[tag]
table = Table(
title=f"Tools tagged '{tag}'",
box=box.SIMPLE_HEAD, show_lines=True,
)
table.add_column("No.", justify="center", style="bold cyan", width=5)
table.add_column("", width=2)
table.add_column("Tool", style="bold yellow", min_width=20)
table.add_column("Category", style="magenta", min_width=15)
for i, (tool, cat) in enumerate(matches, start=1):
status = "[green]✔[/green]" if tool.is_installed else "[dim]✘[/dim]"
table.add_row(str(i), status, tool.TITLE, cat)
table.add_row("99", "", "Back to main menu", "")
console.print(table)
raw = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip()
if not raw or raw == "99":
return
try:
idx = int(raw)
except ValueError:
return
if 1 <= idx <= len(matches):
tool, cat = matches[idx - 1]
tool.show_options()
_RECOMMENDATIONS = {
"scan a network": ["scanner", "port-scanner"],
"find subdomains": ["recon"],
"scan for vulnerabilities": ["scanner", "web"],
"crack passwords": ["bruteforce", "credentials"],
"find leaked secrets": ["credentials"],
"phishing campaign": ["social-engineering"],
"post exploitation": ["c2", "privesc"],
"pivot through network": ["network"],
"pentest active directory": ["active-directory"],
"pentest web application": ["web", "scanner"],
"pentest cloud": ["cloud"],
"pentest mobile app": ["mobile"],
"reverse engineer binary": ["reversing"],
"capture wifi handshake": ["wireless"],
"intercept http traffic": ["web", "network"],
"forensic analysis": ["forensics"],
"ddos testing": ["ddos"],
"create payloads": ["payload"],
"find xss vulnerabilities": ["web"],
"brute force directories": ["bruteforce", "web"],
"osint / recon a target": ["osint", "recon"],
"hide my identity": ["network"],
}
def recommend_tools():
"""Show common tasks, user picks one, show matching tools."""
table = Table(
title="What do you want to do?",
box=box.SIMPLE_HEAD,
)
table.add_column("No.", justify="center", style="bold cyan", width=5)
table.add_column("Task", style="bold yellow")
tasks = list(_RECOMMENDATIONS.keys())
for i, task in enumerate(tasks, start=1):
table.add_row(str(i), task.title())
table.add_row("99", "Back to main menu")
console.print(table)
raw = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip()
if not raw or raw == "99":
return
try:
idx = int(raw)
except ValueError:
return
if 1 <= idx <= len(tasks):
task = tasks[idx - 1]
tag_names = _RECOMMENDATIONS[task]
tag_index = _get_all_tags()
# Collect unique tools across all matching tags
seen = set()
matches = []
for tag in tag_names:
for tool, cat in tag_index.get(tag, []):
if id(tool) not in seen:
seen.add(id(tool))
matches.append((tool, cat))
if not matches:
console.print("[dim]No tools found for this task.[/dim]")
Prompt.ask("[dim]Press Enter to return[/dim]", default="")
return
console.print(Panel(
f"[bold]Recommended tools for: {task.title()}[/bold]",
border_style="green", box=box.ROUNDED,
))
rtable = Table(box=box.SIMPLE_HEAD, show_lines=True)
rtable.add_column("No.", justify="center", style="bold cyan", width=5)
rtable.add_column("", width=2)
rtable.add_column("Tool", style="bold yellow", min_width=20)
rtable.add_column("Category", style="magenta")
for i, (tool, cat) in enumerate(matches, start=1):
status = "[green]✔[/green]" if tool.is_installed else "[dim]✘[/dim]"
rtable.add_row(str(i), status, tool.TITLE, cat)
rtable.add_row("99", "", "Back", "")
console.print(rtable)
raw2 = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip()
if raw2 and raw2 != "99":
try:
ridx = int(raw2)
if 1 <= ridx <= len(matches):
matches[ridx - 1][0].show_options()
except ValueError:
pass
def search_tools(query: str | None = None):
"""Search tools — accepts inline query or prompts for one."""
if query is None:
query = Prompt.ask("[bold cyan]/ Search[/bold cyan]", default="").strip().lower()
else:
query = query.lower()
if not query:
return
all_tool_list = _collect_all_tools()
# Match against title + description + tags
matches = []
for tool, category in all_tool_list:
title = (tool.TITLE or "").lower()
desc = (tool.DESCRIPTION or "").lower()
tags = " ".join(getattr(tool, "TAGS", []) or []).lower()
if query in title or query in desc or query in tags:
matches.append((tool, category))
if not matches:
console.print(f"[dim]No tools found matching '{query}'[/dim]")
Prompt.ask("[dim]Press Enter to return[/dim]", default="")
return
# Display results
table = Table(
title=f"Search results for '{query}'",
box=box.SIMPLE_HEAD, show_lines=True,
)
table.add_column("No.", justify="center", style="bold cyan", width=5)
table.add_column("Tool", style="bold yellow", min_width=20)
table.add_column("Category", style="magenta", min_width=15)
table.add_column("Description", style="white", overflow="fold")
for i, (tool, cat) in enumerate(matches, start=1):
desc = (tool.DESCRIPTION or "—").splitlines()[0]
table.add_row(str(i), tool.TITLE, cat, desc)
table.add_row("99", "Back to main menu", "", "")
console.print(table)
raw = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip().lower()
if not raw or raw == "99":
return
try:
idx = int(raw)
except ValueError:
return
if 1 <= idx <= len(matches):
tool, cat = matches[idx - 1]
console.print(Panel(
f"[bold magenta]{tool.TITLE}[/bold magenta] [dim]({cat})[/dim]",
border_style="magenta", box=box.ROUNDED,
))
tool.show_options()
# ── Main interaction loop ──────────────────────────────────────────────────────
def interact_menu():
while True:
try:
build_menu()
raw = Prompt.ask(
"[bold magenta]╰─>[/bold magenta]", default=""
).strip()
if not raw:
continue
raw_lower = raw.lower()
if raw_lower in ("?", "help"):
show_help()
continue
if raw.startswith("/"):
# Inline search: /subdomain → search immediately
query = raw[1:].strip()
search_tools(query=query if query else None)
continue
if raw_lower in ("s", "search"):
search_tools()
continue
if raw_lower in ("t", "tag", "tags", "filter"):
filter_by_tag()
continue
if raw_lower in ("r", "rec", "recommend"):
recommend_tools()
continue
if raw_lower in ("q", "quit", "exit"):
console.print(Panel(
"[bold white on magenta] Goodbye — Come Back Safely [/bold white on magenta]",
box=box.HEAVY, border_style="magenta",
))
break
try:
choice = int(raw_lower)
except ValueError:
console.print("[red]⚠ Invalid input — enter a number, /query to search, or q to quit.[/red]")
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
continue
if 1 <= choice <= len(all_tools):
title, icon, _ = tool_definitions[choice - 1]
console.print(Panel(
f"[bold magenta]{icon} {title}[/bold magenta]",
border_style="magenta", box=box.ROUNDED,
))
try:
all_tools[choice - 1].show_options()
except Exception as e:
console.print(Panel(
f"[red]Error while opening {title}[/red]\n{e}",
border_style="red",
))
Prompt.ask("[dim]Press Enter to return to main menu[/dim]", default="")
else:
console.print(f"[red]⚠ Choose 1–{len(all_tools)}, ? for help, or q to quit.[/red]")
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
except KeyboardInterrupt:
console.print("\n[bold red]Interrupted — exiting[/bold red]")
break
# ── Entry point ────────────────────────────────────────────────────────────────
def main():
try:
from os_detect import CURRENT_OS
if CURRENT_OS.system == "windows":
console.print(Panel("[bold red]Please run this tool on Linux or macOS.[/bold red]"))
if Confirm.ask("Open guidance link in your browser?", default=True):
webbrowser.open_new_tab(f"{REPO_WEB_URL}#windows")
return
if CURRENT_OS.system not in ("linux", "macos"):
console.print(f"[yellow]Unsupported OS: {CURRENT_OS.system}. Proceeding anyway...[/yellow]")
get_tools_dir() # ensures ~/.hackingtool/tools/ exists
interact_menu()
except KeyboardInterrupt:
console.print("\n[bold red]Exiting...[/bold red]")
if __name__ == "__main__":
main()
================================================
FILE: images/demo
================================================
================================================
FILE: install.py
================================================
#!/usr/bin/env python3
import os
import sys
import shutil
import subprocess
from pathlib import Path
# ── Python version check (must be before any other local import) ──────────────
if sys.version_info < (3, 10):
print(
f"[ERROR] Python 3.10 or newer is required.\n"
f"You are running Python {sys.version_info.major}.{sys.version_info.minor}.\n"
f"Install with: sudo apt install python3.10"
)
sys.exit(1)
from rich.console import Console
from rich.panel import Panel
from rich.prompt import Confirm
from rich.progress import Progress, SpinnerColumn, TextColumn
from rich.text import Text
from rich import box
from constants import (
REPO_URL, APP_INSTALL_DIR, APP_BIN_PATH,
VERSION, VERSION_DISPLAY,
USER_CONFIG_DIR, USER_TOOLS_DIR, USER_CONFIG_FILE,
DEFAULT_CONFIG,
)
from os_detect import CURRENT_OS, REQUIRED_PACKAGES, PACKAGE_UPDATE_CMDS, PACKAGE_INSTALL_CMDS
console = Console()
VENV_DIR_NAME = "venv"
REQUIREMENTS = "requirements.txt"
# ── Privilege check ────────────────────────────────────────────────────────────
def check_root():
if os.geteuid() != 0:
console.print(Panel(
"[error]This installer must be run as root.\n"
"Use: [bold]sudo python3 install.py[/bold][/error]",
border_style="red",
))
sys.exit(1)
# ── OS compatibility check ─────────────────────────────────────────────────────
def check_os_compatibility():
"""Print detected OS info and exit on unsupported systems."""
info = CURRENT_OS
console.print(
f"[dim]Detected: OS={info.system} | distro={info.distro_id or 'n/a'} | "
f"pkg_mgr={info.pkg_manager or 'none'} | arch={info.arch}[/dim]"
)
if info.system == "windows":
console.print(Panel(
"[error]Windows is not supported natively.[/error]\n"
"Use WSL2 with a Kali or Ubuntu image.",
border_style="red",
))
sys.exit(1)
if info.is_wsl:
console.print("[warning]WSL detected. Wireless tools will NOT work in WSL.[/warning]")
if info.system == "macos":
console.print(Panel(
"[warning]macOS support is partial.[/warning]\n"
"Network/wireless tools require Linux. OSINT and web tools work.",
border_style="yellow",
))
if not shutil.which("brew"):
console.print("[error]Homebrew not found. Install it first: https://brew.sh[/error]")
sys.exit(1)
if not info.pkg_manager:
console.print("[warning]No supported package manager found.[/warning]")
console.print("[dim]Supported: apt-get, pacman, dnf, zypper, apk, brew[/dim]")
# ── Internet check ─────────────────────────────────────────────────────────────
def check_internet() -> bool:
console.print("[dim]Checking internet...[/dim]")
for host in ("https://github.com", "https://www.google.com"):
r = subprocess.run(
["curl", "-sSf", "--max-time", "8", host],
capture_output=True,
)
if r.returncode == 0:
console.print("[success]✔ Internet connection OK[/success]")
return True
console.print("[error]✘ No internet connection[/error]")
return False
# ── System packages ────────────────────────────────────────────────────────────
def install_system_packages():
mgr = CURRENT_OS.pkg_manager
if not mgr:
console.print("[warning]Skipping system packages — no package manager found.[/warning]")
return
# Use sudo only when not already root (uid != 0).
# Inside Docker we run as root and sudo is not installed.
priv = "" if os.geteuid() == 0 else "sudo "
# Update index first (skip for brew — not needed)
if mgr != "brew":
update_cmd = PACKAGE_UPDATE_CMDS.get(mgr, "")
if update_cmd:
console.print(f"[dim]Updating package index ({mgr})...[/dim]")
subprocess.run(f"{priv}{update_cmd}", shell=True, check=False)
packages = REQUIRED_PACKAGES.get(mgr, [])
if not packages:
return
install_tpl = PACKAGE_INSTALL_CMDS[mgr]
cmd = install_tpl.format(packages=" ".join(packages))
console.print(f"[dim]Installing system dependencies ({mgr})...[/dim]")
result = subprocess.run(f"{priv}{cmd}", shell=True, check=False)
if result.returncode != 0:
console.print("[warning]Some packages failed — you may need to install them manually.[/warning]")
# ── App directory ──────────────────────────────────────────────────────────────
def _is_source_dir() -> bool:
"""Check if install.py is being run from a local clone (hackingtool.py exists alongside it)."""
return (Path(__file__).resolve().parent / "hackingtool.py").exists()
def prepare_install_dir():
if APP_INSTALL_DIR.exists():
console.print(f"[warning]{APP_INSTALL_DIR} already exists.[/warning]")
if not Confirm.ask("Replace it? This removes the existing installation.", default=False):
console.print("[error]Installation aborted.[/error]")
sys.exit(1)
subprocess.run(["rm", "-rf", str(APP_INSTALL_DIR)], check=True)
APP_INSTALL_DIR.mkdir(parents=True, exist_ok=True)
def install_source() -> bool:
"""Clone the repo or copy from local source if already in a clone."""
source_dir = Path(__file__).resolve().parent
if _is_source_dir() and source_dir != APP_INSTALL_DIR:
# Already in a local clone — copy instead of re-cloning
console.print(f"[dim]Copying source from {source_dir}...[/dim]")
# Remove first to ensure clean copy (prepare_install_dir may have created it)
if APP_INSTALL_DIR.exists():
subprocess.run(["rm", "-rf", str(APP_INSTALL_DIR)], check=True)
subprocess.run(["cp", "-a", str(source_dir), str(APP_INSTALL_DIR)], check=True)
# Fix ownership so git doesn't complain about "dubious ownership"
subprocess.run(["chown", "-R", "root:root", str(APP_INSTALL_DIR)], check=False)
console.print("[success]✔ Source copied (no re-clone needed)[/success]")
return True
# Not running from source — clone from GitHub
console.print(f"[dim]Cloning {REPO_URL}...[/dim]")
r = subprocess.run(["git", "clone", "--depth", "1", REPO_URL, str(APP_INSTALL_DIR)], check=False)
if r.returncode == 0:
console.print("[success]✔ Repository cloned[/success]")
return True
console.print("[error]✘ Failed to clone repository[/error]")
return False
# ── Python venv ────────────────────────────────────────────────────────────────
def create_venv_and_install():
venv_path = APP_INSTALL_DIR / VENV_DIR_NAME
console.print("[dim]Creating virtual environment...[/dim]")
subprocess.run([sys.executable, "-m", "venv", str(venv_path)], check=True)
pip = str(venv_path / "bin" / "pip")
req = APP_INSTALL_DIR / REQUIREMENTS
if req.exists():
console.print("[dim]Installing Python requirements...[/dim]")
subprocess.run([pip, "install", "--quiet", "-r", str(req)], check=False)
else:
console.print("[warning]requirements.txt not found — skipping pip install.[/warning]")
# ── Launcher script ────────────────────────────────────────────────────────────
def create_launcher():
launcher = APP_INSTALL_DIR / "hackingtool.sh"
launcher.write_text(
"#!/bin/bash\n"
f'source "{APP_INSTALL_DIR / VENV_DIR_NAME}/bin/activate"\n'
f'python3 "{APP_INSTALL_DIR / "hackingtool.py"}" "$@"\n'
)
launcher.chmod(0o755)
if APP_BIN_PATH.exists():
APP_BIN_PATH.unlink()
shutil.move(str(launcher), str(APP_BIN_PATH))
console.print(f"[success]✔ Launcher installed at {APP_BIN_PATH}[/success]")
# ── User directories ───────────────────────────────────────────────────────────
def create_user_directories():
"""
Create ~/.hackingtool/ and write initial config.json.
Uses Path.home() — always correct regardless of username or OS.
Safe to run as root (creates /root/.hackingtool/) or as a normal user.
"""
import json
USER_CONFIG_DIR.mkdir(parents=True, exist_ok=True)
USER_TOOLS_DIR.mkdir(parents=True, exist_ok=True)
if not USER_CONFIG_FILE.exists():
USER_CONFIG_FILE.write_text(json.dumps(DEFAULT_CONFIG, indent=2, sort_keys=True))
console.print(f"[success]✔ Config created at {USER_CONFIG_FILE}[/success]")
console.print(f"[success]✔ Tools directory: {USER_TOOLS_DIR}[/success]")
# ── Entry point ────────────────────────────────────────────────────────────────
def main():
check_root()
console.clear()
console.print(Panel(
Text(f"HackingTool Installer {VERSION_DISPLAY}", style="bold magenta"),
box=box.DOUBLE, border_style="bright_magenta",
))
check_os_compatibility()
if not check_internet():
sys.exit(1)
with Progress(SpinnerColumn(), TextColumn("[progress.description]{task.description}")) as p:
p.add_task("Installing system packages...", total=None)
install_system_packages()
prepare_install_dir()
if not install_source():
sys.exit(1)
with Progress(SpinnerColumn(), TextColumn("[progress.description]{task.description}")) as p:
p.add_task("Setting up virtualenv & requirements...", total=None)
create_venv_and_install()
create_launcher()
create_user_directories()
console.print(Panel(
"[bold magenta]Installation complete![/bold magenta]\n\n"
"Type [bold cyan]hackingtool[/bold cyan] in a terminal to start.",
border_style="magenta",
))
if __name__ == "__main__":
try:
main()
except KeyboardInterrupt:
console.print("\n[error]Installation interrupted.[/error]")
sys.exit(1)
except subprocess.CalledProcessError as e:
console.print(f"[error]Command failed: {e}[/error]")
sys.exit(1)
================================================
FILE: install.sh
================================================
#!/usr/bin/env bash
# ──────────────────────────────────────────────────────────────────────────────
# HackingTool — One-liner installer
#
# Usage:
# curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash
#
# What it does:
# 1. Checks prerequisites (Python 3.10+, git, pip, venv)
# 2. Clones the repository to /usr/share/hackingtool
# 3. Creates a Python venv and installs requirements
# 4. Creates a launcher at /usr/bin/hackingtool
# 5. Creates user directories at ~/.hackingtool/
# ──────────────────────────────────────────────────────────────────────────────
set -euo pipefail
REPO_URL="https://github.com/Z4nzu/hackingtool.git"
INSTALL_DIR="/usr/share/hackingtool"
BIN_PATH="/usr/bin/hackingtool"
CONFIG_DIR="${SUDO_USER:+$(eval echo ~"$SUDO_USER")}/.hackingtool"
# Fallback if not run via sudo
: "${CONFIG_DIR:=$HOME/.hackingtool}"
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
BOLD='\033[1m'
RESET='\033[0m'
info() { echo -e "${CYAN}[*]${RESET} $1"; }
ok() { echo -e "${GREEN}[✔]${RESET} $1"; }
warn() { echo -e "${YELLOW}[!]${RESET} $1"; }
fail() { echo -e "${RED}[✘]${RESET} $1"; exit 1; }
# ── Root check ────────────────────────────────────────────────────────────────
if [ "$(id -u)" -ne 0 ]; then
fail "This installer must be run as root.\n Usage: curl -sSL <url> | ${BOLD}sudo${RESET} bash"
fi
echo ""
echo -e "${BOLD}${CYAN} ⚔ HackingTool Installer${RESET}"
echo -e " ─────────────────────────────────────"
echo ""
# ── Detect package manager ────────────────────────────────────────────────────
if command -v apt-get &>/dev/null; then
PKG_MGR="apt-get"
PKG_UPDATE="apt-get update -qq"
PKG_INSTALL="apt-get install -y -qq"
elif command -v pacman &>/dev/null; then
PKG_MGR="pacman"
PKG_UPDATE="pacman -Sy --noconfirm"
PKG_INSTALL="pacman -S --noconfirm --needed"
elif command -v dnf &>/dev/null; then
PKG_MGR="dnf"
PKG_UPDATE="true"
PKG_INSTALL="dnf install -y -q"
elif command -v brew &>/dev/null; then
PKG_MGR="brew"
PKG_UPDATE="true"
PKG_INSTALL="brew install"
else
fail "No supported package manager found (need apt-get, pacman, dnf, or brew)."
fi
info "Package manager: ${BOLD}$PKG_MGR${RESET}"
# ── Install system prerequisites ──────────────────────────────────────────────
info "Installing prerequisites..."
