[ { "path": ".dockerignore", "content": "# Version control\n.git/\n.gitignore\n\n# GitHub / docs\n.github/\nimages/\n*.md\n\n# Python cache\n__pycache__/\n*.py[cod]\n*.pyo\n.mypy_cache/\n.ruff_cache/\n.pytest_cache/\n\n# Tests\ntests/\ntest_*.py\n\n# Docker files themselves (don't recurse)\nDockerfile\ndocker-compose.yml\n.dockerignore\n\n# OS / editor noise\n.DS_Store\n*.swp\n*.swo\n" }, { "path": ".github/FUNDING.yml", "content": "buy_me_a_coffee: hardikzinzu\n" }, { "path": ".github/ISSUE_TEMPLATE/bug_report.md", "content": "---\nname: Bug Report\nabout: Report a broken install, crash, or unexpected behavior\ntitle: \"[BUG] \"\nlabels: bug\nassignees: ''\n---\n\n## Description\n\n\n## Affected Tool\n- **Category:** \n- **Tool name:** \n\n## Steps to Reproduce\n1.\n2.\n3.\n\n## Expected Behavior\n\n\n## Error Output\n```\n\n```\n\n## Environment\n| Field | Value |\n|---|---|\n| OS | |\n| Python | |\n| hackingtool | v2.0.0 |\n\n## Additional Context\n\n" }, { "path": ".github/ISSUE_TEMPLATE/feature_request.md", "content": "---\nname: Feature Request\nabout: Suggest an improvement to hackingtool itself (not a new tool addition — use the Tool Request template for that)\ntitle: \"[FEATURE] \"\nlabels: enhancement\nassignees: ''\n---\n\n## Problem\n\n\n## Proposed Solution\n\n\n## Alternatives Considered\n\n\n## Additional Context\n\n" }, { "path": ".github/ISSUE_TEMPLATE/tool_request.md", "content": "---\nname: Tool Request\nabout: Suggest a new tool to be added to hackingtool\ntitle: \"[Tool Request] \"\nlabels: tool-request\nassignees: ''\n---\n\n\n\n## Tool Details\n\n| Field | Value |\n|---|---|\n| **Tool name** | |\n| **GitHub URL** | |\n| **Category** | |\n| **Supported OS** | |\n| **Language** | |\n| **Install method** | |\n\n## Why should it be added?\n\n\n## Install Command\n```bash\n# paste the install command(s) here\n```\n\n## Run Command\n```bash\n# paste the run/usage command here\n```\n\n## Is the tool actively maintained?\n\n\n## Additional Notes\n\n" }, { "path": ".github/PULL_REQUEST_TEMPLATE.md", "content": "\n\n## Type of Change\n- [ ] New tool addition\n- [ ] Bug fix\n- [ ] Improvement / refactor\n- [ ] Documentation update\n\n---\n\n## For New Tool Additions — Required Fields\n\n| Field | Value |\n|---|---|\n| **Tool name** | |\n| **GitHub URL** | |\n| **Category** | |\n| **Supported OS** | Linux / macOS / Both |\n| **Install method** | pip / go install / apt / git clone |\n\n**Why should it be added?**\n\n\n**Is the tool actively maintained?**\n\n\n---\n\n## Checklist\n\n- [ ] Title follows the format above\n- [ ] New tool class added to the correct `tools/*.py` file\n- [ ] `TITLE`, `DESCRIPTION`, `INSTALL_COMMANDS`, `RUN_COMMANDS`, `PROJECT_URL` all set\n- [ ] `SUPPORTED_OS` set correctly (`[\"linux\"]` / `[\"linux\", \"macos\"]`)\n- [ ] Tool added to the `TOOLS` list in the collection class at the bottom of the file\n- [ ] No new dependencies added to `requirements.txt` without discussion\n- [ ] Tested locally — install and run commands work\n" }, { "path": ".github/workflows/lint_python.yml", "content": "name: lint_python\non:\n pull_request:\n branches: [master]\n push:\n branches: [master]\njobs:\n lint_python:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n - uses: actions/setup-python@v5\n with:\n python-version: \"3.12\"\n - run: pip install --upgrade pip ruff setuptools wheel\n - name: \"Ruff: Show stopper (must-fix) issues\"\n run: ruff check . --select=E9,F63,F7,F82,PLE,YTT --output-format=full\n - name: \"Ruff: All issues\"\n run: ruff check --exit-zero --select=ALL --statistics --target-version=py310 .\n - name: \"Ruff: All fixable (ruff --fix) issues\"\n run: ruff check --exit-zero --select=ALL --ignore=ANN204,COM812,ERA001,RSE102 --statistics --target-version=py310 . | grep \"\\[\\*\\]\" || true\n - run: pip install black codespell mypy pytest\n - run: black --check . || true\n - run: codespell\n - run: pip install -r requirements.txt || true\n - run: mkdir --parents --verbose .mypy_cache\n - run: mypy --ignore-missing-imports --install-types --non-interactive . || true\n - run: pytest . || true\n" }, { "path": ".github/workflows/test_install.yml", "content": "name: test_install\non:\n pull_request:\n branches: [master]\n push:\n branches: [master]\njobs:\n test_install:\n runs-on: ubuntu-latest\n env:\n TERM: \"linux\"\n steps:\n - uses: actions/checkout@v4\n - uses: actions/setup-python@v5\n with:\n python-version: \"3.12\"\n cache: 'pip'\n - run: pip install --upgrade pip\n - run: pip install -r requirements.txt\n - run: sudo python3 install.py 1\n # Verify the hackingtool entrypoint is on PATH\n - run: which hackingtool\n # Smoke test: launch and immediately quit (99)\n - name: \"Smoke test: launch and quit\"\n run: echo -e \"99\\n\" | hackingtool || true\n # Navigate into first category and back out\n - name: \"Navigation test: enter category 1, quit\"\n run: echo -e \"1\\n99\\n99\\n\" | hackingtool || true\n" }, { "path": ".gitignore", "content": "# Created by https://www.toptal.com/developers/gitignore/api/python,venv\n# Edit at https://www.toptal.com/developers/gitignore?templates=python,venv\n\n### Python ###\n# Byte-compiled / optimized / DLL files\n__pycache__/\n*.py[cod]\n*$py.class\n\n# C extensions\n*.so\n\n# Distribution / packaging\n.Python\nbuild/\ndevelop-eggs/\ndist/\ndownloads/\neggs/\n.eggs/\nlib/\nlib64/\nparts/\nsdist/\nvar/\nwheels/\nshare/python-wheels/\n*.egg-info/\n.installed.cfg\n*.egg\nMANIFEST\n\n# PyInstaller\n# Usually these files are written by a python script from a template\n# before PyInstaller builds the exe, so as to inject date/other infos into it.\n*.manifest\n*.spec\n\n# Installer logs\npip-log.txt\npip-delete-this-directory.txt\n\n# Unit test / coverage reports\nhtmlcov/\n.tox/\n.nox/\n.coverage\n.coverage.*\n.cache\nnosetests.xml\ncoverage.xml\n*.cover\n*.py,cover\n.hypothesis/\n.pytest_cache/\ncover/\n.idea/\n# Translations\n*.mo\n*.pot\n\n# Django stuff:\n*.log\nlocal_settings.py\ndb.sqlite3\ndb.sqlite3-journal\n\n# Flask stuff:\ninstance/\n.webassets-cache\n\n# Scrapy stuff:\n.scrapy\n\n# Sphinx documentation\ndocs/_build/\n\n# PyBuilder\n.pybuilder/\ntarget/\n\n# Jupyter Notebook\n.ipynb_checkpoints\n\n# IPython\nprofile_default/\nipython_config.py\n\n# pyenv\n# For a library or package, you might want to ignore these files since the code is\n# intended to run in multiple environments; otherwise, check them in:\n# .python-version\n\n# pipenv\n# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.\n# However, in case of collaboration, if having platform-specific dependencies or dependencies\n# having no cross-platform support, pipenv may install dependencies that don't work, or not\n# install all needed dependencies.\n#Pipfile.lock\n\n# poetry\n# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.\n# This is especially recommended for binary packages to ensure reproducibility, and is more\n# commonly ignored for libraries.\n# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control\n#poetry.lock\n\n# pdm\n# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.