$PKG_UPDATE 2>/dev/null || true
for pkg in git curl python3 python3-pip python3-venv; do
if [ "$PKG_MGR" = "pacman" ]; then
case "$pkg" in
python3) pkg="python" ;;
python3-pip) pkg="python-pip" ;;
python3-venv) continue ;; # included in python on Arch
esac
elif [ "$PKG_MGR" = "brew" ]; then
case "$pkg" in
python3-pip|python3-venv) continue ;; # included in python3 on macOS
esac
elif [ "$PKG_MGR" = "dnf" ]; then
case "$pkg" in
python3-venv) continue ;; # included in python3 on Fedora
esac
fi
$PKG_INSTALL "$pkg" 2>/dev/null || warn "Could not install $pkg — may already be present"
done
# ── Python version check ─────────────────────────────────────────────────────
PYTHON_VERSION=$(python3 -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")' 2>/dev/null || echo "0.0")
PYTHON_MAJOR=$(echo "$PYTHON_VERSION" | cut -d. -f1)
PYTHON_MINOR=$(echo "$PYTHON_VERSION" | cut -d. -f2)
if [ "$PYTHON_MAJOR" -lt 3 ] || { [ "$PYTHON_MAJOR" -eq 3 ] && [ "$PYTHON_MINOR" -lt 10 ]; }; then
fail "Python 3.10+ required. Found: Python $PYTHON_VERSION"
fi
ok "Python $PYTHON_VERSION"
# ── Clone repository ──────────────────────────────────────────────────────────
if [ -d "$INSTALL_DIR" ]; then
warn "$INSTALL_DIR already exists."
read -rp " Replace it? [y/N] " answer
if [[ "$answer" =~ ^[Yy] ]]; then
rm -rf "$INSTALL_DIR"
else
fail "Installation aborted."
fi
fi
info "Cloning repository..."
git clone --depth 1 "$REPO_URL" "$INSTALL_DIR" 2>/dev/null
ok "Cloned to $INSTALL_DIR"
# ── Python venv + requirements ────────────────────────────────────────────────
info "Creating virtual environment..."
python3 -m venv "$INSTALL_DIR/venv"
info "Installing Python dependencies..."
"$INSTALL_DIR/venv/bin/pip" install --quiet -r "$INSTALL_DIR/requirements.txt" 2>/dev/null
ok "Dependencies installed"
# ── Create launcher ──────────────────────────────────────────────────────────
cat > "$BIN_PATH" << 'LAUNCHER'
#!/bin/bash
source "/usr/share/hackingtool/venv/bin/activate"
python3 "/usr/share/hackingtool/hackingtool.py" "$@"
LAUNCHER
chmod 755 "$BIN_PATH"
ok "Launcher installed at $BIN_PATH"
# ── User directories ─────────────────────────────────────────────────────────
mkdir -p "$CONFIG_DIR/tools"
if [ ! -f "$CONFIG_DIR/config.json" ]; then
cat > "$CONFIG_DIR/config.json" << CONF
{
"tools_dir": "$CONFIG_DIR/tools",
"version": "2.0.0"
}
CONF
fi
# Fix ownership if run via sudo
if [ -n "${SUDO_USER:-}" ]; then
chown -R "$SUDO_USER:$SUDO_USER" "$CONFIG_DIR"
fi
ok "User config: $CONFIG_DIR"
# ── Done ──────────────────────────────────────────────────────────────────────
echo ""
echo -e "${GREEN}${BOLD} ✔ Installation complete!${RESET}"
echo -e " Type ${BOLD}${CYAN}hackingtool${RESET} to start."
echo ""
================================================
FILE: os_detect.py
================================================
import platform
import shutil
from dataclasses import dataclass, field
from pathlib import Path
@dataclass
class OSInfo:
system: str # "linux", "macos", "windows", "unknown"
distro_id: str = "" # "kali", "ubuntu", "arch", "fedora", etc.
distro_like: str = "" # "debian", "rhel", etc. (from ID_LIKE)
distro_version: str = "" # "2024.1", "22.04", etc.
pkg_manager: str = "" # "apt-get", "pacman", "dnf", "brew", etc.
is_root: bool = False
home_dir: Path = field(default_factory=Path.home)
is_wsl: bool = False # Windows Subsystem for Linux
arch: str = "" # "x86_64", "aarch64", "arm64"
def detect() -> OSInfo:
"""
Fully detect the current OS, distro, and available package manager.
Never asks the user — entirely automatic.
"""
import os
system_raw = platform.system()
system = system_raw.lower()
if system == "darwin":
system = "macos"
info = OSInfo(
system = system,
is_root = (os.geteuid() == 0) if hasattr(os, "geteuid") else False,
home_dir = Path.home(),
arch = platform.machine(),
)
# ── Linux-specific ─────────────────────────────────────────────────────────
if system == "linux":
# Detect WSL
try:
info.is_wsl = "microsoft" in Path("/proc/version").read_text().lower()
except (FileNotFoundError, PermissionError):
pass
# Read /etc/os-release (standard on all modern distros)
os_release: dict[str, str] = {}
for path in ("/etc/os-release", "/usr/lib/os-release"):
try:
for line in Path(path).read_text().splitlines():
k, _, v = line.partition("=")
os_release[k.strip()] = v.strip().strip('"')
break
except FileNotFoundError:
continue
info.distro_id = os_release.get("ID", "").lower()
info.distro_like = os_release.get("ID_LIKE", "").lower()
info.distro_version = os_release.get("VERSION_ID", "")
# ── Package manager detection (in priority order) ──────────────────────────
for mgr in ("apt-get", "pacman", "dnf", "zypper", "apk", "brew", "pkg"):
if shutil.which(mgr):
info.pkg_manager = mgr
break
return info
# Module-level singleton — computed once on import
CURRENT_OS: OSInfo = detect()
# ── Per-OS package manager commands ────────────────────────────────────────────
PACKAGE_INSTALL_CMDS: dict[str, str] = {
"apt-get": "apt-get install -y {packages}",
"pacman": "pacman -S --noconfirm {packages}",
"dnf": "dnf install -y {packages}",
"zypper": "zypper install -y {packages}",
"apk": "apk add {packages}",
"brew": "brew install {packages}",
"pkg": "pkg install -y {packages}",
}
PACKAGE_UPDATE_CMDS: dict[str, str] = {
"apt-get": "apt-get update -qq && apt-get upgrade -y",
"pacman": "pacman -Syu --noconfirm",
"dnf": "dnf upgrade -y",
"zypper": "zypper update -y",
"apk": "apk update && apk upgrade",
"brew": "brew update && brew upgrade",
"pkg": "pkg update && pkg upgrade -y",
}
# Core system packages needed per package manager
REQUIRED_PACKAGES: dict[str, list[str]] = {
"apt-get": ["git", "python3-pip", "python3-venv", "curl", "wget",
"ruby", "ruby-dev", "golang-go", "php", "default-jre-headless"],
"pacman": ["git", "python-pip", "curl", "wget",
"ruby", "go", "php", "jre-openjdk-headless"],
"dnf": ["git", "python3-pip", "curl", "wget",
"ruby", "golang", "php", "java-17-openjdk-headless"],
"zypper": ["git", "python3-pip", "curl", "wget", "ruby", "go", "php"],
"brew": ["git", "python3", "curl", "wget", "ruby", "go", "php"],
"pkg": ["git", "python3", "py39-pip", "curl", "wget", "ruby", "go", "php83"],
}
def install_packages(packages: list[str], os_info: OSInfo | None = None) -> bool:
"""Install system packages using the detected package manager."""
import subprocess
if os_info is None:
os_info = CURRENT_OS
mgr = os_info.pkg_manager
if mgr not in PACKAGE_INSTALL_CMDS:
print(f"[warning] Unknown package manager. Install manually: {packages}")
return False
cmd_template = PACKAGE_INSTALL_CMDS[mgr]
pkg_str = " ".join(packages)
cmd = cmd_template.format(packages=pkg_str)
# Prepend privilege escalation only on Linux (brew on macOS doesn't need sudo)
if os_info.system == "linux" and not os_info.is_root:
from constants import PRIV_CMD
cmd = f"{PRIV_CMD} {cmd}"
result = subprocess.run(cmd, shell=True, check=False)
return result.returncode == 0
================================================
FILE: requirements.txt
================================================
# Python dependencies for hackingtool
# boxes and lolcat are system CLI tools, not pip packages — install via apt/brew
# flask is unused — removed
# requests is unused at runtime — removed
rich>=13.0.0
================================================
FILE: tools/__init__.py
================================================
================================================
FILE: tools/active_directory.py
================================================
from core import HackingTool
from core import HackingToolsCollection
class BloodHound(HackingTool):
TITLE = "BloodHound (AD Attack Paths)"
DESCRIPTION = "Uses graph theory to reveal hidden attack paths in Active Directory/Azure environments."
INSTALL_COMMANDS = [
"pip install --user bloodhound",
"sudo apt-get install -y neo4j",
]
RUN_COMMANDS = ["bloodhound-python --help"]
PROJECT_URL = "https://github.com/BloodHoundAD/BloodHound"
SUPPORTED_OS = ["linux", "macos"]
class NetExec(HackingTool):
TITLE = "NetExec — nxc (Network Pentesting)"
DESCRIPTION = "Swiss army knife for pentesting Windows/AD networks. Successor to CrackMapExec."
INSTALL_COMMANDS = ["pip install --user netexec"]
RUN_COMMANDS = ["nxc --help"]
PROJECT_URL = "https://github.com/Pennyw0rth/NetExec"
SUPPORTED_OS = ["linux", "macos"]
class Impacket(HackingTool):
TITLE = "Impacket (Network Protocol Tools)"
DESCRIPTION = "Python classes for working with SMB, MSRPC, Kerberos, LDAP, and more."
INSTALL_COMMANDS = ["pip install --user impacket"]
RUN_COMMANDS = ["impacket-smbclient --help"]
PROJECT_URL = "https://github.com/fortra/impacket"
SUPPORTED_OS = ["linux", "macos"]
class Responder(HackingTool):
TITLE = "Responder (LLMNR/NBT-NS Poisoner)"
DESCRIPTION = "LLMNR/NBT-NS/MDNS poisoner with rogue authentication servers for credential capture."
INSTALL_COMMANDS = ["git clone https://github.com/lgandx/Responder.git"]
RUN_COMMANDS = ["cd Responder && sudo python3 Responder.py --help"]
PROJECT_URL = "https://github.com/lgandx/Responder"
SUPPORTED_OS = ["linux"]
class Certipy(HackingTool):
TITLE = "Certipy (AD Certificate Abuse)"
DESCRIPTION = "Active Directory Certificate Services enumeration and abuse tool."
INSTALL_COMMANDS = ["pip install --user certipy-ad"]
RUN_COMMANDS = ["certipy --help"]
PROJECT_URL = "https://github.com/ly4k/Certipy"
SUPPORTED_OS = ["linux", "macos"]
class Kerbrute(HackingTool):
TITLE = "Kerbrute (Kerberos Brute Force)"
DESCRIPTION = "Kerberos pre-auth brute-forcer for username enumeration and password spraying."
REQUIRES_GO = True
INSTALL_COMMANDS = [
"go install github.com/ropnop/kerbrute@latest",
]
RUN_COMMANDS = ["kerbrute --help"]
PROJECT_URL = "https://github.com/ropnop/kerbrute"
SUPPORTED_OS = ["linux", "macos"]
class ActiveDirectoryTools(HackingToolsCollection):
TITLE = "Active Directory Tools"
DESCRIPTION = "Tools for AD enumeration, attack path discovery, and credential attacks."
TOOLS = [
BloodHound(),
NetExec(),
Impacket(),
Responder(),
Certipy(),
Kerbrute(),
]
================================================
FILE: tools/anonsurf.py
================================================
import os
from core import HackingTool, HackingToolsCollection, console
class AnonymouslySurf(HackingTool):
TITLE = "Anonymously Surf"
DESCRIPTION = (
"It automatically overwrites the RAM when the system shuts down\n"
"and also changes your IP address."
)
# Bug 28 fix: was "cd kali-anonsurf && ./installer.sh && cd .. && sudo rm -r kali-anonsurf"
# Deleting the source on install means there is no retry if install fails.
# Now kept in a separate step so failure does not destroy the source.
INSTALL_COMMANDS = [
"git clone https://github.com/Und3rf10w/kali-anonsurf.git",
"cd kali-anonsurf && sudo ./installer.sh",
]
RUN_COMMANDS = ["sudo anonsurf start"]
PROJECT_URL = "https://github.com/Und3rf10w/kali-anonsurf"
SUPPORTED_OS = ["linux"]
def __init__(self):
super().__init__([("Stop", self.stop)])
def stop(self):
import subprocess
console.print("[bold magenta]Stopping Anonsurf...[/bold magenta]")
subprocess.run(["sudo", "anonsurf", "stop"])
class Multitor(HackingTool):
TITLE = "Multitor"
DESCRIPTION = "How to stay in multi places at the same time."
INSTALL_COMMANDS = [
"git clone https://github.com/trimstray/multitor.git",
"cd multitor && sudo bash setup.sh install",
]
RUN_COMMANDS = [
"multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy"
]
PROJECT_URL = "https://github.com/trimstray/multitor"
SUPPORTED_OS = ["linux"]
def __init__(self):
super().__init__(runnable=False)
class AnonSurfTools(HackingToolsCollection):
TITLE = "Anonymously Hiding Tools"
TOOLS = [
AnonymouslySurf(),
Multitor(),
]
if __name__ == "__main__":
tools = AnonSurfTools()
tools.show_options()
================================================
FILE: tools/cloud_security.py
================================================
from core import HackingTool
from core import HackingToolsCollection
class Prowler(HackingTool):
TITLE = "Prowler (Cloud Security Scanner)"
DESCRIPTION = "Open-source security tool for AWS, Azure, GCP, and Kubernetes assessments."
INSTALL_COMMANDS = ["pip install --user prowler"]
RUN_COMMANDS = ["prowler --help"]
PROJECT_URL = "https://github.com/prowler-cloud/prowler"
SUPPORTED_OS = ["linux", "macos"]
class ScoutSuite(HackingTool):
TITLE = "ScoutSuite (Multi-Cloud Auditing)"
DESCRIPTION = "Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba, and Oracle."
INSTALL_COMMANDS = ["pip install --user scoutsuite"]
RUN_COMMANDS = ["scout --help"]
PROJECT_URL = "https://github.com/nccgroup/ScoutSuite"
SUPPORTED_OS = ["linux", "macos"]
class Pacu(HackingTool):
TITLE = "Pacu (AWS Exploitation Framework)"
DESCRIPTION = "AWS exploitation framework for offensive security testing of AWS environments."
INSTALL_COMMANDS = ["pip install --user pacu"]
RUN_COMMANDS = ["pacu --help"]
PROJECT_URL = "https://github.com/RhinoSecurityLabs/pacu"
SUPPORTED_OS = ["linux", "macos"]
class Trivy(HackingTool):
TITLE = "Trivy (Container/K8s Scanner)"
DESCRIPTION = "Comprehensive vulnerability scanner for containers, Kubernetes, IaC, and code."
INSTALL_COMMANDS = [
"curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin",
]
RUN_COMMANDS = ["trivy --help"]
PROJECT_URL = "https://github.com/aquasecurity/trivy"
SUPPORTED_OS = ["linux", "macos"]
class CloudSecurityTools(HackingToolsCollection):
TITLE = "Cloud Security Tools"
DESCRIPTION = "Tools for cloud infrastructure security assessment and exploitation."
TOOLS = [
Prowler(),
ScoutSuite(),
Pacu(),
Trivy(),
]
================================================
FILE: tools/ddos.py
================================================
import subprocess
from rich.prompt import Prompt
from core import HackingTool, HackingToolsCollection, console
class DDoSTool(HackingTool):
TITLE = "DDoS"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"Best DDoS Attack Script With 36 Plus Methods. "
"DDoS attacks for SECURITY TESTING PURPOSES ONLY!"
)
INSTALL_COMMANDS = [
"git clone https://github.com/the-deepnet/ddos.git",
"cd ddos && sudo pip3 install -r requirements.txt",
]
PROJECT_URL = "https://github.com/the-deepnet/ddos"
def run(self):
from config import get_tools_dir
method = Prompt.ask("Enter Method")
url = Prompt.ask("Enter URL")
threads = Prompt.ask("Enter Threads")
proxylist = Prompt.ask("Enter ProxyList")
multiple = Prompt.ask("Enter Multiple")
timer = Prompt.ask("Enter Timer")
# Bug 4 fix: removed os.system("cd ddos;") — use cwd= instead
subprocess.run(
["sudo", "python3", "ddos.py", method, url,
"socks_type5.4.1", threads, proxylist, multiple, timer],
cwd=str(get_tools_dir() / "ddos"),
)
class SlowLoris(HackingTool):
TITLE = "SlowLoris"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"Slowloris is basically an HTTP Denial of Service attack. "
"It sends lots of HTTP requests."
)
INSTALL_COMMANDS = ["sudo pip3 install slowloris"]
def run(self):
target_site = Prompt.ask("Enter Target Site")
subprocess.run(["slowloris", target_site])
class Asyncrone(HackingTool):
TITLE = "Asyncrone | Multifunction SYN Flood DDoS Weapon"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"aSYNcrone is a C language based, multifunction SYN Flood DDoS Weapon.\n"
"Disable the destination system by sending SYN packets intensively."
)
INSTALL_COMMANDS = [
"git clone https://github.com/fatih4842/aSYNcrone.git",
"cd aSYNcrone && sudo gcc aSYNcrone.c -o aSYNcrone -lpthread",
]
PROJECT_URL = "https://github.com/fatihsnsy/aSYNcrone"
def run(self):
from config import get_tools_dir
source_port = Prompt.ask("Enter Source Port")
target_ip = Prompt.ask("Enter Target IP")
target_port = Prompt.ask("Enter Target Port")
# Bug 5 fix: 1000 was int — subprocess requires all args str
# Bug 4 fix: removed os.system("cd aSYNcrone;") — use cwd= instead
subprocess.run(
["sudo", "./aSYNcrone", str(source_port), str(target_ip), str(target_port), "1000"],
cwd=str(get_tools_dir() / "aSYNcrone"),
)
class UFONet(HackingTool):
TITLE = "UFOnet"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"UFONet is a free software, P2P and cryptographic disruptive toolkit "
"that allows performing DoS and DDoS attacks."
)
INSTALL_COMMANDS = [
"git clone https://github.com/epsylon/ufonet.git",
"cd ufonet && pip install --user .",
]
RUN_COMMANDS = ["python3 ufonet --gui"]
PROJECT_URL = "https://github.com/epsylon/ufonet"
class GoldenEye(HackingTool):
TITLE = "GoldenEye"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"GoldenEye is a python3 app for SECURITY TESTING PURPOSES ONLY!\n"
"GoldenEye is a HTTP DoS Test Tool.\n"
"Usage: ./goldeneye.py <url> [OPTIONS]"
)
INSTALL_COMMANDS = [
"git clone https://github.com/jseidl/GoldenEye.git",
"chmod -R 755 GoldenEye",
]
PROJECT_URL = "https://github.com/jseidl/GoldenEye"
def run(self):
from config import get_tools_dir
# Bug 4 fix: removed os.system("cd GoldenEye; ...") — no-op cd subshell
url = Prompt.ask("Enter target URL")
subprocess.run(["sudo", "./goldeneye.py", url],
cwd=str(get_tools_dir() / "GoldenEye"))
class Saphyra(HackingTool):
TITLE = "SaphyraDDoS"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "A Python DDoS script for SECURITY TESTING PURPOSES ONLY."
INSTALL_COMMANDS = [
# Bug 7 fix: removed "sudo su" (first step was dropping into interactive root shell)
"git clone https://github.com/anonymous24x7/Saphyra-DDoS.git",
"chmod +x Saphyra-DDoS/saphyra.py",
]
PROJECT_URL = "https://github.com/anonymous24x7/Saphyra-DDoS"
def run(self):
from config import get_tools_dir
url = Prompt.ask("Enter URL")
# Vuln 1 fix: was os.system("python saphyra.py " + url) — command injection
# Now uses subprocess list form — url is never interpolated into a shell string
subprocess.run(
["python3", "saphyra.py", url],
cwd=str(get_tools_dir() / "Saphyra-DDoS"),
)
class DDOSTools(HackingToolsCollection):
TITLE = "DDOS Attack Tools"
TOOLS = [DDoSTool(), SlowLoris(), Asyncrone(), UFONet(), GoldenEye(), Saphyra()]
if __name__ == "__main__":
tools = DDOSTools()
tools.show_options()
================================================
FILE: tools/exploit_frameworks.py
================================================
from core import HackingTool, HackingToolsCollection, console
from tools.web_attack import Web2Attack
from rich.panel import Panel
from rich.text import Text
from rich.prompt import Prompt
class RouterSploit(HackingTool):
TITLE = "RouterSploit"
DESCRIPTION = "The RouterSploit Framework is an open-source exploitation " \
"framework dedicated to embedded devices"
INSTALL_COMMANDS = [
"git clone https://github.com/threat9/routersploit.git",
"cd routersploit && sudo python3 -m pip install -r requirements.txt"
]
RUN_COMMANDS = ["cd routersploit && sudo python3 rsf.py"]
PROJECT_URL = "https://github.com/threat9/routersploit"
class WebSploit(HackingTool):
TITLE = "WebSploit"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Websploit is an advanced MITM framework."
INSTALL_COMMANDS = [
"git clone https://github.com/The404Hacking/websploit.git;cd websploit/Setup;sudo chmod +x install.sh && sudo bash install.sh"
]
RUN_COMMANDS = ["sudo websploit"]
PROJECT_URL = "https://github.com/The404Hacking/websploit "
class Commix(HackingTool):
TITLE = "Commix"
DESCRIPTION = "Automated All-in-One OS command injection and exploitation " \
"tool.\nCommix can be used from web developers, penetration " \
"testers or even security researchers\n in order to test " \
"web-based applications with the view to find bugs,\n " \
"errors or vulnerabilities related to command injection " \
"attacks.\n Usage: python commix.py [option(s)]"
INSTALL_COMMANDS = [
"git clone https://github.com/commixproject/commix.git commix",
# Bug 26 fix: was "sudo python setup.py install" (Python 2)
"cd commix && pip install --user .",
]
# Bug 26 fix: was "sudo python commix.py --wizard" (Python 2)
RUN_COMMANDS = ["cd commix && sudo python3 commix.py --wizard"]
PROJECT_URL = "https://github.com/commixproject/commix"
def __init__(self):
# Py3-4 fix: super(Commix, self) → super()
super().__init__(runnable=False)
class ExploitFrameworkTools(HackingToolsCollection):
TITLE = "Exploit framework"
TOOLS = [
RouterSploit(),
WebSploit(),
Commix(),
Web2Attack()
]
if __name__ == "__main__":
tools = ExploitFrameworkTools()
tools.show_options()
================================================
FILE: tools/forensics.py
================================================
import os
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.text import Text
from rich.prompt import Prompt
class Autopsy(HackingTool):
TITLE = "Autopsy"
DESCRIPTION = "Autopsy is a platform that is used by Cyber Investigators.\n" \
"[!] Works in any OS\n" \
"[!] Recover Deleted Files from any OS & Media \n" \
"[!] Extract Image Metadata"
RUN_COMMANDS = ["sudo autopsy"]
def __init__(self):
super().__init__(installable=False)
class Wireshark(HackingTool):
TITLE = "Wireshark"
DESCRIPTION = "Wireshark is a network capture and analyzer \n" \
"tool to see what’s happening in your network.\n " \
"And also investigate Network related incident"
RUN_COMMANDS = ["sudo wireshark"]
def __init__(self):
super().__init__(installable=False)
class BulkExtractor(HackingTool):
TITLE = "Bulk extractor"
DESCRIPTION = "Extract useful information without parsing the file system"
PROJECT_URL = "https://github.com/simsong/bulk_extractor"
SUPPORTED_OS = ["linux"]
def __init__(self):
super().__init__([
('GUI Mode (Download required)', self.gui_mode),
('CLI Mode', self.cli_mode)
], installable=False, runnable=False)
def gui_mode(self):
import subprocess
from config import get_tools_dir
console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta"))
console.print("[bold magenta]Cloning repository and attempting to run GUI...[/]")
tools_dir = get_tools_dir()
subprocess.run(["git", "clone", "https://github.com/simsong/bulk_extractor.git"],
cwd=str(tools_dir))
be_dir = tools_dir / "bulk_extractor"
subprocess.run(["./BEViewer"], cwd=str(be_dir / "java_gui"))
console.print(
"[magenta]If you get an error after clone go to /java_gui/src/ and compile the .jar file && run ./BEViewer[/]")
console.print(
"[magenta]Please visit for more details about installation: https://github.com/simsong/bulk_extractor[/]")
def cli_mode(self):
import subprocess
console.print(Panel(Text(self.TITLE + " - CLI Mode", justify="center"), style="bold magenta"))
subprocess.run(["sudo", "apt", "install", "-y", "bulk-extractor"])
console.print("[magenta]bulk_extractor [options] imagefile[/]")
subprocess.run(["bulk_extractor", "-h"])
class Guymager(HackingTool):
TITLE = "Disk Clone and ISO Image Acquire"
DESCRIPTION = "Guymager is a free forensic imager for media acquisition."
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = ["sudo apt install guymager"]
RUN_COMMANDS = ["sudo guymager"]
PROJECT_URL = "https://guymager.sourceforge.io/"
class Toolsley(HackingTool):
TITLE = "Toolsley"
DESCRIPTION = "Toolsley got more than ten useful tools for investigation.\n" \
"[+]File signature verifier\n" \
"[+]File identifier \n" \
"[+]Hash & Validate \n" \
"[+]Binary inspector \n " \
"[+]Encode text \n" \
"[+]Data URI generator \n" \
"[+]Password generator"
PROJECT_URL = "https://www.toolsley.com/"
def __init__(self):
super().__init__(installable=False, runnable=False)
class Volatility3(HackingTool):
TITLE = "Volatility 3 (Memory Forensics)"
DESCRIPTION = (
"The world's most widely used memory forensics framework.\n"
"Usage: python3 vol.py -f memory.dmp windows.pslist"
)
INSTALL_COMMANDS = [
"git clone https://github.com/volatilityfoundation/volatility3.git",
"cd volatility3 && pip install --user -r requirements.txt",
]
PROJECT_URL = "https://github.com/volatilityfoundation/volatility3"
def run(self):
from config import get_tools_dir
import subprocess
from rich.prompt import Prompt
dump = Prompt.ask("Enter path to memory dump")
plugin = Prompt.ask("Enter plugin", default="windows.pslist")
subprocess.run(
["python3", "vol.py", "-f", dump, plugin],
cwd=str(get_tools_dir() / "volatility3"),
)
class Binwalk(HackingTool):
TITLE = "Binwalk (Firmware Analysis)"
DESCRIPTION = (
"Analyze, reverse engineer, and extract firmware images.\n"
"Usage: binwalk -e firmware.bin"
)
INSTALL_COMMANDS = ["pip install --user binwalk"]
RUN_COMMANDS = ["binwalk --help"]
PROJECT_URL = "https://github.com/ReFirmLabs/binwalk"
class Pspy(HackingTool):
TITLE = "pspy (Process Monitor — No Root)"
DESCRIPTION = "Monitor Linux processes without root — detects cron jobs, scheduled tasks, other users' commands."
INSTALL_COMMANDS = [
"curl -sSL https://github.com/DominicBreuker/pspy/releases/latest/download/pspy64 -o pspy",
"chmod +x pspy",
]
RUN_COMMANDS = ["./pspy --help"]
PROJECT_URL = "https://github.com/DominicBreuker/pspy"
SUPPORTED_OS = ["linux"]
class ForensicTools(HackingToolsCollection):
TITLE = "Forensic tools"
TOOLS = [
Autopsy(),
Wireshark(),
BulkExtractor(),
Guymager(),
Toolsley(),
Volatility3(),
Binwalk(),
Pspy(),
]
if __name__ == "__main__":
tools = ForensicTools()
tools.show_options()
================================================
FILE: tools/information_gathering.py
================================================
import os
import socket
import subprocess
import webbrowser
import sys
from core import HackingTool, HackingToolsCollection, console
from core import clear_screen
from rich.panel import Panel
from rich.text import Text
from rich.prompt import Prompt
class NMAP(HackingTool):
TITLE = "Network Map (nmap)"
DESCRIPTION = "Free and open source utility for network discovery and security auditing"
INSTALL_COMMANDS = [
"git clone https://github.com/nmap/nmap.git",
"sudo chmod -R 755 nmap && cd nmap && sudo ./configure && make && sudo make install"
]
PROJECT_URL = "https://github.com/nmap/nmap"
def __init__(self):
super().__init__(runnable=False)
class Dracnmap(HackingTool):
TITLE = "Dracnmap"
DESCRIPTION = "Dracnmap is an open source program which is using to \n" \
"exploit the network and gathering information with nmap help."
INSTALL_COMMANDS = [
"git clone https://github.com/Screetsec/Dracnmap.git",
"cd Dracnmap && chmod +x dracnmap-v2.2-dracOs.sh dracnmap-v2.2.sh"
]
RUN_COMMANDS = ["cd Dracnmap;sudo ./dracnmap-v2.2.sh"]
PROJECT_URL = "https://github.com/Screetsec/Dracnmap"
class PortScan(HackingTool):
TITLE = "Port scanning"
def __init__(self):
super().__init__(installable=False)
def run(self):
clear_screen()
console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta"))
target = Prompt.ask("[bold]Select a Target IP[/bold magenta]", default="", show_default=False)
subprocess.run(["sudo", "nmap", "-O", "-Pn", target])
class Host2IP(HackingTool):
TITLE = "Host to IP "
def __init__(self):
super().__init__(installable=False)
def run(self):
clear_screen()
console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta"))
host = Prompt.ask("Enter host name (e.g. www.google.com):- ")
ips = socket.gethostbyname(host)
console.print("[bold magenta]{host} -> {ips}[/bold magenta]")
class XeroSploit(HackingTool):
TITLE = "Xerosploit"
DESCRIPTION = "Xerosploit is a penetration testing toolkit whose goal is to perform\n" \
"man-in-the-middle attacks for testing purposes"
INSTALL_COMMANDS = [
"git clone https://github.com/LionSec/xerosploit.git",
"cd xerosploit && sudo python install.py"
]
RUN_COMMANDS = ["sudo xerosploit"]
PROJECT_URL = "https://github.com/LionSec/xerosploit"
class RedHawk(HackingTool):
TITLE = "RED HAWK (All In One Scanning)"
DESCRIPTION = "All in one tool for Information Gathering and Vulnerability Scanning."
INSTALL_COMMANDS = [
"git clone https://github.com/Tuhinshubhra/RED_HAWK.git"]
RUN_COMMANDS = ["cd RED_HAWK;php rhawk.php"]
PROJECT_URL = "https://github.com/Tuhinshubhra/RED_HAWK"
class ReconSpider(HackingTool):
TITLE = "ReconSpider(For All Scanning)"
DESCRIPTION = "ReconSpider is most Advanced Open Source Intelligence (OSINT)" \
" Framework for scanning IP Address, Emails, \n" \
"Websites, Organizations and find out information from" \
" different sources.\n"
INSTALL_COMMANDS = [
"git clone https://github.com/bhavsec/reconspider.git",
"sudo apt install -y python3 python3-pip && cd reconspider && pip install --user ."
]
RUN_COMMANDS = ["cd reconspider;python3 reconspider.py"]
PROJECT_URL = "https://github.com/bhavsec/reconspider"
class IsItDown(HackingTool):
TITLE = "IsItDown (Check Website Down/Up)"
DESCRIPTION = "Check Website Is Online or Not"
def __init__(self):
super().__init__(
[('Open', self.open)], installable=False, runnable=False)
def open(self):
console.print(Panel("Opening isitdownrightnow.com", style="bold magenta"))
webbrowser.open_new_tab("https://www.isitdownrightnow.com/")
class Infoga(HackingTool):
TITLE = "Infoga - Email OSINT"
DESCRIPTION = "Infoga is a tool gathering email accounts information\n" \
"(ip, hostname, country,...) from different public source"
INSTALL_COMMANDS = [
"git clone https://github.com/m4ll0k/Infoga.git",
"cd Infoga && pip install --user ."
]
RUN_COMMANDS = ["cd Infoga;python3 infoga.py"]
PROJECT_URL = "https://github.com/m4ll0k/Infoga"
class ReconDog(HackingTool):
TITLE = "ReconDog"
DESCRIPTION = "ReconDog Information Gathering Suite"
INSTALL_COMMANDS = ["git clone https://github.com/s0md3v/ReconDog.git"]
RUN_COMMANDS = ["cd ReconDog;sudo python dog"]
PROJECT_URL = "https://github.com/s0md3v/ReconDog"
class Striker(HackingTool):
TITLE = "Striker"
DESCRIPTION = "Recon & Vulnerability Scanning Suite"
INSTALL_COMMANDS = [
"git clone https://github.com/s0md3v/Striker.git",
"cd Striker && pip3 install -r requirements.txt"
]
PROJECT_URL = "https://github.com/s0md3v/Striker"
def run(self):
from config import get_tools_dir
site = Prompt.ask("Enter Site Name (example.com)")
# Bug 3 fix: os.chdir() corrupts the process CWD permanently — use cwd= instead
subprocess.run(
["sudo", "python3", "striker.py", site],
cwd=str(get_tools_dir() / "Striker"),
)
class SecretFinder(HackingTool):
TITLE = "SecretFinder (like API & etc)"
DESCRIPTION = "SecretFinder - A python script for find sensitive data \n" \
"like apikeys, accesstoken, authorizations, jwt,..etc \n " \
"and search anything on javascript files.\n\n " \
"Usage: python SecretFinder.py -h"
INSTALL_COMMANDS = [
"git clone https://github.com/m4ll0k/SecretFinder.git secretfinder",
"cd secretfinder; sudo pip3 install -r requirements.txt"
]
PROJECT_URL = "https://github.com/m4ll0k/SecretFinder"
def __init__(self):
super().__init__(runnable=False)
class Shodan(HackingTool):
TITLE = "Find Info Using Shodan"
DESCRIPTION = "Get ports, vulnerabilities, information, banners,..etc \n " \
"for any IP with Shodan (no apikey! no rate limit!)\n" \
"[X] Don't use this tool because your ip will be blocked by Shodan!"
INSTALL_COMMANDS = ["git clone https://github.com/m4ll0k/Shodanfy.py.git"]
PROJECT_URL = "https://github.com/m4ll0k/Shodanfy.py"
def __init__(self):
super().__init__(runnable=False)
class PortScannerRanger(HackingTool):
TITLE = "Port Scanner - rang3r"
DESCRIPTION = "rang3r is a python script which scans in multi thread\n " \
"all alive hosts within your range that you specify."
INSTALL_COMMANDS = [
"git clone https://github.com/floriankunushevci/rang3r.git;"
"pip install --user termcolor"]
PROJECT_URL = "https://github.com/floriankunushevci/rang3r"
def run(self):
from config import get_tools_dir
ip = Prompt.ask("Enter IP")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["sudo", "python3", "rang3r.py", "--ip", ip],
cwd=str(get_tools_dir() / "rang3r"),
)
class Breacher(HackingTool):
TITLE = "Breacher"
DESCRIPTION = "An advanced multithreaded admin panel finder written in python."