\n#pdm.lock\n# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it\n# in version control.\n# https://pdm.fming.dev/#use-with-ide\n.pdm.toml\n\n# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm\n__pypackages__/\n\n# Celery stuff\ncelerybeat-schedule\ncelerybeat.pid\n\n# SageMath parsed files\n*.sage.py\n\n# Environments\n.env\n.venv\nenv/\nvenv/\nENV/\nenv.bak/\nvenv.bak/\n\n# Spyder project settings\n.spyderproject\n.spyproject\n\n# Rope project settings\n.ropeproject\n\n# mkdocs documentation\n/site\n\n# mypy\n.mypy_cache/\n.dmypy.json\ndmypy.json\n\n# Pyre type checker\n.pyre/\n\n# pytype static type analyzer\n.pytype/\n\n# Cython debug symbols\ncython_debug/\n\n# PyCharm\n# JetBrains specific template is maintained in a separate JetBrains.gitignore that can\n# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore\n# and can be added to the global gitignore or merged into this file. For a more nuclear\n# option (not recommended) you can uncomment the following to ignore the entire idea folder.\n#.idea/\n\n### Python Patch ###\n# Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration\npoetry.toml\n\n# ruff\n.ruff_cache/\n\n### venv ###\n# Virtualenv\n# http://iamzed.com/2009/05/07/a-primer-on-virtualenv/\n[Bb]in\n[Ii]nclude\n[Ll]ib\n[Ll]ib64\n[Ll]ocal\n[Ss]cripts\npyvenv.cfg\npip-selfcheck.json\n\n# End of https://www.toptal.com/developers/gitignore/api/python,venv\n" }, { "path": "Dockerfile", "content": "# syntax=docker/dockerfile:1\n# Enables BuildKit features (cache mounts, faster builds)\nFROM kalilinux/kali-rolling:latest\n\nLABEL org.opencontainers.image.title=\"hackingtool\" \\\n org.opencontainers.image.description=\"All-in-One Hacking Tool for Security Researchers\" \\\n org.opencontainers.image.source=\"https://github.com/Z4nzu/hackingtool\" \\\n org.opencontainers.image.licenses=\"MIT\"\n\n# Install system dependencies\n# - sudo and python3-venv are not needed (container runs as root, venv unused)\n# - --no-install-recommends keeps the layer lean\nRUN apt-get update && \\\n apt-get install -y --no-install-recommends \\\n git python3-pip python3-venv curl wget php && \\\n rm -rf /var/lib/apt/lists/*\n\nWORKDIR /root/hackingtool\n\n# Copy requirements first so this layer is cached unless requirements change\nCOPY requirements.txt ./\n\n# --mount=type=cache persists the pip cache across rebuilds (BuildKit only)\n# --break-system-packages required on Kali (PEP 668 externally-managed env)\nRUN --mount=type=cache,target=/root/.cache/pip \\\n pip3 install --break-system-packages -r requirements.txt\n\n# Copy the rest of the source (respects .dockerignore)\nCOPY . .\n\n# Ensure the tools directory exists for installs performed at runtime\nRUN mkdir -p /root/.hackingtool/tools\n\nENTRYPOINT [\"python3\", \"/root/hackingtool/hackingtool.py\"]\n" }, { "path": "LICENSE", "content": "MIT License\n\nCopyright (c) 2020 Mr.Z4nzu\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n" }, { "path": "README.md", "content": "
\n\n\"HackingTool\"\n\n

All-in-One Hacking Tool for Security Researchers & Pentesters

\n\n[![License](https://img.shields.io/github/license/Z4nzu/hackingtool)](LICENSE) \n[![Python](https://img.shields.io/badge/Python-3.10+-3776AB?style=flat-square&logo=python&logoColor=white)](https://www.python.org/) \n[![Version](https://img.shields.io/badge/v2.0.0-00FF88?style=flat-square)](#) \n[![Stars](https://img.shields.io/github/stars/Z4nzu/hackingtool?style=flat-square&color=yellow)](https://github.com/Z4nzu/hackingtool/stargazers) \n[![Forks](https://img.shields.io/github/forks/Z4nzu/hackingtool?style=flat-square&color=blue)](https://github.com/Z4nzu/hackingtool/network/members) \n[![Issues](https://img.shields.io/github/issues/Z4nzu/hackingtool?style=flat-square&color=red)](https://github.com/Z4nzu/hackingtool/issues) \n[![Last Commit](https://img.shields.io/github/last-commit/Z4nzu/hackingtool?style=flat-square&color=00FF88)](https://github.com/Z4nzu/hackingtool/commits/master)\n\n![](https://img.shields.io/badge/20_Categories-7B61FF?style=for-the-badge)\n![](https://img.shields.io/badge/185+_Tools-00FF88?style=for-the-badge)\n![](https://img.shields.io/badge/19_Tags-FF61DC?style=for-the-badge)\n![](https://img.shields.io/badge/Linux_%7C_Kali_%7C_Parrot_%7C_macOS-FFA116?style=for-the-badge&logo=linux&logoColor=white)\n\n\"Install \n\"Quick \n\"Suggest\n\n
\n\n---\n\n\n## What's New in v2.0.0\n\n\n\n
\n\n| | Feature | Description |\n|:---:|---|---|\n| **🐍** | **Python 3.10+** | All Python 2 code removed, modern syntax throughout |\n| **🖥** | **OS-aware menus** | Linux-only tools hidden automatically on macOS |\n| **📦** | **185+ tools** | 35 new modern tools added across 6 categories |\n| **🔍** | **Search** | Type `/` to search all tools by name, description, or keyword |\n| **🏷** | **Tag filter** | Type `t` to filter by 19 tags — osint, web, c2, cloud, mobile... |\n| **💡** | **Recommend** | Type `r` — \"I want to scan a network\" → shows relevant tools |\n| **✅** | **Install status** | ✔/✘ shown next to every tool — know what's ready |\n| **⚡** | **Install all** | Option `97` in any category — batch install at once |\n| **🔄** | **Smart update** | Each tool has Update — auto-detects git pull / pip upgrade / go install |\n| **📂** | **Open folder** | Jump into any tool's directory for manual inspection |\n| **🐳** | **Docker** | Builds locally — no unverified external images |\n| **🚀** | **One-liner install** | `curl -sSL .../install.sh \\| sudo bash` — zero manual steps |\n| **🏢** | **3 new categories** | Active Directory, Cloud Security, Mobile Security |\n\n
\n\n\n\n---\n\n## Quick Commands\n\n
\n\n| Command | Action | Works in |\n|:---:|---|:---:|\n| `/query` | **Search** — find tools instantly by keyword | Main menu |\n| `t` | **Tags** — filter by osint, scanner, c2, cloud, mobile... | Main menu |\n| `r` | **Recommend** — \"I want to do X\" → matching tools | Main menu |\n| `?` | **Help** — quick reference card | Everywhere |\n| `q` | **Quit** — exit from any depth | Everywhere |\n| `97` | **Install All** — batch install all tools in category | Category |\n| `99` | **Back** — return to previous menu | Everywhere |\n\n
\n\n---\n\n\n## Tool Categories\n\n
\n\n| # | Category | Tools | | # | Category | Tools |\n|:---:|---|:---:|---|:---:|---|:---:|\n| 1 | 🛡 [Anonymously Hiding](#anonymously-hiding-tools) | 2 | | 11 | 🧰 [Exploit Framework](#exploit-framework) | 4 |\n| 2 | 🔍 [Information Gathering](#information-gathering-tools) | 26 | | 12 | 🔁 [Reverse Engineering](#reverse-engineering-tools) | 5 |\n| 3 | 📚 [Wordlist Generator](#wordlist-generator) | 7 | | 13 | ⚡ [DDOS Attack](#ddos-attack-tools) | 5 |\n| 4 | 📶 [Wireless Attack](#wireless-attack-tools) | 13 | | 14 | 🖥 [RAT](#remote-administrator-tools-rat) | 1 |\n| 5 | 🧩 [SQL Injection](#sql-injection-tools) | 7 | | 15 | 💥 [XSS Attack](#xss-attack-tools) | 9 |\n| 6 | 🎣 [Phishing Attack](#phishing-attack-tools) | 17 | | 16 | 🖼 [Steganography](#steganography-tools) | 4 |\n| 7 | 🌐 [Web Attack](#web-attack-tools) | 20 | | 17 | 🏢 [Active Directory](#active-directory-tools) | 6 |\n| 8 | 🔧 [Post Exploitation](#post-exploitation-tools) | 10 | | 18 | ☁ [Cloud Security](#cloud-security-tools) | 4 |\n| 9 | 🕵 [Forensics](#forensic-tools) | 8 | | 19 | 📱 [Mobile Security](#mobile-security-tools) | 3 |\n| 10 | 📦 [Payload Creation](#payload-creation-tools) | 8 | | 20 | ✨ [Other Tools](#other-tools) | 24 |\n\n