INSTALL_COMMANDS = ["git clone https://github.com/s0md3v/Breacher.git"]
PROJECT_URL = "https://github.com/s0md3v/Breacher"
def run(self):
from config import get_tools_dir
domain = Prompt.ask("Enter domain (example.com)")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["python3", "breacher.py", "-u", domain],
cwd=str(get_tools_dir() / "Breacher"),
)
class TheHarvester(HackingTool):
TITLE = "theHarvester (OSINT)"
DESCRIPTION = (
"Gather emails, names, subdomains, IPs and URLs from public sources.\n"
"Usage: theHarvester -d example.com -b all"
)
INSTALL_COMMANDS = [
"git clone https://github.com/laramies/theHarvester.git",
"cd theHarvester && pip install --user -r requirements/base.txt",
]
RUN_COMMANDS = ["cd theHarvester && python3 theHarvester.py -h"]
PROJECT_URL = "https://github.com/laramies/theHarvester"
class Amass(HackingTool):
TITLE = "Amass (Attack Surface Mapping)"
DESCRIPTION = (
"In-depth subdomain enumeration and attack surface mapping.\n"
"Usage: amass enum -d example.com"
)
SUPPORTED_OS = ["linux"]
REQUIRES_GO = True
INSTALL_COMMANDS = [
"go install -v github.com/owasp-amass/amass/v4/...@master",
]
RUN_COMMANDS = ["amass -h"]
PROJECT_URL = "https://github.com/owasp-amass/amass"
class Masscan(HackingTool):
TITLE = "Masscan (Fast Port Scanner)"
DESCRIPTION = (
"Fastest internet port scanner — 10 million packets/sec.\n"
"Usage: masscan -p1-65535 <IP> --rate=1000"
)
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = ["sudo apt-get install -y masscan"]
RUN_COMMANDS = ["masscan --help"]
PROJECT_URL = "https://github.com/robertdavidgraham/masscan"
class RustScan(HackingTool):
TITLE = "RustScan (Modern Port Scanner)"
DESCRIPTION = (
"Scans all 65k ports in 3 seconds, passes results to nmap automatically.\n"
"Usage: rustscan -a <IP> -- -sV"
)
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = [
"curl -sLO https://github.com/RustScan/RustScan/releases/latest/download/rustscan_2.3.0_amd64.deb",
"sudo dpkg -i rustscan_2.3.0_amd64.deb",
]
RUN_COMMANDS = ["rustscan --help"]
PROJECT_URL = "https://github.com/RustScan/RustScan"
class Holehe(HackingTool):
TITLE = "Holehe (Email → Social Accounts)"
DESCRIPTION = (
"Check if an email address is registered on 120+ websites.\n"
"Usage: holehe user@example.com"
)
INSTALL_COMMANDS = ["pip install --user holehe"]
RUN_COMMANDS = ["holehe --help"]
PROJECT_URL = "https://github.com/megadose/holehe"
class Maigret(HackingTool):
TITLE = "Maigret (Username OSINT)"
DESCRIPTION = (
"Collect a dossier on a person by username across 3000+ sites.\n"
"Usage: maigret <username>"
)
INSTALL_COMMANDS = ["pip install --user maigret"]
RUN_COMMANDS = ["maigret --help"]
PROJECT_URL = "https://github.com/soxoj/maigret"
class Httpx(HackingTool):
TITLE = "httpx (HTTP Toolkit)"
DESCRIPTION = (
"Fast multi-purpose HTTP probing tool.\n"
"Usage: httpx -l urls.txt -status-code -title -tech-detect"
)
REQUIRES_GO = True
INSTALL_COMMANDS = [
"go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest",
]
RUN_COMMANDS = ["httpx -h"]
PROJECT_URL = "https://github.com/projectdiscovery/httpx"
class SpiderFoot(HackingTool):
TITLE = "SpiderFoot (OSINT Automation)"
DESCRIPTION = "Automates OSINT collection for threat intelligence and attack surface mapping."
INSTALL_COMMANDS = ["pip install --user spiderfoot"]
RUN_COMMANDS = ["spiderfoot -h"]
PROJECT_URL = "https://github.com/smicallef/spiderfoot"
class Subfinder(HackingTool):
TITLE = "Subfinder (Subdomain Enumeration)"
DESCRIPTION = "Fast passive subdomain enumeration using multiple sources."
REQUIRES_GO = True
INSTALL_COMMANDS = [
"go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest",
]
RUN_COMMANDS = ["subfinder -h"]
PROJECT_URL = "https://github.com/projectdiscovery/subfinder"
class TruffleHog(HackingTool):
TITLE = "TruffleHog (Secret Scanner)"
DESCRIPTION = "Find, verify, and analyze leaked credentials across git repos, S3 buckets, filesystems."
INSTALL_COMMANDS = ["pip install --user trufflehog"]
RUN_COMMANDS = ["trufflehog --help"]
PROJECT_URL = "https://github.com/trufflesecurity/trufflehog"
class Gitleaks(HackingTool):
TITLE = "Gitleaks (Git Secret Scanner)"
DESCRIPTION = "Fast secret scanner for git repos — detects hardcoded passwords, API keys, tokens."
REQUIRES_GO = True
INSTALL_COMMANDS = [
"go install github.com/gitleaks/gitleaks/v8@latest",
]
RUN_COMMANDS = ["gitleaks --help"]
PROJECT_URL = "https://github.com/gitleaks/gitleaks"
class InformationGatheringTools(HackingToolsCollection):
TITLE = "Information gathering tools"
TOOLS = [
NMAP(),
Dracnmap(),
PortScan(),
Host2IP(),
XeroSploit(),
RedHawk(),
ReconSpider(),
IsItDown(),
Infoga(),
ReconDog(),
Striker(),
SecretFinder(),
Shodan(),
PortScannerRanger(),
Breacher(),
TheHarvester(),
Amass(),
Masscan(),
RustScan(),
Holehe(),
Maigret(),
Httpx(),
SpiderFoot(),
Subfinder(),
TruffleHog(),
Gitleaks(),
]
if __name__ == "__main__":
tools = InformationGatheringTools()
tools.show_options()
================================================
FILE: tools/mobile_security.py
================================================
from core import HackingTool
from core import HackingToolsCollection
class MobSF(HackingTool):
TITLE = "MobSF (Mobile Security Framework)"
DESCRIPTION = "All-in-one mobile app pentesting, malware analysis, and security assessment."
INSTALL_COMMANDS = [
"git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git",
"cd Mobile-Security-Framework-MobSF && ./setup.sh",
]
RUN_COMMANDS = ["cd Mobile-Security-Framework-MobSF && ./run.sh"]
PROJECT_URL = "https://github.com/MobSF/Mobile-Security-Framework-MobSF"
SUPPORTED_OS = ["linux", "macos"]
class Frida(HackingTool):
TITLE = "Frida (Dynamic Instrumentation)"
DESCRIPTION = "Dynamic instrumentation toolkit for runtime hooking on Android, iOS, Windows, macOS, Linux."
INSTALL_COMMANDS = ["pip install --user frida-tools"]
RUN_COMMANDS = ["frida --help"]
PROJECT_URL = "https://github.com/frida/frida"
SUPPORTED_OS = ["linux", "macos"]
class Objection(HackingTool):
TITLE = "Objection (Mobile Runtime Exploration)"
DESCRIPTION = "Runtime mobile exploration toolkit powered by Frida — no jailbreak/root required."
INSTALL_COMMANDS = ["pip install --user objection"]
RUN_COMMANDS = ["objection --help"]
PROJECT_URL = "https://github.com/sensepost/objection"
SUPPORTED_OS = ["linux", "macos"]
class MobileSecurityTools(HackingToolsCollection):
TITLE = "Mobile Security Tools"
DESCRIPTION = "Tools for Android/iOS application security testing and analysis."
TOOLS = [
MobSF(),
Frida(),
Objection(),
]
================================================
FILE: tools/other_tools.py
================================================
import os
import subprocess
from core import HackingTool, HackingToolsCollection, console
from tools.others.android_attack import AndroidAttackTools
from tools.others.email_verifier import EmailVerifyTools
from tools.others.hash_crack import HashCrackingTools
from tools.others.homograph_attacks import IDNHomographAttackTools
from tools.others.mix_tools import MixTools
from tools.others.payload_injection import PayloadInjectorTools
from tools.others.socialmedia import SocialMediaBruteforceTools
from tools.others.socialmedia_finder import SocialMediaFinderTools
from tools.others.web_crawling import WebCrawlingTools
from tools.others.wifi_jamming import WifiJammingTools
from rich.panel import Panel
from rich.prompt import Prompt
class HatCloud(HackingTool):
TITLE = "HatCloud(Bypass CloudFlare for IP)"
DESCRIPTION = "HatCloud build in Ruby. It makes bypass in CloudFlare for " \
"discover real IP."
INSTALL_COMMANDS = ["git clone https://github.com/HatBashBR/HatCloud.git"]
PROJECT_URL = "https://github.com/HatBashBR/HatCloud"
def run(self):
from config import get_tools_dir
from rich.prompt import Prompt
site = Prompt.ask("Enter Site")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["sudo", "ruby", "hatcloud.rb", "-b", site],
cwd=str(get_tools_dir() / "HatCloud"),
)
class OtherTools(HackingToolsCollection):
TITLE = "Other tools"
TOOLS = [
SocialMediaBruteforceTools(),
AndroidAttackTools(),
HatCloud(),
IDNHomographAttackTools(),
EmailVerifyTools(),
HashCrackingTools(),
WifiJammingTools(),
SocialMediaFinderTools(),
PayloadInjectorTools(),
WebCrawlingTools(),
MixTools()
]
if __name__ == "__main__":
tools = OtherTools()
tools.show_options()
================================================
FILE: tools/others/__init__.py
================================================
================================================
FILE: tools/others/android_attack.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class Keydroid(HackingTool):
TITLE = "Keydroid"
DESCRIPTION = "Android Keylogger + Reverse Shell\n" \
"[!] You have to install Some Manually Refer Below Link:\n " \
"[+] https://github.com/F4dl0/keydroid"
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = ["git clone https://github.com/F4dl0/keydroid.git"]
RUN_COMMANDS = ["cd keydroid && bash keydroid.sh"]
PROJECT_URL = "https://github.com/F4dl0/keydroid"
class MySMS(HackingTool):
TITLE = "MySMS"
DESCRIPTION = "Script that generates an Android App to hack SMS through WAN \n" \
"[!] You have to install Some Manually Refer Below Link:\n\t " \
"[+] https://github.com/papusingh2sms/mysms"
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = [
"git clone https://github.com/papusingh2sms/mysms.git"]
RUN_COMMANDS = ["cd mysms && bash mysms.sh"]
PROJECT_URL = "https://github.com/papusingh2sms/mysms"
class LockPhish(HackingTool):
TITLE = "Lockphish (Grab target LOCK PIN)"
DESCRIPTION = "Lockphish it's the first tool for phishing attacks on the " \
"lock screen, designed to\n Grab Windows credentials,Android" \
" PIN and iPhone Passcode using a https link."
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = [
"git clone https://github.com/JasonJerry/lockphish.git"]
RUN_COMMANDS = ["cd lockphish && bash lockphish.sh"]
PROJECT_URL = "https://github.com/JasonJerry/lockphish"
class Droidcam(HackingTool):
TITLE = "DroidCam (Capture Image)"
DESCRIPTION = "Powerful Tool For Grab Front Camera Snap Using A Link"
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = [
# Bug 16 fix: missing comma caused two strings to be implicitly concatenated into one
"git clone https://github.com/kinghacker0/WishFish.git",
"sudo apt install -y php wget openssh-client",
]
RUN_COMMANDS = ["cd WishFish && sudo bash wishfish.sh"]
PROJECT_URL = "https://github.com/kinghacker0/WishFish"
class EvilApp(HackingTool):
TITLE = "EvilApp (Hijack Session)"
DESCRIPTION = "EvilApp is a script to generate Android App that can " \
"hijack authenticated sessions in cookies."
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = [
"git clone https://github.com/crypticterminal/EvilApp.git"]
RUN_COMMANDS = ["cd EvilApp && bash evilapp.sh"]
PROJECT_URL = "https://github.com/crypticterminal/EvilApp"
class AndroidAttackTools(HackingToolsCollection):
TITLE = "Android Hacking tools"
TOOLS = [
Keydroid(),
MySMS(),
LockPhish(),
Droidcam(),
EvilApp()
]
if __name__ == "__main__":
tools = AndroidAttackTools()
tools.show_options()
================================================
FILE: tools/others/email_verifier.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
class KnockMail(HackingTool):
TITLE = "Knockmail"
DESCRIPTION = "KnockMail Tool Verify If Email Exists"
INSTALL_COMMANDS = [
"git clone https://github.com/heywoodlh/KnockMail.git",
"cd KnockMail;sudo pip3 install -r requirements.txt"
]
RUN_COMMANDS = ["cd KnockMail;python3 knockmail.py"]
PROJECT_URL = "https://github.com/heywoodlh/KnockMail"
class EmailVerifyTools(HackingToolsCollection):
TITLE = "Email Verify tools"
TOOLS = [KnockMail()]
if __name__ == "__main__":
tools = EmailVerifyTools()
tools.show_options()
================================================
FILE: tools/others/hash_crack.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class HashBuster(HackingTool):
TITLE = "Hash Buster"
DESCRIPTION = "Features: \n " \
"Automatic hash type identification \n " \
"Supports MD5, SHA1, SHA256, SHA384, SHA512"
INSTALL_COMMANDS = [
"git clone https://github.com/s0md3v/Hash-Buster.git",
"cd Hash-Buster;make install"
]
RUN_COMMANDS = ["buster -h"]
PROJECT_URL = "https://github.com/s0md3v/Hash-Buster"
class HashCrackingTools(HackingToolsCollection):
TITLE = "Hash cracking tools"
TOOLS = [HashBuster()]
if __name__ == "__main__":
tools = HashCrackingTools()
tools.show_options()
================================================
FILE: tools/others/homograph_attacks.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class EvilURL(HackingTool):
TITLE = "EvilURL"
DESCRIPTION = "Generate unicode evil domains for IDN Homograph Attack " \
"and detect them."
INSTALL_COMMANDS = ["git clone https://github.com/UndeadSec/EvilURL.git"]
RUN_COMMANDS = ["cd EvilURL;python3 evilurl.py"]
PROJECT_URL = "https://github.com/UndeadSec/EvilURL"
class IDNHomographAttackTools(HackingToolsCollection):
TITLE = "IDN Homograph Attack"
TOOLS = [EvilURL()]
if __name__ == "__main__":
tools = IDNHomographAttackTools()
tools.show_options()
================================================
FILE: tools/others/mix_tools.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class TerminalMultiplexer(HackingTool):
TITLE = "Terminal Multiplexer"
DESCRIPTION = (
"Terminal Multiplexer (tilix) is a tiling terminal emulator that "
"allows opening several terminal sessions inside one window."
)
# Bug 19 fix: tilix is a Debian/Ubuntu package only — mark Linux-only
INSTALL_COMMANDS = ["sudo apt-get install -y tilix"]
SUPPORTED_OS = ["linux"]
def __init__(self):
# Py3-4 fix: super(TerminalMultiplexer, self) → super()
super().__init__(runnable=False)
class Crivo(HackingTool):
TITLE = "Crivo"
DESCRIPTION = (
"A tool for extracting and filtering URLs, IPs, domains, and subdomains\n"
"from web pages or text, with built-in web scraping capabilities.\n"
"See: python3 crivo_cli.py -h"
)
INSTALL_COMMANDS = [
"git clone https://github.com/GMDSantana/crivo.git",
# Bug 18 verify: this is correct — cd and pip in same string works
"cd crivo && pip install --user -r requirements.txt",
]
PROJECT_URL = "https://github.com/GMDSantana/crivo"
def __init__(self):
# Py3-4 fix: super(Crivo, self) → super()
super().__init__(runnable=False)
class MixTools(HackingToolsCollection):
TITLE = "Mix tools"
TOOLS = [
TerminalMultiplexer(),
Crivo()
]
if __name__ == "__main__":
tools = MixTools()
tools.show_options()
================================================
FILE: tools/others/payload_injection.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class DebInject(HackingTool):
TITLE = "Debinject"
DESCRIPTION = "Debinject is a tool that inject malicious code into *.debs"
INSTALL_COMMANDS = [
"git clone https://github.com/UndeadSec/Debinject.git"]
RUN_COMMANDS = ["cd Debinject;python debinject.py"]
PROJECT_URL = "https://github.com/UndeadSec/Debinject"
class Pixload(HackingTool):
TITLE = "Pixload"
DESCRIPTION = "Pixload -- Image Payload Creating tools \n " \
"Pixload is Set of tools for creating/injecting payload into images."
INSTALL_COMMANDS = [
"sudo apt install libgd-perl libimage-exiftool-perl libstring-crc32-perl",
"git clone https://github.com/chinarulezzz/pixload.git"
]
PROJECT_URL = "https://github.com/chinarulezzz/pixload"
def __init__(self):
super().__init__(runnable = False)
class PayloadInjectorTools(HackingToolsCollection):
TITLE = "Payload Injector"
TOOLS = [
DebInject(),
Pixload()
]
if __name__ == "__main__":
tools = PayloadInjectorTools()
tools.show_options()
================================================
FILE: tools/others/socialmedia.py
================================================
import contextlib
import os
import subprocess
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class InstaBrute(HackingTool):
TITLE = "Instagram Attack"
DESCRIPTION = "Brute force attack against Instagram"
PROJECT_URL = "https://github.com/chinoogawa/instaBrute"
# Py3-7: Python 2 only (pip2.7); also violates Instagram ToS
ARCHIVED = True
ARCHIVED_REASON = "Python 2 only — EOL January 2020. Repo unmaintained since 2017."
INSTALL_COMMANDS = []
RUN_COMMANDS = []
def __init__(self):
super().__init__(installable=False, runnable=False)
class BruteForce(HackingTool):
TITLE = "AllinOne SocialMedia Attack"
DESCRIPTION = "Brute_Force_Attack Gmail Hotmail Twitter Facebook Netflix \n" \
"[!] python3 Brute_Force.py -g <Account@gmail.com> -l <File_list>"
INSTALL_COMMANDS = [
"git clone https://github.com/Matrix07ksa/Brute_Force.git",
"cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize"
]
RUN_COMMANDS = ["cd Brute_Force;python3 Brute_Force.py -h"]
PROJECT_URL = "https://github.com/Matrix07ksa/Brute_Force"
class Faceshell(HackingTool):
TITLE = "Facebook Attack"
DESCRIPTION = "Facebook BruteForcer"
INSTALL_COMMANDS = [
"git clone https://github.com/Matrix07ksa/Brute_Force.git",
"cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize"
]
PROJECT_URL = "https://github.com/Matrix07ksa/Brute_Force"
def run(self):
from config import get_tools_dir
name = Prompt.ask("Enter Username")
wordlist = Prompt.ask("Enter Wordlist path")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["python3", "Brute_Force.py", "-f", name, "-l", wordlist],
cwd=str(get_tools_dir() / "Brute_Force"),
)
class AppCheck(HackingTool):
TITLE = "Application Checker"
DESCRIPTION = "Tool to check if an app is installed on the target device through a link."
INSTALL_COMMANDS = [
"git clone https://github.com/jakuta-tech/underhanded.git",
"cd underhanded && sudo chmod +x underhanded.sh"
]
RUN_COMMANDS = ["cd underhanded;sudo bash underhanded.sh"]
PROJECT_URL = "https://github.com/jakuta-tech/underhanded"
class SocialMediaBruteforceTools(HackingToolsCollection):
TITLE = "SocialMedia Bruteforce"
TOOLS = [
InstaBrute(),
BruteForce(),
Faceshell(),
AppCheck()
]
if __name__ == "__main__":
tools = SocialMediaBruteforceTools()
tools.show_options()
================================================
FILE: tools/others/socialmedia_finder.py
================================================
import os
import subprocess
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class FacialFind(HackingTool):
TITLE = "Find SocialMedia By Facial Recognation System"
DESCRIPTION = "A Social Media Mapping Tool that correlates profiles\n " \
"via facial recognition across different sites."
INSTALL_COMMANDS = [
"sudo apt install -y software-properties-common",
"sudo add-apt-repository ppa:mozillateam/firefox-next && sudo apt update && sudo apt upgrade",
"git clone https://github.com/Greenwolf/social_mapper.git",
"sudo apt install -y build-essential cmake libgtk-3-dev libboost-all-dev",
"cd social_mapper/setup",
"sudo python3 -m pip install --no-cache-dir -r requirements.txt",
'echo "[!]Now You have To do some Manually\n'
'[!] Install the Geckodriver for your operating system\n'
'[!] Copy & Paste Link And Download File As System Configuration\n'
'[#] https://github.com/mozilla/geckodriver/releases\n'
'[!!] On Linux you can place it in /usr/bin "| boxes | lolcat'
]
PROJECT_URL = "https://github.com/Greenwolf/social_mapper"
def run(self):
from config import get_tools_dir
import subprocess
setup_dir = get_tools_dir() / "social_mapper" / "setup"
subprocess.run(["python3", "social_mapper.py", "-h"], cwd=str(setup_dir))
console.print(
"[bold magenta]Set username and password in social_mapper.py before running.[/]\n"
"[magenta]Usage: python social_mapper.py -f <folder> -i <path> -m fast <AcName> -fb -tw[/]"
)
class FindUser(HackingTool):
TITLE = "Find SocialMedia By UserName"
DESCRIPTION = "Find usernames across over 75 social networks"
INSTALL_COMMANDS = [
"git clone https://github.com/xHak9x/finduser.git",
"cd finduser && sudo chmod +x finduser.sh"
]
RUN_COMMANDS = ["cd finduser && sudo bash finduser.sh"]
PROJECT_URL = "https://github.com/xHak9x/finduser"
class Sherlock(HackingTool):
TITLE = "Sherlock"
DESCRIPTION = "Hunt down social media accounts by username across social networks \n " \
"For More Usage \n" \
"\t >>python3 sherlock --help"
INSTALL_COMMANDS = [
"git clone https://github.com/sherlock-project/sherlock.git",
"cd sherlock;sudo python3 -m pip install -r requirements.txt"
]
PROJECT_URL = "https://github.com/sherlock-project/sherlock"
def run(self):
from config import get_tools_dir
from rich.prompt import Prompt
name = Prompt.ask("Enter Username")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["python3", "sherlock", name],
cwd=str(get_tools_dir() / "sherlock"),
)
class SocialScan(HackingTool):
TITLE = "SocialScan | Username or Email"
DESCRIPTION = "Check email address and username availability on online " \
"platforms with 100% accuracy"
INSTALL_COMMANDS = ["pip install --user socialscan"]
PROJECT_URL = "https://github.com/iojw/socialscan"
def run(self):
name = input(
"Enter Username or Emailid (if both then please space between email & username) >> ")
subprocess.run(["sudo", "socialscan", f"{name}"])
class SocialMediaFinderTools(HackingToolsCollection):
TITLE = "SocialMedia Finder"
TOOLS = [
FacialFind(),
FindUser(),
Sherlock(),
SocialScan()
]
if __name__ == "__main__":
tools = SocialMediaFinderTools()
tools.show_options()
================================================
FILE: tools/others/web_crawling.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class GoSpider(HackingTool):
TITLE = "Gospider"
DESCRIPTION = "Gospider - Fast web spider written in Go"
INSTALL_COMMANDS = ["sudo go get -u github.com/jaeles-project/gospider"]
PROJECT_URL = "https://github.com/jaeles-project/gospider"
def __init__(self):
super().__init__(runnable = False)
class WebCrawlingTools(HackingToolsCollection):
TITLE = "Web crawling"
TOOLS = [GoSpider()]
if __name__ == "__main__":
tools = WebCrawlingTools()
tools.show_options()
================================================
FILE: tools/others/wifi_jamming.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
from rich import box
class WifiJammerNG(HackingTool):
TITLE = "WifiJammer-NG"
DESCRIPTION = "Continuously jam all wifi clients and access points within range."
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
INSTALL_COMMANDS = [
"git clone https://github.com/MisterBianco/wifijammer-ng.git",
"cd wifijammer-ng;pip install --user -r requirements.txt"
]
RUN_COMMANDS = [
"cd wifijammer-ng && sudo python3 wifijammer.py --help",
]
PROJECT_URL = "https://github.com/MisterBianco/wifijammer-ng"
class KawaiiDeauther(HackingTool):
TITLE = "KawaiiDeauther"
DESCRIPTION = "Kawaii Deauther is a pentest toolkit whose goal is to perform \n " \
"jam on WiFi clients/routers and spam many fake AP for testing purposes."
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
INSTALL_COMMANDS = [
"git clone https://github.com/aryanrtm/KawaiiDeauther.git",
"cd KawaiiDeauther;sudo bash install.sh"
]
RUN_COMMANDS = ["cd KawaiiDeauther;sudo bash KawaiiDeauther.sh"]
PROJECT_URL = "https://github.com/aryanrtm/KawaiiDeauther"
class WifiJammingTools(HackingToolsCollection):
TITLE = "Wifi Deauthenticate"
TOOLS = [
WifiJammerNG(),
KawaiiDeauther()
]
if __name__ == "__main__":
tools = WifiJammingTools()
tools.show_options()
================================================
FILE: tools/payload_creator.py
================================================
import os
import subprocess
from core import HackingTool, HackingToolsCollection, console
class TheFatRat(HackingTool):
TITLE = "The FatRat"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"TheFatRat provides an easy way to create backdoors and payloads "
"which can bypass most anti-virus."
)
INSTALL_COMMANDS = [
"git clone https://github.com/Screetsec/TheFatRat.git",
"cd TheFatRat && chmod +x setup.sh",
]
RUN_COMMANDS = ["cd TheFatRat && sudo bash setup.sh"]
PROJECT_URL = "https://github.com/Screetsec/TheFatRat"
def __init__(self):
super().__init__([
("Update", self.update),
("Troubleshoot", self.troubleshoot),
])
def update(self):
from config import get_tools_dir
cwd = str(get_tools_dir() / "TheFatRat")
subprocess.run(["bash", "update"], cwd=cwd)
subprocess.run(["chmod", "+x", "setup.sh"], cwd=cwd)
subprocess.run(["bash", "setup.sh"], cwd=cwd)
def troubleshoot(self):
from config import get_tools_dir
cwd = str(get_tools_dir() / "TheFatRat")
subprocess.run(["chmod", "+x", "chk_tools"], cwd=cwd)
subprocess.run(["./chk_tools"], cwd=cwd)
class Brutal(HackingTool):
TITLE = "Brutal"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"Brutal is a toolkit to quickly create various payloads, powershell attacks, "
"virus attacks and launch listener for a Human Interface Device."
)
INSTALL_COMMANDS = [
"git clone https://github.com/Screetsec/Brutal.git",
"cd Brutal && chmod +x Brutal.sh",
]
RUN_COMMANDS = ["cd Brutal && sudo bash Brutal.sh"]
PROJECT_URL = "https://github.com/Screetsec/Brutal"
def show_info(self):
super().show_info()
console.print(
"[bold cyan]Requirements:[/bold cyan]\n"
" - Arduino Software (v1.6.7+)\n"
" - TeensyDuino\n"
" - Linux udev rules\n"
" See: https://github.com/Screetsec/Brutal/wiki/Install-Requirements"
)
class Stitch(HackingTool):
TITLE = "Stitch"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"Stitch is a Cross Platform Python Remote Administrator Tool.\n"
"[!] Refer to the project link for Windows & macOS support."
)
INSTALL_COMMANDS = [
"git clone https://github.com/nathanlopez/Stitch.git",
"cd Stitch && pip install --user -r lnx_requirements.txt",
]
RUN_COMMANDS = ["cd Stitch && sudo python3 main.py"]
PROJECT_URL = "https://nathanlopez.github.io/Stitch"
class MSFVenom(HackingTool):
TITLE = "MSFvenom Payload Creator"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple "
"types of payloads, based on user choice."
)
INSTALL_COMMANDS = [
"git clone https://github.com/g0tmi1k/msfpc.git",
"cd msfpc && chmod +x msfpc.sh",
]
RUN_COMMANDS = ["cd msfpc && sudo bash msfpc.sh -h -v"]
PROJECT_URL = "https://github.com/g0tmi1k/msfpc"
class Venom(HackingTool):
TITLE = "Venom Shellcode Generator"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Venom exploits apache2 webserver to deliver LAN payloads via fake webpages."
INSTALL_COMMANDS = [
"git clone https://github.com/r00t-3xp10it/venom.git",
# Removed "sudo ./venom.sh -u" from install — interactive, runs the tool during install
"sudo chmod -R 775 venom*/ && cd venom*/ && cd aux && sudo bash setup.sh",
]
RUN_COMMANDS = ["cd venom && sudo ./venom.sh"]
PROJECT_URL = "https://github.com/r00t-3xp10it/venom"
class Spycam(HackingTool):
TITLE = "Spycam"
DESCRIPTION = "Generates a Win32 payload that captures webcam images every 1 minute."
INSTALL_COMMANDS = [
"git clone https://github.com/indexnotfound404/spycam.git",
"cd spycam && bash install.sh && chmod +x spycam",
]
RUN_COMMANDS = ["cd spycam && ./spycam"]
PROJECT_URL = "https://github.com/indexnotfound404/spycam"
class MobDroid(HackingTool):
TITLE = "Mob-Droid"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Generates metasploit payloads easily without typing long commands."
INSTALL_COMMANDS = ["git clone https://github.com/kinghacker0/mob-droid.git"]
RUN_COMMANDS = ["cd mob-droid && sudo python3 mob-droid.py"]
PROJECT_URL = "https://github.com/kinghacker0/Mob-Droid"
class Enigma(HackingTool):
TITLE = "Enigma"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Enigma is a Multiplatform payload dropper."
INSTALL_COMMANDS = ["git clone https://github.com/UndeadSec/Enigma.git"]
RUN_COMMANDS = ["cd Enigma && sudo python3 enigma.py"]
PROJECT_URL = "https://github.com/UndeadSec/Enigma"
class PayloadCreatorTools(HackingToolsCollection):
TITLE = "Payload creation tools"
# Bug 11 fix: show_options() override was missing `parent` parameter entirely —
# the whole override is now deleted and the base class method is used instead.
TOOLS = [
TheFatRat(),
Brutal(),
Stitch(),
MSFVenom(),
Venom(),
Spycam(),
MobDroid(),
Enigma(),
]
if __name__ == "__main__":
tools = PayloadCreatorTools()
tools.show_options()
================================================
FILE: tools/phishing_attack.py
================================================
import os
from core import HackingTool, HackingToolsCollection, console
class Autophisher(HackingTool):
TITLE = "Autophisher RK"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Automated Phishing Toolkit"
INSTALL_COMMANDS = [
"git clone https://github.com/CodingRanjith/autophisher.git",
]
RUN_COMMANDS = ["cd autophisher && sudo bash autophisher.sh"]
PROJECT_URL = "https://github.com/CodingRanjith/autophisher"
class Pyphisher(HackingTool):
TITLE = "Pyphisher"
DESCRIPTION = "Easy to use phishing tool with 77 website templates"
# Bug 9 fix: pip must reference the full path, not rely on a no-op "cd" call
INSTALL_COMMANDS = [
"git clone https://github.com/KasRoudra/PyPhisher",
"pip3 install --user -r PyPhisher/files/requirements.txt",
]
RUN_COMMANDS = ["cd PyPhisher && sudo python3 pyphisher.py"]
# Bug 8 fix: PROJECT_URL was a git clone command, not a URL
PROJECT_URL = "https://github.com/KasRoudra/PyPhisher"
class AdvPhishing(HackingTool):
TITLE = "AdvPhishing"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "This is Advance Phishing Tool ! OTP PHISHING"
INSTALL_COMMANDS = [
"git clone https://github.com/Ignitetch/AdvPhishing.git",
# Vuln 2 fix: chmod 777 → chmod +x
"cd AdvPhishing && chmod +x Linux-Setup.sh && bash Linux-Setup.sh",
]
RUN_COMMANDS = ["cd AdvPhishing && sudo bash AdvPhishing.sh"]
PROJECT_URL = "https://github.com/Ignitetch/AdvPhishing"
class Setoolkit(HackingTool):
TITLE = "Setoolkit"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"The Social-Engineer Toolkit is an open-source penetration\n"
"testing framework designed for social engineering."
)
INSTALL_COMMANDS = [
"git clone https://github.com/trustedsec/social-engineer-toolkit/",
"cd social-engineer-toolkit && pip install --user .",
]
RUN_COMMANDS = ["sudo setoolkit"]
PROJECT_URL = "https://github.com/trustedsec/social-engineer-toolkit"
class SocialFish(HackingTool):
TITLE = "SocialFish"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Automated Phishing Tool & Information Collector NOTE: username is 'root' and password is 'pass'"
INSTALL_COMMANDS = [
"git clone https://github.com/UndeadSec/SocialFish.git && sudo apt-get install python3 python3-pip python3-dev -y",
"cd SocialFish && sudo python3 -m pip install -r requirements.txt",
]
RUN_COMMANDS = ["cd SocialFish && sudo python3 SocialFish.py root pass"]
PROJECT_URL = "https://github.com/UndeadSec/SocialFish"
class HiddenEye(HackingTool):
TITLE = "HiddenEye"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services\n"
"\t[!] https://github.com/DarkSecDevelopers/HiddenEye"
)
INSTALL_COMMANDS = [
# Vuln 2 fix: chmod 777 → chmod 755
"git clone https://github.com/Morsmalleo/HiddenEye.git && chmod -R 755 HiddenEye",
"cd HiddenEye && sudo pip3 install -r requirements.txt && pip3 install pyngrok",
]
RUN_COMMANDS = ["cd HiddenEye && sudo python3 HiddenEye.py"]
PROJECT_URL = "https://github.com/Morsmalleo/HiddenEye"
class Evilginx3(HackingTool):
TITLE = "Evilginx3"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"evilginx is a man-in-the-middle attack framework used for phishing login credentials\n"
"along with session cookies, bypassing 2-factor authentication.\n"
"Requires Go >= 1.18 installed."
)
# Bug 6 fix: removed 'sudo evilginx' (interactive) from INSTALL_COMMANDS
INSTALL_COMMANDS = [
"sudo apt-get install -y git make golang-go",
"go install github.com/kgretzky/evilginx/v3@latest",
]
RUN_COMMANDS = ["evilginx"]
PROJECT_URL = "https://github.com/kgretzky/evilginx2"
REQUIRES_GO = True
class ISeeYou(HackingTool):
TITLE = "I-See_You"
SUPPORTED_OS = ["linux"]
DESCRIPTION = (
"[!] ISeeYou finds the exact location of a target via social engineering.\n"
"[!] Expose local servers to the internet and decode location from log file."
)
INSTALL_COMMANDS = [
"git clone https://github.com/Viralmaniar/I-See-You.git",
"cd I-See-You && sudo chmod u+x ISeeYou.sh",
]
RUN_COMMANDS = ["cd I-See-You && sudo bash ISeeYou.sh"]
PROJECT_URL = "https://github.com/Viralmaniar/I-See-You"
class SayCheese(HackingTool):
TITLE = "SayCheese"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Take webcam shots from target just by sending a malicious link"
INSTALL_COMMANDS = ["git clone https://github.com/hangetzzu/saycheese"]
RUN_COMMANDS = ["cd saycheese && sudo bash saycheese.sh"]
PROJECT_URL = "https://github.com/hangetzzu/saycheese"
class QRJacking(HackingTool):
TITLE = "QR Code Jacking"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "QR Code Jacking (Any Website)"
INSTALL_COMMANDS = [
"git clone https://github.com/cryptedwolf/ohmyqr.git && sudo apt -y install scrot",
]
RUN_COMMANDS = ["cd ohmyqr && sudo bash ohmyqr.sh"]
PROJECT_URL = "https://github.com/cryptedwolf/ohmyqr"
# Bug 10 fix: WifiPhisher removed from phishing tools — it belongs in wireless_attack.py
class BlackEye(HackingTool):
TITLE = "BlackEye"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "The ultimate phishing tool with 38 websites available!"