\n\n\n\n---\n\n\n## 🛡 Anonymously Hiding Tools\n\n- [Anonymously Surf](https://github.com/Und3rf10w/kali-anonsurf)\n- [Multitor](https://github.com/trimstray/multitor)\n\n\n\n## 🔍 Information Gathering Tools\n\n- [Network Map (nmap)](https://github.com/nmap/nmap)\n- [Dracnmap](https://github.com/Screetsec/Dracnmap)\n- Port scanning\n- Host to IP\n- [Xerosploit](https://github.com/LionSec/xerosploit)\n- [RED HAWK](https://github.com/Tuhinshubhra/RED_HAWK)\n- [ReconSpider](https://github.com/bhavsec/reconspider)\n- IsItDown\n- [Infoga](https://github.com/m4ll0k/Infoga)\n- [ReconDog](https://github.com/s0md3v/ReconDog)\n- [Striker](https://github.com/s0md3v/Striker)\n- [SecretFinder](https://github.com/m4ll0k/SecretFinder)\n- [Shodanfy](https://github.com/m4ll0k/Shodanfy.py)\n- [rang3r](https://github.com/floriankunushevci/rang3r)\n- [Breacher](https://github.com/s0md3v/Breacher)\n- [theHarvester](https://github.com/laramies/theHarvester) ★\n- [Amass](https://github.com/owasp-amass/amass) ★\n- [Masscan](https://github.com/robertdavidgraham/masscan) ★\n- [RustScan](https://github.com/RustScan/RustScan) ★\n- [Holehe](https://github.com/megadose/holehe) ★\n- [Maigret](https://github.com/soxoj/maigret) ★\n- [httpx](https://github.com/projectdiscovery/httpx) ★\n- [SpiderFoot](https://github.com/smicallef/spiderfoot) ★\n- [Subfinder](https://github.com/projectdiscovery/subfinder) ★\n- [TruffleHog](https://github.com/trufflesecurity/trufflehog) ★\n- [Gitleaks](https://github.com/gitleaks/gitleaks) ★\n\n\n\n## 📚 Wordlist Generator\n\n- [Cupp](https://github.com/Mebus/cupp)\n- [WordlistCreator](https://github.com/Z4nzu/wlcreator)\n- [Goblin WordGenerator](https://github.com/UndeadSec/GoblinWordGenerator)\n- [Password list (1.4B)](https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got)\n- [Hashcat](https://github.com/hashcat/hashcat) ★\n- [John the Ripper](https://github.com/openwall/john) ★\n- [haiti](https://github.com/noraj/haiti) ★\n\n\n\n## 📶 Wireless Attack Tools\n\n- [WiFi-Pumpkin](https://github.com/P0cL4bs/wifipumpkin3)\n- [pixiewps](https://github.com/wiire/pixiewps)\n- [Bluetooth Honeypot (bluepot)](https://github.com/andrewmichaelsmith/bluepot)\n- [Fluxion](https://github.com/FluxionNetwork/fluxion)\n- [Wifiphisher](https://github.com/wifiphisher/wifiphisher)\n- [Wifite](https://github.com/derv82/wifite2)\n- [EvilTwin](https://github.com/Z4nzu/fakeap)\n- [Fastssh](https://github.com/Z4nzu/fastssh)\n- Howmanypeople\n- [Airgeddon](https://github.com/v1s1t0r1sh3r3/airgeddon) ★\n- [hcxdumptool](https://github.com/ZerBea/hcxdumptool) ★\n- [hcxtools](https://github.com/ZerBea/hcxtools) ★\n- [Bettercap](https://github.com/bettercap/bettercap) ★\n\n\n\n## 🧩 SQL Injection Tools\n\n- [Sqlmap](https://github.com/sqlmapproject/sqlmap)\n- [NoSqlMap](https://github.com/codingo/NoSQLMap)\n- [DSSS](https://github.com/stamparm/DSSS)\n- [Explo](https://github.com/dtag-dev-sec/explo)\n- [Blisqy](https://github.com/JohnTroony/Blisqy)\n- [Leviathan](https://github.com/leviathan-framework/leviathan)\n- [SQLScan](https://github.com/Cvar1984/sqlscan)\n\n\n\n## 🎣 Phishing Attack Tools\n\n- [Autophisher](https://github.com/CodingRanjith/autophisher)\n- [PyPhisher](https://github.com/KasRoudra/PyPhisher)\n- [AdvPhishing](https://github.com/Ignitetch/AdvPhishing)\n- [Setoolkit](https://github.com/trustedsec/social-engineer-toolkit)\n- [SocialFish](https://github.com/UndeadSec/SocialFish)\n- [HiddenEye](https://github.com/Morsmalleo/HiddenEye)\n- [Evilginx3](https://github.com/kgretzky/evilginx2)\n- [I-See-You](https://github.com/Viralmaniar/I-See-You)\n- [SayCheese](https://github.com/hangetzzu/saycheese)\n- [QR Code Jacking](https://github.com/cryptedwolf/ohmyqr)\n- [BlackEye](https://github.com/thelinuxchoice/blackeye)\n- [ShellPhish](https://github.com/An0nUD4Y/shellphish)\n- [Thanos](https://github.com/TridevReddy/Thanos)\n- [QRLJacking](https://github.com/OWASP/QRLJacking)\n- [Maskphish](https://github.com/jaykali/maskphish)\n- [BlackPhish](https://github.com/iinc0gnit0/BlackPhish)\n- [dnstwist](https://github.com/elceef/dnstwist)\n\n\n\n## 🌐 Web Attack Tools\n\n- [Web2Attack](https://github.com/santatic/web2attack)\n- Skipfish\n- [Sublist3r](https://github.com/aboul3la/Sublist3r)\n- [CheckURL](https://github.com/UndeadSec/checkURL)\n- [Sub-Domain TakeOver](https://github.com/edoardottt/takeover)\n- [Dirb](https://gitlab.com/kalilinux/packages/dirb)\n- [Nuclei](https://github.com/projectdiscovery/nuclei) ★\n- [ffuf](https://github.com/ffuf/ffuf) ★\n- [Feroxbuster](https://github.com/epi052/feroxbuster) ★\n- [Nikto](https://github.com/sullo/nikto) ★\n- [wafw00f](https://github.com/EnableSecurity/wafw00f) ★\n- [Katana](https://github.com/projectdiscovery/katana) ★\n- [Gobuster](https://github.com/OJ/gobuster) ★\n- [Dirsearch](https://github.com/maurosoria/dirsearch) ★\n- [OWASP ZAP](https://github.com/zaproxy/zaproxy) ★\n- [testssl.sh](https://github.com/drwetter/testssl.sh) ★\n- [Arjun](https://github.com/s0md3v/Arjun) ★\n- [Caido](https://github.com/caido/caido) ★\n- [mitmproxy](https://github.com/mitmproxy/mitmproxy) ★\n\n\n\n## 🔧 Post Exploitation Tools\n\n- [Vegile](https://github.com/Screetsec/Vegile)\n- [Chrome Keylogger](https://github.com/UndeadSec/HeraKeylogger)\n- [pwncat-cs](https://github.com/calebstewart/pwncat) ★\n- [Sliver](https://github.com/BishopFox/sliver) ★\n- [Havoc](https://github.com/HavocFramework/Havoc) ★\n- [PEASS-ng (LinPEAS/WinPEAS)](https://github.com/peass-ng/PEASS-ng) ★\n- [Ligolo-ng](https://github.com/nicocha30/ligolo-ng) ★\n- [Chisel](https://github.com/jpillora/chisel) ★\n- [Evil-WinRM](https://github.com/Hackplayers/evil-winrm) ★\n- [Mythic](https://github.com/its-a-feature/Mythic) ★\n\n\n\n## 🕵 Forensic Tools\n\n- Autopsy\n- Wireshark\n- [Bulk extractor](https://github.com/simsong/bulk_extractor)\n- [Guymager](https://guymager.sourceforge.io/)\n- [Toolsley](https://www.toolsley.com/)\n- [Volatility 3](https://github.com/volatilityfoundation/volatility3) ★\n- [Binwalk](https://github.com/ReFirmLabs/binwalk) ★\n- [pspy](https://github.com/DominicBreuker/pspy) ★\n\n\n\n## 📦 Payload Creation Tools\n\n- [The FatRat](https://github.com/Screetsec/TheFatRat)\n- [Brutal](https://github.com/Screetsec/Brutal)\n- [Stitch](https://nathanlopez.github.io/Stitch)\n- [MSFvenom Payload Creator](https://github.com/g0tmi1k/msfpc)\n- [Venom](https://github.com/r00t-3xp10it/venom)\n- [Spycam](https://github.com/indexnotfound404/spycam)\n- [Mob-Droid](https://github.com/kinghacker0/Mob-Droid)\n- [Enigma](https://github.com/UndeadSec/Enigma)\n\n\n\n## 🧰 Exploit Framework\n\n- [RouterSploit](https://github.com/threat9/routersploit)\n- [WebSploit](https://github.com/The404Hacking/websploit)\n- [Commix](https://github.com/commixproject/commix)\n- [Web2Attack](https://github.com/santatic/web2attack)\n\n\n\n## 