INSTALL_COMMANDS = [
"git clone https://github.com/thelinuxchoice/blackeye",
]
RUN_COMMANDS = ["cd blackeye && sudo bash blackeye.sh"]
PROJECT_URL = "https://github.com/An0nUD4Y/blackeye"
class ShellPhish(HackingTool):
TITLE = "ShellPhish"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Phishing Tool for 18 social media"
INSTALL_COMMANDS = ["git clone https://github.com/An0nUD4Y/shellphish.git"]
RUN_COMMANDS = ["cd shellphish && sudo bash shellphish.sh"]
PROJECT_URL = "https://github.com/An0nUD4Y/shellphish"
class Thanos(HackingTool):
TITLE = "Thanos"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Browser to Browser Phishing toolkit"
INSTALL_COMMANDS = [
"git clone https://github.com/TridevReddy/Thanos.git",
# Vuln 2 fix: chmod -R 777 → chmod +x
"cd Thanos && chmod +x Thanos.sh",
]
RUN_COMMANDS = ["cd Thanos && sudo bash Thanos.sh"]
PROJECT_URL = "https://github.com/TridevReddy/Thanos"
class QRLJacking(HackingTool):
TITLE = "QRLJacking"
DESCRIPTION = "QRLJacking — session hijacking attack vector targeting QR code based login"
INSTALL_COMMANDS = [
"git clone https://github.com/OWASP/QRLJacking.git",
# Bug fix: geckodriver must be fetched as a binary, not cloned from source
"GECKO_VER=$(curl -s https://api.github.com/repos/mozilla/geckodriver/releases/latest | grep tag_name | cut -d '\"' -f4) && "
"wget -q https://github.com/mozilla/geckodriver/releases/download/$GECKO_VER/geckodriver-$GECKO_VER-linux64.tar.gz -O /tmp/geckodriver.tar.gz && "
"tar -xzf /tmp/geckodriver.tar.gz -C /tmp && sudo mv /tmp/geckodriver /usr/local/bin/",
"cd QRLJacking && pip3 install --user -r QRLJacker/requirements.txt",
]
RUN_COMMANDS = ["cd QRLJacking/QRLJacker && python3 QrlJacker.py"]
PROJECT_URL = "https://github.com/OWASP/QRLJacking"
class Maskphish(HackingTool):
TITLE = "Maskphish"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Hide phishing URL under a normal looking URL (google.com or facebook.com)"
INSTALL_COMMANDS = [
"git clone https://github.com/jaykali/maskphish.git",
]
RUN_COMMANDS = ["cd maskphish && sudo bash maskphish.sh"]
PROJECT_URL = "https://github.com/jaykali/maskphish"
class BlackPhish(HackingTool):
TITLE = "BlackPhish"
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = [
"git clone https://github.com/iinc0gnit0/BlackPhish.git",
"cd BlackPhish && sudo bash install.sh",
]
RUN_COMMANDS = ["cd BlackPhish && sudo python3 blackphish.py"]
PROJECT_URL = "https://github.com/iinc0gnit0/BlackPhish"
def __init__(self):
# Bug fix: super() Python 3 style
super().__init__([("Update", self.update)])
def update(self):
import subprocess
from config import get_tools_dir
subprocess.run(["bash", "update.sh"], cwd=str(get_tools_dir() / "BlackPhish"))
class Dnstwist(HackingTool):
# Bug 2 fix: all attributes were wrong case (Title, Install_commands, etc.)
# They are now the correct uppercase names the base class reads.
TITLE = "dnstwist"
DESCRIPTION = "Domain name permutation engine for detecting typosquatting, phishing and brand impersonation"
INSTALL_COMMANDS = ["pip3 install --user dnstwist"]
RUN_COMMANDS = ["dnstwist --help"]
PROJECT_URL = "https://github.com/elceef/dnstwist"
class PhishingAttackTools(HackingToolsCollection):
TITLE = "Phishing attack tools"
TOOLS = [
Autophisher(),
Pyphisher(),
AdvPhishing(),
Setoolkit(),
SocialFish(),
HiddenEye(),
Evilginx3(),
ISeeYou(),
SayCheese(),
QRJacking(),
BlackEye(),
ShellPhish(),
Thanos(),
QRLJacking(),
BlackPhish(),
Maskphish(),
Dnstwist(),
]
if __name__ == "__main__":
tools = PhishingAttackTools()
tools.show_options()
================================================
FILE: tools/post_exploitation.py
================================================
import os
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
class Vegile(HackingTool):
TITLE = "Vegile - Ghost In The Shell"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "This tool will set up your backdoor/rootkits when " \
"backdoor is already setup it will be \n" \
"hidden your specific process,unlimited your session in " \
"metasploit and transparent."
INSTALL_COMMANDS = [
"git clone https://github.com/Screetsec/Vegile.git",
"cd Vegile && sudo chmod +x Vegile"
]
RUN_COMMANDS = ["cd Vegile && sudo bash Vegile"]
PROJECT_URL = "https://github.com/Screetsec/Vegile"
def before_run(self):
console.print(
"[bold magenta]Vegile commands:[/]\n"
" Vegile -i / --inject [backdoor/rootkit]\n"
" Vegile -u / --unlimited [backdoor/rootkit]\n"
" Vegile -h / --help"
)
class ChromeKeyLogger(HackingTool):
TITLE = "Chrome Keylogger"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Hera Chrome Keylogger"
INSTALL_COMMANDS = [
"git clone https://github.com/UndeadSec/HeraKeylogger.git",
"cd HeraKeylogger && sudo apt-get install python3-pip -y && sudo pip3 install -r requirements.txt"
]
RUN_COMMANDS = ["cd HeraKeylogger && sudo python3 hera.py"]
PROJECT_URL = "https://github.com/UndeadSec/HeraKeylogger"
class PwncatCS(HackingTool):
TITLE = "pwncat-cs (Reverse Shell Handler)"
DESCRIPTION = (
"Post-exploitation platform — manages reverse/bind shells with automation.\n"
"Handles file upload/download, persistence, privilege escalation.\n"
"Usage: pwncat-cs -lp 4444"
)
SUPPORTED_OS = ["linux", "macos"]
INSTALL_COMMANDS = ["pip install --user pwncat-cs"]
RUN_COMMANDS = ["pwncat-cs --help"]
PROJECT_URL = "https://github.com/calebstewart/pwncat"
class Sliver(HackingTool):
TITLE = "Sliver (C2 Framework)"
DESCRIPTION = "Cross-platform adversary emulation/red team C2 framework — mTLS, HTTP(S), DNS, WireGuard."
INSTALL_COMMANDS = [
"curl -sSf https://sliver.sh/install -o /tmp/sliver-install.sh",
"sudo bash /tmp/sliver-install.sh",
]
RUN_COMMANDS = ["sliver --help"]
PROJECT_URL = "https://github.com/BishopFox/sliver"
SUPPORTED_OS = ["linux", "macos"]
class Havoc(HackingTool):
TITLE = "Havoc (C2 Framework)"
DESCRIPTION = "Modern post-exploitation C2 framework with EDR evasion. Cobalt Strike alternative."
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = [
"git clone https://github.com/HavocFramework/Havoc.git",
"cd Havoc && make",
]
RUN_COMMANDS = ["cd Havoc && ./havoc --help"]
PROJECT_URL = "https://github.com/HavocFramework/Havoc"
SUPPORTED_OS = ["linux"]
class PEASSng(HackingTool):
TITLE = "PEASS-ng — LinPEAS/WinPEAS (Priv Esc)"
DESCRIPTION = "Privilege escalation enumeration scripts for Linux and Windows."
INSTALL_COMMANDS = [
"curl -sSL https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh -o linpeas.sh",
"chmod +x linpeas.sh",
]
RUN_COMMANDS = ["./linpeas.sh --help"]
PROJECT_URL = "https://github.com/peass-ng/PEASS-ng"
class LigoloNg(HackingTool):
TITLE = "Ligolo-ng (Tunneling/Pivoting)"
DESCRIPTION = "Advanced tunneling/pivoting tool using TUN interfaces — no SOCKS needed."
REQUIRES_GO = True
INSTALL_COMMANDS = [
"go install github.com/nicocha30/ligolo-ng@latest",
]
RUN_COMMANDS = ["ligolo-ng --help"]
PROJECT_URL = "https://github.com/nicocha30/ligolo-ng"
SUPPORTED_OS = ["linux", "macos"]
class ChiselTunnel(HackingTool):
TITLE = "Chisel (HTTP Tunnel)"
DESCRIPTION = "Fast TCP/UDP tunnel over HTTP, secured via SSH — pivoting and port forwarding."
REQUIRES_GO = True
INSTALL_COMMANDS = [
"go install github.com/jpillora/chisel@latest",
]
RUN_COMMANDS = ["chisel --help"]
PROJECT_URL = "https://github.com/jpillora/chisel"
class EvilWinRM(HackingTool):
TITLE = "Evil-WinRM (Windows Remote Shell)"
DESCRIPTION = "Ultimate WinRM shell for hacking/pentesting Windows machines."
REQUIRES_RUBY = True
INSTALL_COMMANDS = ["gem install evil-winrm"]
RUN_COMMANDS = ["evil-winrm --help"]
PROJECT_URL = "https://github.com/Hackplayers/evil-winrm"
SUPPORTED_OS = ["linux"]
class Mythic(HackingTool):
TITLE = "Mythic (C2 Platform)"
DESCRIPTION = "Collaborative, multi-payload C2 platform designed for red team operations."
REQUIRES_DOCKER = True
INSTALL_COMMANDS = [
"git clone https://github.com/its-a-feature/Mythic.git",
"cd Mythic && sudo make",
]
RUN_COMMANDS = ["cd Mythic && sudo ./mythic-cli start"]
PROJECT_URL = "https://github.com/its-a-feature/Mythic"
SUPPORTED_OS = ["linux"]
class PostExploitationTools(HackingToolsCollection):
TITLE = "Post exploitation tools"
TOOLS = [
Vegile(),
ChromeKeyLogger(),
PwncatCS(),
Sliver(),
Havoc(),
PEASSng(),
LigoloNg(),
ChiselTunnel(),
EvilWinRM(),
Mythic(),
]
if __name__ == "__main__":
tools = PostExploitationTools()
tools.show_options()
================================================
FILE: tools/remote_administration.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
# Bug 17 fix: Stitch was defined in both payload_creator.py and remote_administration.py.
# It is kept in payload_creator.py (its correct category) and removed from here.
class Pyshell(HackingTool):
TITLE = "Pyshell"
DESCRIPTION = "Pyshell is a Rat Tool that can be able to download & upload " \
"files,\n Execute OS Command and more.."
INSTALL_COMMANDS = [
"git clone https://github.com/knassar702/Pyshell.git;"
"pip install --user pyscreenshot python-nmap requests"
]
RUN_COMMANDS = ["cd Pyshell;./Pyshell"]
PROJECT_URL = "https://github.com/knassar702/pyshell"
class RemoteAdministrationTools(HackingToolsCollection):
TITLE = "Remote Administrator Tools (RAT)"
TOOLS = [
Pyshell()
]
if __name__ == "__main__":
tools = RemoteAdministrationTools()
tools.show_options()
================================================
FILE: tools/reverse_engineering.py
================================================
import subprocess
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
class AndroGuard(HackingTool):
TITLE = "Androguard"
DESCRIPTION = "Androguard is a Reverse engineering, Malware and goodware " \
"analysis of Android applications and more"
INSTALL_COMMANDS = ["sudo pip3 install -U androguard"]
PROJECT_URL = "https://github.com/androguard/androguard "
def __init__(self):
super().__init__(runnable=False)
class Apk2Gold(HackingTool):
TITLE = "Apk2Gold"
SUPPORTED_OS = ["linux"]
DESCRIPTION = "Apk2Gold is a CLI tool for decompiling Android apps to Java"
INSTALL_COMMANDS = [
"git clone https://github.com/lxdvs/apk2gold.git",
"cd apk2gold;sudo bash make.sh"
]
PROJECT_URL = "https://github.com/lxdvs/apk2gold "
def run(self):
uinput = input("Enter (.apk) File >> ")
subprocess.run(["sudo", "apk2gold", uinput])
class Jadx(HackingTool):
TITLE = "JadX"
DESCRIPTION = "Jadx is Dex to Java decompiler.\n" \
"[*] decompile Dalvik bytecode to java classes from APK, dex," \
" aar and zip files\n" \
"[*] decode AndroidManifest.xml and other resources from " \
"resources.arsc"
INSTALL_COMMANDS = [
"git clone https://github.com/skylot/jadx.git",
# Bug 30 fix: gradlew dist requires Java — check first
"java -version 2>&1 | grep -q 'version' && cd jadx && ./gradlew dist || echo '[ERROR] Java not found. Install: sudo apt install default-jdk'",
]
PROJECT_URL = "https://github.com/skylot/jadx"
REQUIRES_JAVA = True
def __init__(self):
# Py3-4 fix: super(Jadx, self) → super()
super().__init__(runnable=False)
class Ghidra(HackingTool):
TITLE = "Ghidra (NSA Reverse Engineering)"
DESCRIPTION = "NSA's software reverse engineering framework — disassembly, decompilation, scripting."
REQUIRES_JAVA = True
INSTALL_COMMANDS = [
"sudo apt-get install -y ghidra || echo 'Download from https://ghidra-sre.org/'",
]
RUN_COMMANDS = ["ghidra --help || echo 'Run: ghidraRun'"]
PROJECT_URL = "https://github.com/NationalSecurityAgency/ghidra"
SUPPORTED_OS = ["linux", "macos"]
class Radare2(HackingTool):
TITLE = "Radare2 (RE Framework)"
DESCRIPTION = "Portable UNIX-like reverse engineering framework and command-line toolset."
INSTALL_COMMANDS = [
"git clone https://github.com/radareorg/radare2.git",
"cd radare2 && sys/install.sh",
]
RUN_COMMANDS = ["r2 -h"]
PROJECT_URL = "https://github.com/radareorg/radare2"
SUPPORTED_OS = ["linux", "macos"]
class ReverseEngineeringTools(HackingToolsCollection):
TITLE = "Reverse engineering tools"
TOOLS = [
AndroGuard(),
Apk2Gold(),
Jadx(),
Ghidra(),
Radare2(),
]
if __name__ == "__main__":
tools = ReverseEngineeringTools()
tools.show_options()
================================================
FILE: tools/sql_injection.py
================================================
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.prompt import Prompt
class Sqlmap(HackingTool):
TITLE = "Sqlmap tool"
DESCRIPTION = "sqlmap is an open source penetration testing tool that " \
"automates the process of detecting and exploiting SQL injection flaws " \
"and taking over database servers. [!] python3 sqlmap.py -u [http://example.com] --batch --banner. More usage: https://github.com/sqlmapproject/sqlmap/wiki/Usage"
INSTALL_COMMANDS = ["git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev"]
RUN_COMMANDS = ["cd sqlmap-dev;python3 sqlmap.py --wizard"]
PROJECT_URL = "https://github.com/sqlmapproject/sqlmap"
class NoSqlMap(HackingTool):
TITLE = "NoSqlMap"
DESCRIPTION = "NoSQLMap is an open source Python tool designed to audit and automate injection attacks. [*] Please install MongoDB."
INSTALL_COMMANDS = [
"git clone https://github.com/codingo/NoSQLMap.git",
# Bug 25 fix: was "python setup.py install" (Python 2) and "python NoSQLMap"
"cd NoSQLMap && pip install --user .",
]
# Bug 25 fix: "python" → "python3"
RUN_COMMANDS = ["python3 -m nosqlmap"]
PROJECT_URL = "https://github.com/codingo/NoSQLMap"
class SQLiScanner(HackingTool):
TITLE = "Damn Small SQLi Scanner"
DESCRIPTION = "DSSS is a fully functional SQL injection vulnerability scanner also supporting GET and POST parameters. Usage: python3 dsss.py -h | -u [URL]"
INSTALL_COMMANDS = ["git clone https://github.com/stamparm/DSSS.git"]
PROJECT_URL = "https://github.com/stamparm/DSSS"
def __init__(self):
super().__init__(runnable=False)
class Explo(HackingTool):
TITLE = "Explo"
DESCRIPTION = "Explo is a simple tool to describe web security issues in human and machine readable format. Usage: explo [--verbose|-v] testcase.yaml | explo [--verbose|-v] examples/*.yaml"
INSTALL_COMMANDS = [
"git clone https://github.com/dtag-dev-sec/explo.git",
"cd explo && pip install --user .",
]
PROJECT_URL = "https://github.com/dtag-dev-sec/explo"
def __init__(self):
super().__init__(runnable=False)
class Blisqy(HackingTool):
TITLE = "Blisqy - Exploit Time-based blind-SQL injection"
DESCRIPTION = "Blisqy helps web security researchers find time-based blind SQL injections on HTTP headers and exploit them."
INSTALL_COMMANDS = ["git clone https://github.com/JohnTroony/Blisqy.git"]
PROJECT_URL = "https://github.com/JohnTroony/Blisqy"
def __init__(self):
super().__init__(runnable=False)
class Leviathan(HackingTool):
TITLE = "Leviathan - Wide Range Mass Audit Toolkit"
DESCRIPTION = "Leviathan is a mass audit toolkit with service discovery, brute force, SQL injection detection, and custom exploit capabilities. Requires API keys."
INSTALL_COMMANDS = ["git clone https://github.com/leviathan-framework/leviathan.git",
"cd leviathan;pip install --user -r requirements.txt"]
RUN_COMMANDS = ["cd leviathan;python leviathan.py"]
PROJECT_URL = "https://github.com/leviathan-framework/leviathan"
class SQLScan(HackingTool):
TITLE = "SQLScan"
DESCRIPTION = "SQLScan is a quick web scanner to find SQL injection points. Not for educational purposes."