🔁 Reverse Engineering Tools\n\n- [Androguard](https://github.com/androguard/androguard)\n- [Apk2Gold](https://github.com/lxdvs/apk2gold)\n- [JadX](https://github.com/skylot/jadx)\n- [Ghidra](https://github.com/NationalSecurityAgency/ghidra) ★\n- [Radare2](https://github.com/radareorg/radare2) ★\n\n\n\n## ⚡ DDOS Attack Tools\n\n- [DDoS Script](https://github.com/the-deepnet/ddos)\n- [SlowLoris](https://github.com/gkbrk/slowloris)\n- [Asyncrone](https://github.com/fatihsnsy/aSYNcrone)\n- [UFOnet](https://github.com/epsylon/ufonet)\n- [GoldenEye](https://github.com/jseidl/GoldenEye)\n\n\n\n## 🖥 Remote Administrator Tools (RAT)\n\n- [Pyshell](https://github.com/knassar702/pyshell)\n\n\n\n## 💥 XSS Attack Tools\n\n- [DalFox](https://github.com/hahwul/dalfox)\n- [XSS Payload Generator](https://github.com/capture0x/XSS-LOADER)\n- [Extended XSS Searcher](https://github.com/Damian89/extended-xss-search)\n- [XSS-Freak](https://github.com/PR0PH3CY33/XSS-Freak)\n- [XSpear](https://github.com/hahwul/XSpear)\n- [XSSCon](https://github.com/menkrep1337/XSSCon)\n- [XanXSS](https://github.com/Ekultek/XanXSS)\n- [XSStrike](https://github.com/UltimateHackers/XSStrike)\n- [RVuln](https://github.com/iinc0gnit0/RVuln)\n\n\n\n## 🖼 Steganography Tools\n\n- SteganoHide\n- [StegoCracker](https://github.com/W1LDN16H7/StegoCracker)\n- [Whitespace](https://github.com/beardog108/snow10)\n\n\n\n## 🏢 Active Directory Tools\n\n- [BloodHound](https://github.com/BloodHoundAD/BloodHound) ★\n- [NetExec (nxc)](https://github.com/Pennyw0rth/NetExec) ★\n- [Impacket](https://github.com/fortra/impacket) ★\n- [Responder](https://github.com/lgandx/Responder) ★\n- [Certipy](https://github.com/ly4k/Certipy) ★\n- [Kerbrute](https://github.com/ropnop/kerbrute) ★\n\n\n\n## ☁ Cloud Security Tools\n\n- [Prowler](https://github.com/prowler-cloud/prowler) ★\n- [ScoutSuite](https://github.com/nccgroup/ScoutSuite) ★\n- [Pacu](https://github.com/RhinoSecurityLabs/pacu) ★\n- [Trivy](https://github.com/aquasecurity/trivy) ★\n\n\n\n## 📱 Mobile Security Tools\n\n- [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) ★\n- [Frida](https://github.com/frida/frida) ★\n- [Objection](https://github.com/sensepost/objection) ★\n\n\n\n## ✨ Other Tools\n\n#### SocialMedia Bruteforce\n- [AllinOne SocialMedia Attack](https://github.com/Matrix07ksa/Brute_Force)\n- [Facebook Attack](https://github.com/Matrix07ksa/Brute_Force)\n- [Application Checker](https://github.com/jakuta-tech/underhanded)\n\n#### Android Hacking Tools\n- [Keydroid](https://github.com/F4dl0/keydroid)\n- [MySMS](https://github.com/papusingh2sms/mysms)\n- [Lockphish](https://github.com/JasonJerry/lockphish)\n- [DroidCam / WishFish](https://github.com/kinghacker0/WishFish)\n- [EvilApp](https://github.com/crypticterminal/EvilApp)\n\n#### IDN Homograph Attack\n- [EvilURL](https://github.com/UndeadSec/EvilURL)\n\n#### Email Verify Tools\n- [Knockmail](https://github.com/4w4k3/KnockMail)\n\n#### Hash Cracking Tools\n- [Hash Buster](https://github.com/s0md3v/Hash-Buster)\n\n#### Wifi Deauthenticate\n- [WifiJammer-NG](https://github.com/MisterBianco/wifijammer-ng)\n- [KawaiiDeauther](https://github.com/aryanrtm/KawaiiDeauther)\n\n#### SocialMedia Finder\n- [Find SocialMedia By Facial Recognition](https://github.com/Greenwolf/social_mapper)\n- [Find SocialMedia By UserName](https://github.com/xHak9x/finduser)\n- [Sherlock](https://github.com/sherlock-project/sherlock)\n- [SocialScan](https://github.com/iojw/socialscan)\n\n#### Payload Injector\n- [Debinject](https://github.com/UndeadSec/Debinject)\n- [Pixload](https://github.com/chinarulezzz/pixload)\n\n#### Web Crawling\n- [Gospider](https://github.com/jaeles-project/gospider)\n\n#### Mix Tools\n- Terminal Multiplexer (tilix)\n- [Crivo](https://github.com/GMDSantana/crivo)\n\n\n---\n\n## Contributing — Add a New Tool\n\n\n\n\n\n\n
\n\n### Open an Issue\n\n> **Title:** `[Tool Request] ToolName — Category`\n\nUse the [Tool Request](.github/ISSUE_TEMPLATE/tool_request.md) template.\n\nRequired: tool name, GitHub URL, category, OS, install command, reason.\n\n\n\n### Open a Pull Request\n\n> **Title:** `[New Tool] ToolName — Category`\n\nUse the [PR template](.github/PULL_REQUEST_TEMPLATE.md) checklist.\n\nRequired: class in `tools/*.py`, TITLE, DESCRIPTION, INSTALL/RUN commands, SUPPORTED_OS, test locally.\n\n
\n\n> Issues or PRs that don't follow the title format will be closed without review.\n\n---\n\n## Installation\n\n\n\n\n\n\n
\n\n### One-liner (recommended)\n\n```bash\ncurl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash\n```\n\nHandles everything — prerequisites, clone, venv, launcher.\n\n\n\n### Manual\n\n```bash\ngit clone https://github.com/Z4nzu/hackingtool.git\ncd hackingtool\nsudo python3 install.py\n```\n\nThen run: `hackingtool`\n\n
\n\n\n### Docker\n\n```bash\n# Build\ndocker build -t hackingtool .\n\n# Run (direct)\ndocker run -it --rm hackingtool\n\n# Run (Compose — recommended)\ndocker compose up -d\ndocker exec -it hackingtool bash\n\n# Dev mode (live source mount)\ndocker compose --profile dev up\ndocker exec -it hackingtool-dev bash\n\n# Stop\ndocker compose down # stop container\ndocker compose down -v # also remove data volume\n```\n\n\n\n### Requirements\n\n| Dependency | Version | Needed for |\n|---|---|---|\n| Python | 3.10+ | Core |\n| Go | 1.21+ | nuclei, ffuf, amass, httpx, katana, dalfox, gobuster, subfinder |\n| Ruby | any | haiti, evil-winrm |\n| Docker | any | Mythic, MobSF (optional) |\n\n```bash\npip install -r requirements.txt\n```\n\n---\n\n## Star History\n\n\n \n \n \"HackingTool\n\n\n---\n\n## Support\n\nIf this project helps you, consider buying me a coffee:\n\n\"Buy\n\n## Social\n\n[![Twitter](https://img.shields.io/badge/Twitter-Follow-1DA1F2?style=for-the-badge&logo=twitter&logoColor=white)](https://twitter.com/_Zinzu07)\n[![GitHub](https://img.shields.io/badge/GitHub-Follow-181717?style=for-the-badge&logo=github&logoColor=white)](https://github.com/Z4nzu/)\n\n> **For authorized security testing only.**\n> Thanks to all original authors of the tools included in hackingtool.\n\nYour favourite tool is not listed? [Suggest it here](https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md)\n" }, { "path": "README_template.md", "content": "
\n\n# HackingTool\n\n**All-in-One Hacking Tool for Security Researchers & Pentesters**\n\n[![License](https://img.shields.io/github/license/Z4nzu/hackingtool?style=flat-square)](LICENSE)\n[![Python](https://img.shields.io/badge/Python-3.10+-3776AB?style=flat-square&logo=python&logoColor=white)](https://www.python.org/)\n[![Version](https://img.shields.io/badge/version-2.0.0-brightgreen?style=flat-square)](#)\n[![Platform](https://img.shields.io/badge/platform-Linux%20%7C%20Kali%20%7C%20Parrot%20%7C%20macOS-informational?style=flat-square)](#)\n[![Stars](https://img.shields.io/github/stars/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/stargazers)\n[![Forks](https://img.shields.io/github/forks/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/network/members)\n[![Issues](https://img.shields.io/github/issues/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/issues)\n[![Last Commit](https://img.shields.io/github/last-commit/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/commits/master)\n\n