INSTALL_COMMANDS = ["sudo apt install php php-bz2 php-curl php-mbstring curl",
"sudo curl https://raw.githubusercontent.com/Cvar1984/sqlscan/dev/build/main.phar --output /usr/local/bin/sqlscan",
"chmod +x /usr/local/bin/sqlscan"]
RUN_COMMANDS = ["sudo sqlscan"]
PROJECT_URL = "https://github.com/Cvar1984/sqlscan"
class SqlInjectionTools(HackingToolsCollection):
TITLE = "SQL Injection Tools"
TOOLS = [Sqlmap(), NoSqlMap(), SQLiScanner(), Explo(), Blisqy(), Leviathan(), SQLScan()]
if __name__ == "__main__":
tools = SqlInjectionTools()
tools.show_options()
================================================
FILE: tools/steganography.py
================================================
import subprocess
from core import HackingTool, HackingToolsCollection, console
from core import validate_input
from rich.panel import Panel
from rich.prompt import Prompt
class SteganoHide(HackingTool):
TITLE = "SteganoHide"
INSTALL_COMMANDS = ["sudo apt-get install steghide -y"]
def run(self):
choice_run = input(
"[1] Hide\n"
"[2] Extract\n"
"[99]Cancel\n"
">> "
)
choice_run = validate_input(choice_run, [1, 2, 99])
if choice_run is None:
console.print("[bold red]Please choose a valid input[/bold red]")
return self.run()
if choice_run == 99:
return
if choice_run == 1:
file_hide = input("Enter Filename to Embed (1.txt) >> ")
file_to_be_hide = input("Enter Cover Filename (test.jpeg) >> ")
subprocess.run(["steghide", "embed", "-cf", file_to_be_hide, "-ef", file_hide])
elif choice_run == 2:
from_file = input("Enter Filename to Extract Data From >> ")
subprocess.run(["steghide", "extract", "-sf", from_file])
class StegnoCracker(HackingTool):
TITLE = "StegnoCracker"
DESCRIPTION = "SteganoCracker uncovers hidden data inside files using brute-force utility"
INSTALL_COMMANDS = ["pip3 install stegcracker && pip3 install stegcracker -U --force-reinstall"]
def run(self):
filename = input("Enter Filename >> ")
passfile = input("Enter Wordlist Filename >> ")
subprocess.run(["stegcracker", filename, passfile])
class StegoCracker(HackingTool):
TITLE = "StegoCracker"
DESCRIPTION = "StegoCracker lets you hide and retrieve data in image or audio files"
INSTALL_COMMANDS = [
"git clone https://github.com/W1LDN16H7/StegoCracker.git",
"sudo chmod -R 755 StegoCracker"
]
RUN_COMMANDS = [
"cd StegoCracker && python3 -m pip install -r requirements.txt",
"./install.sh"
]
PROJECT_URL = "https://github.com/W1LDN16H7/StegoCracker"
class Whitespace(HackingTool):
TITLE = "Whitespace"
DESCRIPTION = "Use whitespace and unicode characters for steganography"
INSTALL_COMMANDS = [
"git clone https://github.com/beardog108/snow10.git",
"sudo chmod -R 755 snow10"
]
RUN_COMMANDS = ["cd snow10 && ./install.sh"]
PROJECT_URL = "https://github.com/beardog108/snow10"
class SteganographyTools(HackingToolsCollection):
TITLE = "Steganography Tools"
TOOLS = [SteganoHide(), StegnoCracker(), StegoCracker(), Whitespace()]
if __name__ == "__main__":
tools = SteganographyTools()
tools.show_options()
================================================
FILE: tools/tool_manager.py
================================================
import os
import sys
import subprocess
from time import sleep
from rich.prompt import Confirm
from core import HackingTool, HackingToolsCollection, console
from constants import APP_INSTALL_DIR, APP_BIN_PATH, USER_CONFIG_DIR, REPO_URL
class UpdateTool(HackingTool):
TITLE = "Update Tool or System"
DESCRIPTION = "Update system packages or pull the latest hackingtool code"
def __init__(self):
super().__init__([
("Update System", self.update_sys),
("Update Hackingtool", self.update_ht),
], installable=False, runnable=False)
def update_sys(self):
from os_detect import CURRENT_OS, PACKAGE_UPDATE_CMDS
mgr = CURRENT_OS.pkg_manager
cmd = PACKAGE_UPDATE_CMDS.get(mgr)
if cmd:
priv = "" if (CURRENT_OS.system == "macos" or os.geteuid() == 0) else "sudo "
# shell=True needed — cmd contains && chains; strings are hardcoded, not user input
subprocess.run(f"{priv}{cmd}", shell=True, check=False)
else:
console.print("[warning]Unknown package manager — update manually.[/warning]")
def update_ht(self):
if not APP_INSTALL_DIR.exists():
console.print(f"[error]Install directory not found: {APP_INSTALL_DIR}[/error]")
console.print("[dim]Run install.py first.[/dim]")
return
console.print(f"[bold cyan]Pulling latest code from {REPO_URL}...[/bold cyan]")
result = subprocess.run(
["git", "pull", "--rebase"],
cwd=str(APP_INSTALL_DIR),
capture_output=True, text=True,
)
if result.returncode != 0:
console.print(f"[error]git pull failed:\n{result.stderr}[/error]")
return
pip = str(APP_INSTALL_DIR / "venv" / "bin" / "p
gitextract_i3uowkw6/ ├── .dockerignore ├── .github/ │ ├── FUNDING.yml │ ├── ISSUE_TEMPLATE/ │ │ ├── bug_report.md │ │ ├── feature_request.md │ │ └── tool_request.md │ ├── PULL_REQUEST_TEMPLATE.md │ └── workflows/ │ ├── lint_python.yml │ └── test_install.yml ├── .gitignore ├── Dockerfile ├── LICENSE ├── README.md ├── README_template.md ├── config.py ├── constants.py ├── core.py ├── docker-compose.yml ├── generate_readme.py ├── hackingtool.py ├── images/ │ └── demo ├── install.py ├── install.sh ├── os_detect.py ├── requirements.txt ├── tools/ │ ├── __init__.py │ ├── active_directory.py │ ├── anonsurf.py │ ├── cloud_security.py │ ├── ddos.py │ ├── exploit_frameworks.py │ ├── forensics.py │ ├── information_gathering.py │ ├── mobile_security.py │ ├── other_tools.py │ ├── others/ │ │ ├── __init__.py │ │ ├── android_attack.py │ │ ├── email_verifier.py │ │ ├── hash_crack.py │ │ ├── homograph_attacks.py │ │ ├── mix_tools.py │ │ ├── payload_injection.py │ │ ├── socialmedia.py │ │ ├── socialmedia_finder.py │ │ ├── web_crawling.py │ │ └── wifi_jamming.py │ ├── payload_creator.py │ ├── phishing_attack.py │ ├── post_exploitation.py │ ├── remote_administration.py │ ├── reverse_engineering.py │ ├── sql_injection.py │ ├── steganography.py │ ├── tool_manager.py │ ├── web_attack.py │ ├── wireless_attack.py │ ├── wordlist_generator.py │ └── xss_attack.py └── update.sh
SYMBOL INDEX (353 symbols across 37 files)
FILE: config.py
function load (line 11) | def load() -> dict[str, Any]:
function save (line 22) | def save(cfg: dict[str, Any]) -> None:
function get_tools_dir (line 28) | def get_tools_dir() -> Path:
function get_sudo_cmd (line 40) | def get_sudo_cmd() -> str:
FILE: core.py
function clear_screen (line 40) | def clear_screen():
function validate_input (line 44) | def validate_input(ip, val_range: list) -> int | None:
function _show_inline_help (line 57) | def _show_inline_help():
class HackingTool (line 79) | class HackingTool:
method __init__ (line 104) | def __init__(self, options=None, installable=True, runnable=True):
method is_installed (line 118) | def is_installed(self) -> bool:
method show_info (line 143) | def show_info(self):
method show_options (line 156) | def show_options(self, parent=None):
method before_install (line 208) | def before_install(self): pass
method install (line 210) | def install(self):
method after_install (line 218) | def after_install(self):
method before_uninstall (line 221) | def before_uninstall(self) -> bool:
method uninstall (line 224) | def uninstall(self):
method after_uninstall (line 232) | def after_uninstall(self): pass
method update (line 234) | def update(self):
method _get_tool_dir (line 274) | def _get_tool_dir(self) -> str | None:
method open_folder (line 310) | def open_folder(self):
method before_run (line 323) | def before_run(self): pass
method run (line 325) | def run(self):
method after_run (line 333) | def after_run(self): pass
method show_project_page (line 335) | def show_project_page(self):
class HackingToolsCollection (line 340) | class HackingToolsCollection:
method __init__ (line 345) | def __init__(self):
method show_info (line 348) | def show_info(self):
method _active_tools (line 353) | def _active_tools(self) -> list:
method _archived_tools (line 362) | def _archived_tools(self) -> list:
method _incompatible_tools (line 365) | def _incompatible_tools(self) -> list:
method _show_archived_tools (line 373) | def _show_archived_tools(self):
method show_options (line 408) | def show_options(self, parent=None):
FILE: generate_readme.py
function sanitize_anchor (line 15) | def sanitize_anchor(s):
function get_toc (line 19) | def get_toc(tools, indentation = ""):
function get_tools_toc (line 29) | def get_tools_toc(tools, indentation = "##"):
function generate_readme (line 43) | def generate_readme():
FILE: hackingtool.py
class AllTools (line 110) | class AllTools(HackingToolsCollection):
function show_help (line 117) | def show_help():
function _sys_info (line 180) | def _sys_info() -> dict:
function _build_header (line 216) | def _build_header() -> Panel:
function build_menu (line 273) | def build_menu():
function _collect_all_tools (line 330) | def _collect_all_tools() -> list[tuple]:
function _get_all_tags (line 346) | def _get_all_tags() -> dict[str, list[tuple]]:
function filter_by_tag (line 384) | def filter_by_tag():
function recommend_tools (line 458) | def recommend_tools():
function search_tools (line 530) | def search_tools(query: str | None = None):
function interact_menu (line 592) | def interact_menu():
function main (line 666) | def main():
FILE: install.py
function check_root (line 40) | def check_root():
function check_os_compatibility (line 52) | def check_os_compatibility():
function check_internet (line 88) | def check_internet() -> bool:
function install_system_packages (line 104) | def install_system_packages():
function _is_source_dir (line 135) | def _is_source_dir() -> bool:
function prepare_install_dir (line 140) | def prepare_install_dir():
function install_source (line 150) | def install_source() -> bool:
function create_venv_and_install (line 178) | def create_venv_and_install():
function create_launcher (line 194) | def create_launcher():
function create_user_directories (line 210) | def create_user_directories():
function main (line 227) | def main():
FILE: os_detect.py
class OSInfo (line 8) | class OSInfo:
function detect (line 20) | def detect() -> OSInfo:
function install_packages (line 110) | def install_packages(packages: list[str], os_info: OSInfo | None = None)...
FILE: tools/active_directory.py
class BloodHound (line 5) | class BloodHound(HackingTool):
class NetExec (line 17) | class NetExec(HackingTool):
class Impacket (line 26) | class Impacket(HackingTool):
class Responder (line 35) | class Responder(HackingTool):
class Certipy (line 44) | class Certipy(HackingTool):
class Kerbrute (line 53) | class Kerbrute(HackingTool):
class ActiveDirectoryTools (line 65) | class ActiveDirectoryTools(HackingToolsCollection):
FILE: tools/anonsurf.py
class AnonymouslySurf (line 6) | class AnonymouslySurf(HackingTool):
method __init__ (line 23) | def __init__(self):
method stop (line 26) | def stop(self):
class Multitor (line 32) | class Multitor(HackingTool):
method __init__ (line 45) | def __init__(self):
class AnonSurfTools (line 49) | class AnonSurfTools(HackingToolsCollection):
FILE: tools/cloud_security.py
class Prowler (line 5) | class Prowler(HackingTool):
class ScoutSuite (line 14) | class ScoutSuite(HackingTool):
class Pacu (line 23) | class Pacu(HackingTool):
class Trivy (line 32) | class Trivy(HackingTool):
class CloudSecurityTools (line 43) | class CloudSecurityTools(HackingToolsCollection):
FILE: tools/ddos.py
class DDoSTool (line 8) | class DDoSTool(HackingTool):
method run (line 21) | def run(self):
class SlowLoris (line 37) | class SlowLoris(HackingTool):
method run (line 46) | def run(self):
class Asyncrone (line 51) | class Asyncrone(HackingTool):
method run (line 64) | def run(self):
class UFONet (line 77) | class UFONet(HackingTool):
class GoldenEye (line 92) | class GoldenEye(HackingTool):
method run (line 106) | def run(self):
class Saphyra (line 114) | class Saphyra(HackingTool):
method run (line 125) | def run(self):
class DDOSTools (line 136) | class DDOSTools(HackingToolsCollection):
FILE: tools/exploit_frameworks.py
class RouterSploit (line 9) | class RouterSploit(HackingTool):
class WebSploit (line 21) | class WebSploit(HackingTool):
class Commix (line 32) | class Commix(HackingTool):
method __init__ (line 49) | def __init__(self):
class ExploitFrameworkTools (line 54) | class ExploitFrameworkTools(HackingToolsCollection):
FILE: tools/forensics.py
class Autopsy (line 10) | class Autopsy(HackingTool):
method __init__ (line 18) | def __init__(self):
class Wireshark (line 22) | class Wireshark(HackingTool):
method __init__ (line 29) | def __init__(self):
class BulkExtractor (line 33) | class BulkExtractor(HackingTool):
method __init__ (line 39) | def __init__(self):
method gui_mode (line 45) | def gui_mode(self):
method cli_mode (line 60) | def cli_mode(self):
class Guymager (line 68) | class Guymager(HackingTool):
class Toolsley (line 78) | class Toolsley(HackingTool):
method __init__ (line 90) | def __init__(self):
class Volatility3 (line 94) | class Volatility3(HackingTool):
method run (line 106) | def run(self):
class Binwalk (line 118) | class Binwalk(HackingTool):
class Pspy (line 129) | class Pspy(HackingTool):
class ForensicTools (line 141) | class ForensicTools(HackingToolsCollection):
FILE: tools/information_gathering.py
class NMAP (line 15) | class NMAP(HackingTool):
method __init__ (line 24) | def __init__(self):
class Dracnmap (line 28) | class Dracnmap(HackingTool):
class PortScan (line 40) | class PortScan(HackingTool):
method __init__ (line 43) | def __init__(self):
method run (line 46) | def run(self):
class Host2IP (line 53) | class Host2IP(HackingTool):
method __init__ (line 56) | def __init__(self):
method run (line 59) | def run(self):
class XeroSploit (line 67) | class XeroSploit(HackingTool):
class RedHawk (line 79) | class RedHawk(HackingTool):
class ReconSpider (line 88) | class ReconSpider(HackingTool):
class IsItDown (line 102) | class IsItDown(HackingTool):
method __init__ (line 106) | def __init__(self):
method open (line 110) | def open(self):
class Infoga (line 115) | class Infoga(HackingTool):
class ReconDog (line 127) | class ReconDog(HackingTool):
class Striker (line 135) | class Striker(HackingTool):
method run (line 144) | def run(self):
class SecretFinder (line 154) | class SecretFinder(HackingTool):
method __init__ (line 166) | def __init__(self):
class Shodan (line 170) | class Shodan(HackingTool):
method __init__ (line 178) | def __init__(self):
class PortScannerRanger (line 182) | class PortScannerRanger(HackingTool):
method run (line 191) | def run(self):
class Breacher (line 201) | class Breacher(HackingTool):
method run (line 207) | def run(self):
class TheHarvester (line 217) | class TheHarvester(HackingTool):
class Amass (line 231) | class Amass(HackingTool):
class Masscan (line 246) | class Masscan(HackingTool):
class RustScan (line 258) | class RustScan(HackingTool):
class Holehe (line 273) | class Holehe(HackingTool):
class Maigret (line 284) | class Maigret(HackingTool):
class Httpx (line 295) | class Httpx(HackingTool):
class SpiderFoot (line 309) | class SpiderFoot(HackingTool):
class Subfinder (line 317) | class Subfinder(HackingTool):
class TruffleHog (line 328) | class TruffleHog(HackingTool):
class Gitleaks (line 336) | class Gitleaks(HackingTool):
class InformationGatheringTools (line 347) | class InformationGatheringTools(HackingToolsCollection):
FILE: tools/mobile_security.py
class MobSF (line 5) | class MobSF(HackingTool):
class Frida (line 17) | class Frida(HackingTool):
class Objection (line 26) | class Objection(HackingTool):
class MobileSecurityTools (line 35) | class MobileSecurityTools(HackingToolsCollection):
FILE: tools/other_tools.py
class HatCloud (line 20) | class HatCloud(HackingTool):
method run (line 27) | def run(self):
class OtherTools (line 38) | class OtherTools(HackingToolsCollection):
FILE: tools/others/android_attack.py
class Keydroid (line 8) | class Keydroid(HackingTool):
class MySMS (line 19) | class MySMS(HackingTool):
class LockPhish (line 31) | class LockPhish(HackingTool):
class Droidcam (line 43) | class Droidcam(HackingTool):
class EvilApp (line 56) | class EvilApp(HackingTool):
class AndroidAttackTools (line 67) | class AndroidAttackTools(HackingToolsCollection):
FILE: tools/others/email_verifier.py
class KnockMail (line 7) | class KnockMail(HackingTool):
class EmailVerifyTools (line 18) | class EmailVerifyTools(HackingToolsCollection):
FILE: tools/others/hash_crack.py
class HashBuster (line 8) | class HashBuster(HackingTool):
class HashCrackingTools (line 21) | class HashCrackingTools(HackingToolsCollection):
FILE: tools/others/homograph_attacks.py
class EvilURL (line 8) | class EvilURL(HackingTool):
class IDNHomographAttackTools (line 17) | class IDNHomographAttackTools(HackingToolsCollection):
FILE: tools/others/mix_tools.py
class TerminalMultiplexer (line 8) | class TerminalMultiplexer(HackingTool):
method __init__ (line 18) | def __init__(self):
class Crivo (line 23) | class Crivo(HackingTool):
method __init__ (line 37) | def __init__(self):
class MixTools (line 42) | class MixTools(HackingToolsCollection):
FILE: tools/others/payload_injection.py
class DebInject (line 8) | class DebInject(HackingTool):
class Pixload (line 17) | class Pixload(HackingTool):
method __init__ (line 27) | def __init__(self):
class PayloadInjectorTools (line 31) | class PayloadInjectorTools(HackingToolsCollection):
FILE: tools/others/socialmedia.py
class InstaBrute (line 12) | class InstaBrute(HackingTool):
method __init__ (line 22) | def __init__(self):
class BruteForce (line 26) | class BruteForce(HackingTool):
class Faceshell (line 38) | class Faceshell(HackingTool):
method run (line 47) | def run(self):
class AppCheck (line 58) | class AppCheck(HackingTool):
class SocialMediaBruteforceTools (line 69) | class SocialMediaBruteforceTools(HackingToolsCollection):
FILE: tools/others/socialmedia_finder.py
class FacialFind (line 11) | class FacialFind(HackingTool):
method run (line 30) | def run(self):
class FindUser (line 41) | class FindUser(HackingTool):
class Sherlock (line 52) | class Sherlock(HackingTool):
method run (line 63) | def run(self):
class SocialScan (line 74) | class SocialScan(HackingTool):
method run (line 81) | def run(self):
class SocialMediaFinderTools (line 87) | class SocialMediaFinderTools(HackingToolsCollection):
FILE: tools/others/web_crawling.py
class GoSpider (line 8) | class GoSpider(HackingTool):
method __init__ (line 14) | def __init__(self):
class WebCrawlingTools (line 18) | class WebCrawlingTools(HackingToolsCollection):
FILE: tools/others/wifi_jamming.py
class WifiJammerNG (line 8) | class WifiJammerNG(HackingTool):
class KawaiiDeauther (line 23) | class KawaiiDeauther(HackingTool):
class WifiJammingTools (line 37) | class WifiJammingTools(HackingToolsCollection):
FILE: tools/payload_creator.py
class TheFatRat (line 7) | class TheFatRat(HackingTool):
method __init__ (line 21) | def __init__(self):
method update (line 27) | def update(self):
method troubleshoot (line 34) | def troubleshoot(self):
class Brutal (line 41) | class Brutal(HackingTool):
method show_info (line 55) | def show_info(self):
class Stitch (line 66) | class Stitch(HackingTool):
class MSFVenom (line 81) | class MSFVenom(HackingTool):
class Venom (line 96) | class Venom(HackingTool):
class Spycam (line 109) | class Spycam(HackingTool):
class MobDroid (line 120) | class MobDroid(HackingTool):
class Enigma (line 129) | class Enigma(HackingTool):
class PayloadCreatorTools (line 138) | class PayloadCreatorTools(HackingToolsCollection):
FILE: tools/phishing_attack.py
class Autophisher (line 6) | class Autophisher(HackingTool):
class Pyphisher (line 17) | class Pyphisher(HackingTool):
class AdvPhishing (line 30) | class AdvPhishing(HackingTool):
class Setoolkit (line 43) | class Setoolkit(HackingTool):
class SocialFish (line 58) | class SocialFish(HackingTool):
class HiddenEye (line 70) | class HiddenEye(HackingTool):
class Evilginx3 (line 86) | class Evilginx3(HackingTool):
class ISeeYou (line 104) | class ISeeYou(HackingTool):
class SayCheese (line 119) | class SayCheese(HackingTool):
class QRJacking (line 128) | class QRJacking(HackingTool):
class BlackEye (line 142) | class BlackEye(HackingTool):
class ShellPhish (line 153) | class ShellPhish(HackingTool):
class Thanos (line 162) | class Thanos(HackingTool):
class QRLJacking (line 175) | class QRLJacking(HackingTool):
class Maskphish (line 190) | class Maskphish(HackingTool):
class BlackPhish (line 201) | class BlackPhish(HackingTool):
method __init__ (line 211) | def __init__(self):
method update (line 215) | def update(self):
class Dnstwist (line 221) | class Dnstwist(HackingTool):
class PhishingAttackTools (line 231) | class PhishingAttackTools(HackingToolsCollection):
FILE: tools/post_exploitation.py
class Vegile (line 9) | class Vegile(HackingTool):
method before_run (line 23) | def before_run(self):
class ChromeKeyLogger (line 32) | class ChromeKeyLogger(HackingTool):
class PwncatCS (line 44) | class PwncatCS(HackingTool):
class Sliver (line 57) | class Sliver(HackingTool):
class Havoc (line 69) | class Havoc(HackingTool):
class PEASSng (line 82) | class PEASSng(HackingTool):
class LigoloNg (line 93) | class LigoloNg(HackingTool):
class ChiselTunnel (line 105) | class ChiselTunnel(HackingTool):
class EvilWinRM (line 116) | class EvilWinRM(HackingTool):
class Mythic (line 126) | class Mythic(HackingTool):
class PostExploitationTools (line 139) | class PostExploitationTools(HackingToolsCollection):
FILE: tools/remote_administration.py
class Pyshell (line 11) | class Pyshell(HackingTool):
class RemoteAdministrationTools (line 23) | class RemoteAdministrationTools(HackingToolsCollection):
FILE: tools/reverse_engineering.py
class AndroGuard (line 9) | class AndroGuard(HackingTool):
method __init__ (line 16) | def __init__(self):
class Apk2Gold (line 20) | class Apk2Gold(HackingTool):
method run (line 30) | def run(self):
class Jadx (line 35) | class Jadx(HackingTool):
method __init__ (line 50) | def __init__(self):
class Ghidra (line 55) | class Ghidra(HackingTool):
class Radare2 (line 67) | class Radare2(HackingTool):
class ReverseEngineeringTools (line 79) | class ReverseEngineeringTools(HackingToolsCollection):
FILE: tools/sql_injection.py
class Sqlmap (line 7) | class Sqlmap(HackingTool):
class NoSqlMap (line 17) | class NoSqlMap(HackingTool):
class SQLiScanner (line 30) | class SQLiScanner(HackingTool):
method __init__ (line 36) | def __init__(self):
class Explo (line 40) | class Explo(HackingTool):
method __init__ (line 49) | def __init__(self):
class Blisqy (line 53) | class Blisqy(HackingTool):
method __init__ (line 59) | def __init__(self):
class Leviathan (line 63) | class Leviathan(HackingTool):
class SQLScan (line 72) | class SQLScan(HackingTool):
class SqlInjectionTools (line 82) | class SqlInjectionTools(HackingToolsCollection):
FILE: tools/steganography.py
class SteganoHide (line 10) | class SteganoHide(HackingTool):
method run (line 14) | def run(self):
class StegnoCracker (line 39) | class StegnoCracker(HackingTool):
method run (line 44) | def run(self):
class StegoCracker (line 50) | class StegoCracker(HackingTool):
class Whitespace (line 64) | class Whitespace(HackingTool):
class SteganographyTools (line 75) | class SteganographyTools(HackingToolsCollection):
FILE: tools/tool_manager.py
class UpdateTool (line 12) | class UpdateTool(HackingTool):
method __init__ (line 16) | def __init__(self):
method update_sys (line 22) | def update_sys(self):
method update_ht (line 33) | def update_ht(self):
class UninstallTool (line 54) | class UninstallTool(HackingTool):
method __init__ (line 58) | def __init__(self):
method uninstall (line 63) | def uninstall(self):
class ToolManager (line 88) | class ToolManager(HackingToolsCollection):
FILE: tools/web_attack.py
class Web2Attack (line 8) | class Web2Attack(HackingTool):
class Skipfish (line 18) | class Skipfish(HackingTool):
method __init__ (line 30) | def __init__(self):
class SubDomainFinder (line 34) | class SubDomainFinder(HackingTool):
class CheckURL (line 51) | class CheckURL(HackingTool):
class Blazy (line 62) | class Blazy(HackingTool):
method __init__ (line 71) | def __init__(self):
class SubDomainTakeOver (line 75) | class SubDomainTakeOver(HackingTool):
method __init__ (line 89) | def __init__(self):
class Dirb (line 93) | class Dirb(HackingTool):
method run (line 107) | def run(self):
class Nuclei (line 112) | class Nuclei(HackingTool):
class Ffuf (line 127) | class Ffuf(HackingTool):
class Feroxbuster (line 141) | class Feroxbuster(HackingTool):
class Nikto (line 156) | class Nikto(HackingTool):
class Wafw00f (line 168) | class Wafw00f(HackingTool):
class Katana (line 182) | class Katana(HackingTool):
class Gobuster (line 196) | class Gobuster(HackingTool):
class Dirsearch (line 205) | class Dirsearch(HackingTool):
class OwaspZap (line 213) | class OwaspZap(HackingTool):
class TestSSL (line 222) | class TestSSL(HackingTool):
class Arjun (line 230) | class Arjun(HackingTool):
class Caido (line 238) | class Caido(HackingTool):
class Mitmproxy (line 249) | class Mitmproxy(HackingTool):
class WebAttackTools (line 257) | class WebAttackTools(HackingToolsCollection):
FILE: tools/wireless_attack.py
class WIFIPumpkin (line 6) | class WIFIPumpkin(HackingTool):
class pixiewps (line 24) | class pixiewps(HackingTool):
method run (line 41) | def run(self):
class BluePot (line 51) | class BluePot(HackingTool):
class Fluxion (line 68) | class Fluxion(HackingTool):
class Wifiphisher (line 81) | class Wifiphisher(HackingTool):
class Wifite (line 98) | class Wifite(HackingTool):
class EvilTwin (line 111) | class EvilTwin(HackingTool):
class Fastssh (line 124) | class Fastssh(HackingTool):
class Howmanypeople (line 139) | class Howmanypeople(HackingTool):
class Airgeddon (line 157) | class Airgeddon(HackingTool):
class Hcxdumptool (line 172) | class Hcxdumptool(HackingTool):
class Hcxtools (line 188) | class Hcxtools(HackingTool):
class Bettercap (line 203) | class Bettercap(HackingTool):
class WirelessAttackTools (line 212) | class WirelessAttackTools(HackingToolsCollection):
FILE: tools/wordlist_generator.py
class Cupp (line 12) | class Cupp(HackingTool):
method show_info (line 20) | def show_info(self):
class WlCreator (line 31) | class WlCreator(HackingTool):
method show_info (line 41) | def show_info(self):
class GoblinWordGenerator (line 52) | class GoblinWordGenerator(HackingTool):
method show_info (line 60) | def show_info(self):
class showme (line 71) | class showme(HackingTool):
method show_info (line 85) | def show_info(self):
class Hashcat (line 96) | class Hashcat(HackingTool):
class JohnTheRipper (line 108) | class JohnTheRipper(HackingTool):
class Haiti (line 120) | class Haiti(HackingTool):
class WordlistGeneratorTools (line 132) | class WordlistGeneratorTools(HackingToolsCollection):
method show_info (line 144) | def show_info(self):
FILE: tools/xss_attack.py
class Dalfox (line 9) | class Dalfox(HackingTool):
class XSSPayloadGenerator (line 22) | class XSSPayloadGenerator(HackingTool):
class XSSFinder (line 33) | class XSSFinder(HackingTool):
method after_install (line 40) | def after_install(self):
method run (line 50) | def run(self):
class XSSFreak (line 60) | class XSSFreak(HackingTool):
class XSpear (line 71) | class XSpear(HackingTool):
class XSSCon (line 79) | class XSSCon(HackingTool):
method run (line 87) | def run(self):
class XanXSS (line 99) | class XanXSS(HackingTool):
method run (line 105) | def run(self):
class XSSStrike (line 111) | class XSSStrike(HackingTool):
method __init__ (line 121) | def __init__(self):
class RVuln (line 125) | class RVuln(HackingTool):
class XSSAttackTools (line 140) | class XSSAttackTools(HackingToolsCollection):
method show_info (line 154) | def show_info(self):
Condensed preview — 58 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (240K chars).
[
{
"path": ".dockerignore",
"chars": 316,
"preview": "# Version control\n.git/\n.gitignore\n\n# GitHub / docs\n.github/\nimages/\n*.md\n\n# Python cache\n__pycache__/\n*.py[cod]\n*.pyo\n."
},
{
"path": ".github/FUNDING.yml",
"chars": 29,
"preview": "buy_me_a_coffee: hardikzinzu\n"
},
{
"path": ".github/ISSUE_TEMPLATE/bug_report.md",
"chars": 746,
"preview": "---\nname: Bug Report\nabout: Report a broken install, crash, or unexpected behavior\ntitle: \"[BUG] <tool name> — <short de"
},
{
"path": ".github/ISSUE_TEMPLATE/feature_request.md",
"chars": 512,
"preview": "---\nname: Feature Request\nabout: Suggest an improvement to hackingtool itself (not a new tool addition — use the Tool Re"
},
{
"path": ".github/ISSUE_TEMPLATE/tool_request.md",
"chars": 1423,
"preview": "---\nname: Tool Request\nabout: Suggest a new tool to be added to hackingtool\ntitle: \"[Tool Request] <ToolName> — <Categor"
},
{
"path": ".github/PULL_REQUEST_TEMPLATE.md",
"chars": 1407,
"preview": "<!--\n TITLE FORMAT\n ─────────────────────────────────────────────────────────────────\n Adding a new tool → [New Too"
},
{
"path": ".github/workflows/lint_python.yml",
"chars": 1118,
"preview": "name: lint_python\non:\n pull_request:\n branches: [master]\n push:\n branches: [master]\njobs:\n lint_python:\n run"
},
{
"path": ".github/workflows/test_install.yml",
"chars": 841,
"preview": "name: test_install\non:\n pull_request:\n branches: [master]\n push:\n branches: [master]\njobs:\n test_install:\n r"
},
{
"path": ".gitignore",
"chars": 3642,
"preview": "# Created by https://www.toptal.com/developers/gitignore/api/python,venv\n# Edit at https://www.toptal.com/developers/git"
},
{
"path": "Dockerfile",
"chars": 1344,
"preview": "# syntax=docker/dockerfile:1\n# Enables BuildKit features (cache mounts, faster builds)\nFROM kalilinux/kali-rolling:lates"
},
{
"path": "LICENSE",
"chars": 1065,
"preview": "MIT License\n\nCopyright (c) 2020 Mr.Z4nzu\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\no"
},
{
"path": "README.md",
"chars": 18332,
"preview": "<div align=\"center\">\n\n<img src=\"images/logo.svg\" alt=\"HackingTool\" width=\"600\">\n\n<p><b>All-in-One Hacking Tool for Secur"
},
{
"path": "README_template.md",
"chars": 5572,
"preview": "<div align=\"center\">\n\n# HackingTool\n\n**All-in-One Hacking Tool for Security Researchers & Pentesters**\n\n[![License](http"
},
{
"path": "config.py",
"chars": 1419,
"preview": "import json\nimport logging\nfrom pathlib import Path\nfrom typing import Any\n\nfrom constants import USER_CONFIG_FILE, USER"
},
{
"path": "constants.py",
"chars": 2532,
"preview": "from pathlib import Path\nimport platform\nimport shutil as _shutil\n\n# ── Repository ─────────────────────────────────────"
},
{
"path": "core.py",
"chars": 19014,
"preview": "import os\nimport shutil\nimport sys\nimport webbrowser\nfrom collections.abc import Callable\nfrom platform import system\n\nf"
},
{
"path": "docker-compose.yml",
"chars": 1040,
"preview": "# docker-compose.yml\n# Use: docker compose up -d then docker exec -it hackingtool bash\n#\n# Profiles:\n# (default) — "
},
{
"path": "generate_readme.py",
"chars": 1617,
"preview": "# coding=utf-8\nimport re\n\nfrom rich.console import Console\nfrom rich.theme import Theme\n\nfrom core import HackingTool\nfr"
},
{
"path": "hackingtool.py",
"chars": 25784,
"preview": "#!/usr/bin/env python3\nimport sys\n\n# ── Python version guard (must be before any other local import) ───────────────\nif "
},
{
"path": "images/demo",
"chars": 1,
"preview": "\n"
},
{
"path": "install.py",
"chars": 9912,
"preview": "#!/usr/bin/env python3\nimport os\nimport sys\nimport shutil\nimport subprocess\nfrom pathlib import Path\n\n# ── Python versio"
},
{
"path": "install.sh",
"chars": 5309,
"preview": "#!/usr/bin/env bash\n# ──────────────────────────────────────────────────────────────────────────────\n# HackingTool — One"
},
{
"path": "os_detect.py",
"chars": 4841,
"preview": "import platform\nimport shutil\nfrom dataclasses import dataclass, field\nfrom pathlib import Path\n\n\n@dataclass\nclass OSInf"
},
{
"path": "requirements.txt",
"chars": 202,
"preview": "# Python dependencies for hackingtool\n# boxes and lolcat are system CLI tools, not pip packages — install via apt/brew\n#"
},
{
"path": "tools/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "tools/active_directory.py",
"chars": 2751,
"preview": "from core import HackingTool\nfrom core import HackingToolsCollection\n\n\nclass BloodHound(HackingTool):\n TITLE = \"Blood"
},
{
"path": "tools/anonsurf.py",
"chars": 1861,
"preview": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass AnonymouslySurf(HackingTool):\n TITLE"
},
{
"path": "tools/cloud_security.py",
"chars": 1896,
"preview": "from core import HackingTool\nfrom core import HackingToolsCollection\n\n\nclass Prowler(HackingTool):\n TITLE = \"Prowler "
},
{
"path": "tools/ddos.py",
"chars": 5001,
"preview": "import subprocess\n\nfrom rich.prompt import Prompt\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass"
},
{
"path": "tools/exploit_frameworks.py",
"chars": 2423,
"preview": "from core import HackingTool, HackingToolsCollection, console\nfrom tools.web_attack import Web2Attack\n\nfrom rich.panel i"
},
{
"path": "tools/forensics.py",
"chars": 5517,
"preview": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.text im"
},
{
"path": "tools/information_gathering.py",
"chars": 13126,
"preview": "import os\nimport socket\nimport subprocess\nimport webbrowser\nimport sys\n\nfrom core import HackingTool, HackingToolsCollec"
},
{
"path": "tools/mobile_security.py",
"chars": 1597,
"preview": "from core import HackingTool\nfrom core import HackingToolsCollection\n\n\nclass MobSF(HackingTool):\n TITLE = \"MobSF (Mob"
},
{
"path": "tools/other_tools.py",
"chars": 1906,
"preview": "import os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\nfrom tools.others.android_att"
},
{
"path": "tools/others/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "tools/others/android_attack.py",
"chars": 2930,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/others/email_verifier.py",
"chars": 702,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/others/hash_crack.py",
"chars": 783,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/others/homograph_attacks.py",
"chars": 706,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/others/mix_tools.py",
"chars": 1565,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/others/payload_injection.py",
"chars": 1227,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/others/socialmedia.py",
"chars": 2679,
"preview": "import contextlib\nimport os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich."
},
{
"path": "tools/others/socialmedia_finder.py",
"chars": 3721,
"preview": "import os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel"
},
{
"path": "tools/others/web_crawling.py",
"chars": 653,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/others/wifi_jamming.py",
"chars": 1490,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/payload_creator.py",
"chars": 5318,
"preview": "import os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass TheFatRat(HackingTool"
},
{
"path": "tools/phishing_attack.py",
"chars": 9416,
"preview": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass Autophisher(HackingTool):\n TITLE = \""
},
{
"path": "tools/post_exploitation.py",
"chars": 5351,
"preview": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt "
},
{
"path": "tools/remote_administration.py",
"chars": 986,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/reverse_engineering.py",
"chars": 3052,
"preview": "import subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich"
},
{
"path": "tools/sql_injection.py",
"chars": 4010,
"preview": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prom"
},
{
"path": "tools/steganography.py",
"chars": 2671,
"preview": "import subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\nfrom core import validate_input\n\nfrom r"
},
{
"path": "tools/tool_manager.py",
"chars": 3567,
"preview": "import os\nimport sys\nimport subprocess\nfrom time import sleep\n\nfrom rich.prompt import Confirm\n\nfrom core import Hacking"
},
{
"path": "tools/web_attack.py",
"chars": 9544,
"preview": "import subprocess\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich."
},
{
"path": "tools/wireless_attack.py",
"chars": 8233,
"preview": "from rich.prompt import Prompt\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass WIFIPumpkin(Hackin"
},
{
"path": "tools/wordlist_generator.py",
"chars": 6017,
"preview": "import os\nimport subprocess\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich.table import Table\nfr"
},
{
"path": "tools/xss_attack.py",
"chars": 5517,
"preview": "import os\nimport subprocess\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\nfrom core import HackingTool, H"
},
{
"path": "update.sh",
"chars": 956,
"preview": "#!/bin/bash\nset -euo pipefail\n\nINSTALL_DIR=\"/usr/share/hackingtool\"\n\nif [[ $EUID -ne 0 ]]; then\n echo \"[ERROR] Run as"
}
]
About this extraction
This page contains the full source code of the Z4nzu/hackingtool GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 58 files (219.9 KB), approximately 59.8k tokens, and a symbol index with 353 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.