\n\n---\n\n## What's New in v2.0.0\n\n- Python 3.10+ required — all Python 2 code removed\n- OS-aware menus — Linux-only tools are hidden automatically on macOS\n- Archived tools (Python 2, unmaintained) shown in a separate sub-menu\n- All `os.chdir()` bugs fixed — tools install to `~/.hackingtool/tools/`\n- No more `sudo git clone` — tools install to user home, no root needed\n- 22 new modern tools added across 6 categories\n- Rich terminal UI with shared theme — no more 32 different console instances\n- Iterative menus — no more recursion stack overflow on deep navigation\n- Docker image builds locally — no unverified external images\n- `requirements.txt` cleaned — removed unused flask/boxes/lolcat/requests\n\n---\n\n## Menu\n\n{{toc}}\n\n---\n\n## Tools\n\n{{tools}}\n\n---\n\n## Contributing — Add a New Tool\n\nWant a tool included? **Raise an Issue or open a PR** using the templates below.\n\n### Issue (Tool Request)\n\n> Title format: `[Tool Request] ToolName — Category`\n> Example: `[Tool Request] Subfinder — Information Gathering`\n\nUse the **Tool Request** issue template and fill in all required fields:\ntool name, GitHub URL, category, supported OS, install command, and why it should be added.\n\n### Pull Request\n\n> Title format: `[New Tool] ToolName — Category`\n> Example: `[New Tool] Subfinder — Information Gathering`\n\nUse the **PR template** checklist. Key requirements:\n\n1. Add your tool class to the correct `tools/*.py` file\n2. Set `TITLE`, `DESCRIPTION`, `INSTALL_COMMANDS`, `RUN_COMMANDS`, `PROJECT_URL`\n3. Set `SUPPORTED_OS = [\"linux\"]` or `[\"linux\", \"macos\"]` appropriately\n4. Add the instance to the `TOOLS` list in the collection class\n5. Test install and run locally before submitting\n\nIssues or PRs that don't follow the title format may be closed without review.\n\n---\n\n## Installation\n\n### One-liner (recommended)\n\n```bash\ncurl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash\n```\n\nThis handles everything — installs prerequisites, clones the repo, sets up a venv, and creates the `hackingtool` command.\n\n### Manual install\n\n```bash\ngit clone https://github.com/Z4nzu/hackingtool.git\ncd hackingtool\nsudo python3 install.py # detects local source, copies instead of re-cloning\n```\n\nThen run:\n```bash\nhackingtool\n```\n\n## Docker\n\n### Step 1 — Clone the repository\n\n```bash\ngit clone https://github.com/Z4nzu/hackingtool.git\ncd hackingtool\n```\n\n### Step 2 — Build the image\n\n```bash\ndocker build -t hackingtool .\n```\n\n> First build takes a few minutes (Kali base + apt packages). Subsequent builds are fast thanks to BuildKit layer caching.\n\n### Step 3 — Run\n\n**Option A — Direct (no Compose):**\n```bash\ndocker run -it --rm hackingtool\n```\n\n**Option B — With Docker Compose (recommended):**\n```bash\n# Start in background\ndocker compose up -d\n\n# Open an interactive shell\ndocker exec -it hackingtool bash\n\n# Then launch the tool inside the container\npython3 hackingtool.py\n```\n\n**Option C — Dev mode (live source mount, changes reflected without rebuild):**\n```bash\ndocker compose --profile dev up\ndocker exec -it hackingtool-dev bash\n```\n\n### Stopping\n\n```bash\ndocker compose down # stop and remove container\ndocker compose down -v # also remove the tools data volume\n```\n\n## Requirements\n\n- Python 3.10+\n- Linux (Kali, Parrot, Ubuntu) or macOS\n- Go 1.21+ (for nuclei, ffuf, amass, httpx, katana, dalfox)\n- Ruby (for haiti)\n\n```bash\npip install -r requirements.txt\n```\n\n---\n\n## Star History\n\n\n \n \n \"HackingTool\n\n\n---\n\n## Social\n\n[![Twitter](https://img.shields.io/twitter/url?color=%231DA1F2&label=follow&logo=twitter&logoColor=%231DA1F2&style=flat-square&url=https%3A%2F%2Ftwitter.com%2F_Zinzu07)](https://twitter.com/_Zinzu07)\n[![GitHub](https://img.shields.io/badge/-GitHub-181717?style=flat-square&logo=github&link=https://github.com/Z4nzu/)](https://github.com/Z4nzu/)\n\n> **Please don't use for illegal activity.**\n> Thanks to all original authors of the tools included in hackingtool.\n\nYour favourite tool is not listed? [Suggest it here](https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md)\n" }, { "path": "config.py", "content": "import json\nimport logging\nfrom pathlib import Path\nfrom typing import Any\n\nfrom constants import USER_CONFIG_FILE, USER_TOOLS_DIR, DEFAULT_CONFIG\n\nlogger = logging.getLogger(__name__)\n\n\ndef load() -> dict[str, Any]:\n \"\"\"Load config from disk, merging with defaults for any missing keys.\"\"\"\n if USER_CONFIG_FILE.exists():\n try:\n on_disk = json.loads(USER_CONFIG_FILE.read_text())\n return {**DEFAULT_CONFIG, **on_disk}\n except (json.JSONDecodeError, OSError) as exc:\n logger.warning(\"Config file unreadable (%s), using defaults.\", exc)\n return dict(DEFAULT_CONFIG)\n\n\ndef save(cfg: dict[str, Any]) -> None:\n \"\"\"Write config to disk, creating parent directories if needed.\"\"\"\n USER_CONFIG_FILE.parent.mkdir(parents=True, exist_ok=True)\n USER_CONFIG_FILE.write_text(json.dumps(cfg, indent=2, sort_keys=True))\n\n\ndef get_tools_dir() -> Path:\n \"\"\"\n Return the directory where external tools are stored.\n Creates it if it does not exist.\n Always an absolute path — never relies on process CWD.\n \"\"\"\n cfg = load()\n tools_dir = Path(cfg.get(\"tools_dir\", str(USER_TOOLS_DIR))).expanduser().resolve()\n tools_dir.mkdir(parents=True, exist_ok=True)\n return tools_dir\n\n\ndef get_sudo_cmd() -> str:\n \"\"\"Return 'doas' if available, else 'sudo'. Never hardcode 'sudo'.\"\"\"\n import shutil\n return \"doas\" if shutil.which(\"doas\") else \"sudo\"" }, { "path": "constants.py", "content": "from pathlib import Path\nimport platform\nimport shutil as _shutil\n\n# ── Repository ────────────────────────────────────────────────────────────────\nREPO_OWNER = \"Z4nzu\"\nREPO_NAME = \"hackingtool\"\nREPO_URL = f\"https://github.com/{REPO_OWNER}/{REPO_NAME}.git\"\nREPO_WEB_URL = f\"https://github.com/{REPO_OWNER}/{REPO_NAME}\"\n\n# ── Versioning ────────────────────────────────────────────────────────────────\nVERSION = \"2.0.0\"\nVERSION_DISPLAY = f\"v{VERSION}\"\n\n# ── Python requirement ────────────────────────────────────────────────────────\nMIN_PYTHON = (3, 10)\n\n# ── User-scoped paths (cross-platform, always computed at runtime) ─────────────\n# NEVER hardcode /home/username — use Path.home() so it works for any user,\n# including root (/root), regular users (/home/alice), macOS (/Users/alice).\nUSER_CONFIG_DIR = Path.home() / f\".{REPO_NAME}\"\nUSER_TOOLS_DIR = USER_CONFIG_DIR / \"tools\"\nUSER_CONFIG_FILE = USER_CONFIG_DIR / \"config.json\"\nUSER_LOG_FILE = USER_CONFIG_DIR / f\"{REPO_NAME}.log\"\n\n# ── System install paths (set per OS) ─────────────────────────────────────────\n_system = platform.system()\n\nif _system == \"Darwin\":\n # macOS — Homebrew convention\n APP_INSTALL_DIR = Path(\"/usr/local/share\") / REPO_NAME\n APP_BIN_PATH = Path(\"/usr/local/bin\") / REPO_NAME\nelif _system == \"Linux\":\n APP_INSTALL_DIR = Path(\"/usr/share\") / REPO_NAME\n APP_BIN_PATH = Path(\"/usr/bin\") / REPO_NAME\nelse:\n # Fallback (Windows, FreeBSD, etc.)\n APP_INSTALL_DIR = USER_CONFIG_DIR / \"app\"\n APP_BIN_PATH = USER_CONFIG_DIR / \"bin\" / REPO_NAME\n\n# ── UI theme ──────────────────────────────────────────────────────────────────\nTHEME_PRIMARY = \"bold magenta\"\nTHEME_BORDER = \"bright_magenta\"\nTHEME_SUCCESS = \"bold green\"\nTHEME_ERROR = \"bold red\"\nTHEME_WARNING = \"bold yellow\"\nTHEME_DIM = \"dim white\"\nTHEME_ARCHIVED = \"dim yellow\"\nTHEME_URL = \"underline bright_blue\"\nTHEME_ACCENT = \"bold cyan\"\n\n# ── Default config values ──────────────────────────────────────────────────────\nDEFAULT_CONFIG: dict = {\n \"tools_dir\": str(USER_TOOLS_DIR),\n \"version\": VERSION,\n \"theme\": \"magenta\",\n \"show_archived\": False,\n \"sudo_binary\": \"sudo\",\n \"go_bin_dir\": str(Path.home() / \"go\" / \"bin\"),\n \"gem_bin_dir\": str(Path.home() / \".gem\" / \"ruby\"),\n}\n\n# ── Privilege escalation ───────────────────────────────────────────────────────\n# Prefer doas if present (OpenBSD/some Linux setups), else sudo\nPRIV_CMD = \"doas\" if _shutil.which(\"doas\") else \"sudo\"" }, { "path": "core.py", "content": "import os\nimport shutil\nimport sys\nimport webbrowser\nfrom collections.abc import Callable\nfrom platform import system\n\nfrom rich import box\nfrom rich.console import Console\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich.table import Table\nfrom rich.text import Text\nfrom rich.theme import Theme\nfrom rich.traceback import install\n\nfrom constants import (\n THEME_PRIMARY, THEME_BORDER, THEME_ACCENT,\n THEME_SUCCESS, THEME_ERROR, THEME_WARNING,\n THEME_DIM, THEME_ARCHIVED, THEME_URL,\n)\n\n# Enable rich tracebacks globally\ninstall()\n\n_theme = Theme({\n \"purple\": \"#7B61FF\",\n \"success\": THEME_SUCCESS,\n \"error\": THEME_ERROR,\n \"warning\": THEME_WARNING,\n \"archived\": THEME_ARCHIVED,\n \"url\": THEME_URL,\n \"dim\": THEME_DIM,\n})\n\n# Single shared console — all tool files do: from core import console\nconsole = Console(theme=_theme)\n\n\ndef clear_screen():\n os.system(\"cls\" if system() == \"Windows\" else \"clear\")\n\n\ndef validate_input(ip, val_range: list) -> int | None:\n \"\"\"Return the integer if it is in val_range, else None.\"\"\"\n if not val_range:\n return None\n try:\n ip = int(ip)\n if ip in val_range:\n return ip\n except (TypeError, ValueError):\n pass\n return None\n\n\ndef _show_inline_help():\n \"\"\"Quick help available from any menu level.\"\"\"\n console.print(Panel(\n Text.assemble(\n (\" Navigation\\n\", \"bold white\"),\n (\" ─────────────────────────────────\\n\", \"dim\"),\n (\" 1–N \", \"bold cyan\"), (\"select item\\n\", \"white\"),\n (\" 97 \", \"bold cyan\"), (\"install all (in category)\\n\", \"white\"),\n (\"\\n Tool menu: Install, Run, Update, Open Folder\\n\", \"dim\"),\n (\" 99 \", \"bold cyan\"), (\"go back\\n\", \"white\"),\n (\" 98 \", \"bold cyan\"), (\"open project page / archived\\n\", \"white\"),\n (\" ? \", \"bold cyan\"), (\"show this help\\n\", \"white\"),\n (\" q \", \"bold cyan\"), (\"quit hackingtool\\n\", \"white\"),\n ),\n title=\"[bold magenta] ? Quick Help [/bold magenta]\",\n border_style=\"magenta\",\n box=box.ROUNDED,\n padding=(0, 2),\n ))\n Prompt.ask(\"[dim]Press Enter to return[/dim]\", default=\"\")\n\n\nclass HackingTool:\n TITLE: str = \"\"\n DESCRIPTION: str = \"\"\n INSTALL_COMMANDS: list[str] = []\n UNINSTALL_COMMANDS: list[str] = []\n RUN_COMMANDS: list[str] = []\n OPTIONS: list[tuple[str, Callable]] = []\n PROJECT_URL: str = \"\"\n\n # OS / capability metadata\n SUPPORTED_OS: list[str] = [\"linux\", \"macos\"]\n REQUIRES_ROOT: bool = False\n REQUIRES_WIFI: bool = False\n REQUIRES_GO: bool = False\n REQUIRES_RUBY: bool = False\n REQUIRES_JAVA: bool = False\n REQUIRES_DOCKER: bool = False\n\n # Tags for search/filter (e.g. [\"osint\", \"web\", \"recon\", \"scanner\"])\n TAGS: list[str] = []\n\n # Archived tool flags\n ARCHIVED: bool = False\n ARCHIVED_REASON: str = \"\"\n\n def __init__(self, options=None, installable=True, runnable=True):\n options = options or []\n if not isinstance(options, list):\n raise TypeError(\"options must be a list of (option_name, option_fn) tuples\")\n self.OPTIONS = []\n if installable:\n self.OPTIONS.append((\"Install\", self.install))\n if runnable:\n self.OPTIONS.append((\"Run\", self.run))\n self.OPTIONS.append((\"Update\", self.update))\n self.OPTIONS.append((\"Open Folder\", self.open_folder))\n self.OPTIONS.extend(options)\n\n @property\n def is_installed(self) -> bool:\n \"\"\"Check if the tool's binary is on PATH or its clone dir exists.\"\"\"\n if self.RUN_COMMANDS:\n cmd = self.RUN_COMMANDS[0]\n # Handle \"cd foo && binary --help\" pattern\n if \"&&\" in cmd:\n cmd = cmd.split(\"&&\")[-1].strip()\n if cmd.startswith(\"sudo \"):\n cmd = cmd[5:].strip()\n binary = cmd.split()[0] if cmd else \"\"\n if binary and binary not in (\".\", \"echo\", \"cd\"):\n if shutil.which(binary):\n return True\n # Check if git clone target dir exists\n if self.INSTALL_COMMANDS:\n for ic in self.INSTALL_COMMANDS:\n if \"git clone\" in ic:\n parts = ic.split()\n repo_url = [p for p in parts if p.startswith(\"http\")]\n if repo_url:\n dirname = repo_url[0].rstrip(\"/\").rsplit(\"/\", 1)[-1].replace(\".git\", \"\")\n if os.path.isdir(dirname):\n return True\n return False\n\n def show_info(self):\n desc = f\"[cyan]{self.DESCRIPTION}[/cyan]\"\n if self.PROJECT_URL:\n desc += f\"\\n[url]🔗 {self.PROJECT_URL}[/url]\"\n if self.ARCHIVED:\n desc += f\"\\n[archived]⚠ ARCHIVED: {self.ARCHIVED_REASON}[/archived]\"\n console.print(Panel(\n desc,\n title=f\"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]\",\n border_style=\"purple\",\n box=box.DOUBLE,\n ))\n\n def show_options(self, parent=None):\n \"\"\"Iterative menu loop — no recursion, no stack growth.\"\"\"\n while True:\n clear_screen()\n self.show_info()\n\n table = Table(title=\"Options\", box=box.SIMPLE_HEAVY)\n table.add_column(\"No.\", style=\"bold cyan\", justify=\"center\")\n table.add_column(\"Action\", style=\"bold yellow\")\n\n for index, option in enumerate(self.OPTIONS):\n table.add_row(str(index + 1), option[0])\n\n if self.PROJECT_URL:\n table.add_row(\"98\", \"Open Project Page\")\n table.add_row(\"99\", f\"Back to {parent.TITLE if parent else 'Main Menu'}\")\n console.print(table)\n console.print(\n \" [dim cyan]?[/dim cyan][dim]help \"\n \"[/dim][dim cyan]q[/dim cyan][dim]uit \"\n \"[/dim][dim cyan]99[/dim cyan][dim] back[/dim]\"\n )\n\n raw = Prompt.ask(\"[bold cyan]╰─>[/bold cyan]\", default=\"\").strip().lower()\n if not raw:\n continue\n if raw in (\"?\", \"help\"):\n _show_inline_help()\n continue\n if raw in (\"q\", \"quit\", \"exit\"):\n raise SystemExit(0)\n\n try:\n choice = int(raw)\n except ValueError:\n console.print(\"[error]⚠ Enter a number, ? for help, or q to quit.[/error]\")\n Prompt.ask(\"[dim]Press Enter to continue[/dim]\", default=\"\")\n continue\n\n if choice == 99:\n return\n elif choice == 98 and self.PROJECT_URL:\n self.show_project_page()\n elif 1 <= choice <= len(self.OPTIONS):\n try:\n self.OPTIONS[choice - 1][1]()\n except Exception:\n console.print_exception(show_locals=True)\n Prompt.ask(\"[dim]Press Enter to continue[/dim]\", default=\"\")\n else:\n console.print(\"[error]⚠ Invalid option.[/error]\")\n\n def before_install(self): pass\n\n def install(self):\n self.before_install()\n if isinstance(self.INSTALL_COMMANDS, (list, tuple)):\n for cmd in self.INSTALL_COMMANDS:\n console.print(f\"[warning]→ {cmd}[/warning]\")\n os.system(cmd)\n self.after_install()\n\n def after_install(self):\n console.print(\"[success]✔ Successfully installed![/success]\")\n\n def before_uninstall(self) -> bool:\n return True\n\n def uninstall(self):\n if self.before_uninstall():\n if isinstance(self.UNINSTALL_COMMANDS, (list, tuple)):\n for cmd in self.UNINSTALL_COMMANDS:\n console.print(f\"[error]→ {cmd}[/error]\")\n os.system(cmd)\n self.after_uninstall()\n\n def after_uninstall(self): pass\n\n def update(self):\n \"\"\"Smart update — detects install method and runs the right update command.\"\"\"\n if not self.is_installed:\n console.print(\"[warning]Tool is not installed yet. Install it first.[/warning]\")\n return\n\n updated = False\n for ic in (self.INSTALL_COMMANDS or []):\n if \"git clone\" in ic:\n # Extract repo dir name from clone command\n parts = ic.split()\n repo_urls = [p for p in parts if p.startswith(\"http\")]\n if repo_urls:\n dirname = repo_urls[0].rstrip(\"/\").rsplit(\"/\", 1)[-1].replace(\".git\", \"\")\n if os.path.isdir(dirname):\n console.print(f\"[cyan]→ git -C {dirname} pull[/cyan]\")\n os.system(f\"git -C {dirname} pull\")\n updated = True\n elif \"pip install\" in ic:\n # Re-run pip install (--upgrade)\n upgrade_cmd = ic.replace(\"pip install\", \"pip install --upgrade\")\n console.print(f\"[cyan]→ {upgrade_cmd}[/cyan]\")\n os.system(upgrade_cmd)\n updated = True\n elif \"go install\" in ic:\n # Re-run go install (fetches latest)\n console.print(f\"[cyan]→ {ic}[/cyan]\")\n os.system(ic)\n updated = True\n elif \"gem install\" in ic:\n upgrade_cmd = ic.replace(\"gem install\", \"gem update\")\n console.print(f\"[cyan]→ {upgrade_cmd}[/cyan]\")\n os.system(upgrade_cmd)\n updated = True\n\n if updated:\n console.print(\"[success]✔ Update complete![/success]\")\n else:\n console.print(\"[dim]No automatic update method available for this tool.[/dim]\")\n\n def _get_tool_dir(self) -> str | None:\n \"\"\"Find the tool's local directory — clone target, pip location, or binary path.\"\"\"\n # 1. Check git clone target dir\n for ic in (self.INSTALL_COMMANDS or []):\n if \"git clone\" in ic:\n parts = ic.split()\n # If last arg is not a URL, it's a custom dir name\n repo_urls = [p for p in parts if p.startswith(\"http\")]\n if repo_urls:\n dirname = repo_urls[0].rstrip(\"/\").rsplit(\"/\", 1)[-1].replace(\".git\", \"\")\n # Check custom target dir (arg after URL)\n url_idx = parts.index(repo_urls[0])\n if url_idx + 1 < len(parts):\n dirname = parts[url_idx + 1]\n if os.path.isdir(dirname):\n return os.path.abspath(dirname)\n\n # 2. Check binary location via which\n if self.RUN_COMMANDS:\n cmd = self.RUN_COMMANDS[0]\n if \"&&\" in cmd:\n # \"cd foo && bar\" → check \"foo\"\n cd_part = cmd.split(\"&&\")[0].strip()\n if cd_part.startswith(\"cd \"):\n d = cd_part[3:].strip()\n if os.path.isdir(d):\n return os.path.abspath(d)\n binary = cmd.split()[0] if cmd else \"\"\n if binary.startswith(\"sudo\"):\n binary = cmd.split()[1] if len(cmd.split()) > 1 else \"\"\n path = shutil.which(binary) if binary else None\n if path:\n return os.path.dirname(os.path.realpath(path))\n\n return None\n\n def open_folder(self):\n \"\"\"Open the tool's directory in a new shell so the user can work manually.\"\"\"\n tool_dir = self._get_tool_dir()\n if tool_dir:\n console.print(f\"[success]Opening folder: {tool_dir}[/success]\")\n console.print(\"[dim]Type 'exit' to return to hackingtool.[/dim]\")\n os.system(f'cd \"{tool_dir}\" && $SHELL')\n else:\n console.print(\"[warning]Tool directory not found.[/warning]\")\n if self.PROJECT_URL:\n console.print(f\"[dim]You can clone it manually:[/dim]\")\n console.print(f\"[cyan] git clone {self.PROJECT_URL}.git[/cyan]\")\n\n def before_run(self): pass\n\n def run(self):\n self.before_run()\n if isinstance(self.RUN_COMMANDS, (list, tuple)):\n for cmd in self.RUN_COMMANDS:\n console.print(f\"[cyan]⚙ Running:[/cyan] [bold]{cmd}[/bold]\")\n os.system(cmd)\n self.after_run()\n\n def after_run(self): pass\n\n def show_project_page(self):\n console.print(f\"[url]🌐 Opening: {self.PROJECT_URL}[/url]\")\n webbrowser.open_new_tab(self.PROJECT_URL)\n\n\nclass HackingToolsCollection:\n TITLE: str = \"\"\n DESCRIPTION: str = \"\"\n TOOLS: list = []\n\n def __init__(self):\n pass\n\n def show_info(self):\n console.rule(f\"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]\", style=\"purple\")\n if self.DESCRIPTION:\n console.print(f\"[italic cyan]{self.DESCRIPTION}[/italic cyan]\\n\")\n\n def _active_tools(self) -> list:\n \"\"\"Return tools that are not archived and are OS-compatible.\"\"\"\n from os_detect import CURRENT_OS\n return [\n t for t in self.TOOLS\n if not getattr(t, \"ARCHIVED\", False)\n and CURRENT_OS.system in getattr(t, \"SUPPORTED_OS\", [\"linux\", \"macos\"])\n ]\n\n def _archived_tools(self) -> list:\n return [t for t in self.TOOLS if getattr(t, \"ARCHIVED\", False)]\n\n def _incompatible_tools(self) -> list:\n from os_detect import CURRENT_OS\n return [\n t for t in self.TOOLS\n if not getattr(t, \"ARCHIVED\", False)\n and CURRENT_OS.system not in getattr(t, \"SUPPORTED_OS\", [\"linux\", \"macos\"])\n ]\n\n def _show_archived_tools(self):\n \"\"\"Show archived tools sub-menu (option 98).\"\"\"\n archived = self._archived_tools()\n if not archived:\n console.print(\"[dim]No archived tools in this category.[/dim]\")\n Prompt.ask(\"[dim]Press Enter to return[/dim]\", default=\"\")\n return\n\n while True:\n clear_screen()\n console.rule(f\"[archived]Archived Tools — {self.TITLE}[/archived]\", style=\"yellow\")\n\n table = Table(box=box.MINIMAL_DOUBLE_HEAD, show_lines=True)\n table.add_column(\"No.\", justify=\"center\", style=\"bold yellow\")\n table.add_column(\"Tool\", style=\"dim yellow\")\n table.add_column(\"Reason\", style=\"dim white\")\n\n for i, tool in enumerate(archived):\n reason = getattr(tool, \"ARCHIVED_REASON\", \"No reason given\")\n table.add_row(str(i + 1), tool.TITLE, reason)\n\n table.add_row(\"99\", \"Back\", \"\")\n console.print(table)\n\n raw = Prompt.ask(\"[bold yellow][?] Select[/bold yellow]\", default=\"99\")\n try:\n choice = int(raw)\n except ValueError:\n continue\n\n if choice == 99:\n return\n elif 1 <= choice <= len(archived):\n archived[choice - 1].show_options(parent=self)\n\n def show_options(self, parent=None):\n \"\"\"Iterative menu loop — no recursion, no stack growth.\"\"\"\n while True:\n clear_screen()\n self.show_info()\n\n active = self._active_tools()\n incompatible = self._incompatible_tools()\n archived = self._archived_tools()\n\n table = Table(title=\"Available Tools\", box=box.SIMPLE_HEAD, show_lines=True)\n table.add_column(\"No.\", justify=\"center\", style=\"bold cyan\", width=6)\n table.add_column(\"\", width=2) # installed indicator\n table.add_column(\"Tool\", style=\"bold yellow\", min_width=24)\n table.add_column(\"Description\", style=\"white\", overflow=\"fold\")\n\n for index, tool in enumerate(active, start=1):\n desc = getattr(tool, \"DESCRIPTION\", \"\") or \"—\"\n desc = desc.splitlines()[0] if desc != \"—\" else \"—\"\n has_status = hasattr(tool, \"is_installed\")\n status = (\"[green]✔[/green]\" if tool.is_installed else \"[dim]✘[/dim]\") if has_status else \"\"\n table.add_row(str(index), status, tool.TITLE, desc)\n\n # Count not-installed tools for \"Install All\" label (skip sub-collections)\n not_installed = [t for t in active if hasattr(t, \"is_installed\") and not t.is_installed]\n if not_installed:\n table.add_row(\n \"[bold green]97[/bold green]\", \"\",\n f\"[bold green]Install all ({len(not_installed)} not installed)[/bold green]\", \"\",\n )\n if archived:\n table.add_row(\"[dim]98[/dim]\", \"\", f\"[archived]Archived tools ({len(archived)})[/archived]\", \"\")\n if incompatible:\n console.print(f\"[dim]({len(incompatible)} tools hidden — not supported on current OS)[/dim]\")\n\n table.add_row(\"99\", \"\", f\"Back to {parent.TITLE if parent else 'Main Menu'}\", \"\")\n console.print(table)\n console.print(\n \" [dim cyan]?[/dim cyan][dim]help \"\n \"[/dim][dim cyan]q[/dim cyan][dim]uit \"\n \"[/dim][dim cyan]99[/dim cyan][dim] back[/dim]\"\n )\n\n raw = Prompt.ask(\"[bold cyan]╰─>[/bold cyan]\", default=\"\").strip().lower()\n if not raw:\n continue\n if raw in (\"?\", \"help\"):\n _show_inline_help()\n continue\n if raw in (\"q\", \"quit\", \"exit\"):\n raise SystemExit(0)\n\n try:\n choice = int(raw)\n except ValueError:\n console.print(\"[error]⚠ Enter a number, ? for help, or q to quit.[/error]\")\n continue\n\n if choice == 99:\n return\n elif choice == 97 and not_installed:\n console.print(Panel(\n f\"[bold]Installing {len(not_installed)} tools...[/bold]\",\n border_style=\"green\", box=box.ROUNDED,\n ))\n for i, tool in enumerate(not_installed, start=1):\n console.print(f\"\\n[bold cyan]({i}/{len(not_installed)})[/bold cyan] {tool.TITLE}\")\n try:\n tool.install()\n except Exception:\n console.print(f\"[error]✘ Failed: {tool.TITLE}[/error]\")\n Prompt.ask(\"\\n[dim]Press Enter to continue[/dim]\", default=\"\")\n elif choice == 98 and archived:\n self._show_archived_tools()\n elif 1 <= choice <= len(active):\n try:\n active[choice - 1].show_options(parent=self)\n except Exception:\n console.print_exception(show_locals=True)\n Prompt.ask(\"[dim]Press Enter to continue[/dim]\", default=\"\")\n else:\n console.print(\"[error]⚠ Invalid option.[/error]\")\n" }, { "path": "docker-compose.yml", "content": "# docker-compose.yml\n# Use: docker compose up -d then docker exec -it hackingtool bash\n#\n# Profiles:\n# (default) — runs the built image; code is embedded at build time\n# dev — mounts source directory for live editing without rebuilding\n# docker compose --profile dev up\n\nservices:\n hackingtool:\n build:\n context: .\n dockerfile: Dockerfile\n image: hackingtool:latest\n container_name: hackingtool\n stdin_open: true\n tty: true\n # Persist tools installed at runtime across container restarts\n volumes:\n - hackingtool_data:/root/.hackingtool\n restart: unless-stopped\n\n hackingtool-dev:\n build:\n context: .\n dockerfile: Dockerfile\n image: hackingtool:latest\n container_name: hackingtool-dev\n stdin_open: true\n tty: true\n profiles:\n - dev\n volumes:\n # Live source mount — code changes are visible without rebuilding\n - .:/root/hackingtool\n - hackingtool_data:/root/.hackingtool\n restart: \"no\"\n\nvolumes:\n hackingtool_data:\n" }, { "path": "generate_readme.py", "content": "# coding=utf-8\nimport re\n\nfrom rich.console import Console\nfrom rich.theme import Theme\n\nfrom core import HackingTool\nfrom core import HackingToolsCollection\nfrom hackingtool import all_tools\n\n_theme = Theme({\"purple\": \"#7B61FF\"})\nconsole = Console(theme=_theme)\n\n\ndef sanitize_anchor(s):\n return re.sub(r\"\\W\", \"-\", s.lower())\n\n\ndef get_toc(tools, indentation = \"\"):\n md = \"\"\n for tool in tools:\n if isinstance(tool, HackingToolsCollection):\n md += (indentation + \"- [{}](#{})\\n\".format(\n tool.TITLE, sanitize_anchor(tool.TITLE)))\n md += get_toc(tool.TOOLS, indentation = indentation + ' ')\n return md\n\n\ndef get_tools_toc(tools, indentation = \"##\"):\n md = \"\"\n for tool in tools:\n if isinstance(tool, HackingToolsCollection):\n md += (indentation + \"# {}\\n\".format(tool.TITLE))\n md += get_tools_toc(tool.TOOLS, indentation = indentation + '#')\n elif isinstance(tool, HackingTool):\n if tool.PROJECT_URL:\n md += (\"- [{}]({})\\n\".format(tool.TITLE, tool.PROJECT_URL))\n else:\n md += (\"- {}\\n\".format(tool.TITLE))\n return md\n\n\ndef generate_readme():\n toc = get_toc(all_tools[:-1])\n tools_desc = get_tools_toc(all_tools[:-1])\n\n with open(\"README_template.md\") as fh:\n readme_template = fh.read()\n\n readme_template = readme_template.replace(\"{{toc}}\", toc)\n readme_template = readme_template.replace(\"{{tools}}\", tools_desc)\n\n with open(\"README.md\", \"w\") as fh:\n fh.write(readme_template)\n\n\nif __name__ == '__main__':\n generate_readme()" }, { "path": "hackingtool.py", "content": "#!/usr/bin/env python3\nimport sys\n\n# ── Python version guard (must be before any other local import) ───────────────\nif sys.version_info < (3, 10):\n print(\n f\"[ERROR] Python 3.10 or newer is required.\\n\"\n f\"You are running Python {sys.version_info.major}.{sys.version_info.minor}.\\n\"\n f\"Upgrade with: sudo apt install python3.10\"\n )\n sys.exit(1)\n\nimport os\nimport platform\nimport socket\nimport datetime\nimport random\nimport webbrowser\nfrom itertools import zip_longest\n\nfrom rich.console import Console\nfrom rich.panel import Panel\nfrom rich.table import Table\nfrom rich.prompt import Prompt, Confirm\nfrom rich.align import Align\nfrom rich.text import Text\nfrom rich import box\nfrom rich.rule import Rule\nfrom rich.columns import Columns\n\nfrom core import HackingToolsCollection, clear_screen, console\nfrom constants import VERSION_DISPLAY, REPO_WEB_URL\nfrom config import get_tools_dir\nfrom tools.anonsurf import AnonSurfTools\nfrom tools.ddos import DDOSTools\nfrom tools.exploit_frameworks import ExploitFrameworkTools\nfrom tools.forensics import ForensicTools\nfrom tools.information_gathering import InformationGatheringTools\nfrom tools.other_tools import OtherTools\nfrom tools.payload_creator import PayloadCreatorTools\nfrom tools.phishing_attack import PhishingAttackTools\nfrom tools.post_exploitation import PostExploitationTools\nfrom tools.remote_administration import RemoteAdministrationTools\nfrom tools.reverse_engineering import ReverseEngineeringTools\nfrom tools.sql_injection import SqlInjectionTools\nfrom tools.steganography import SteganographyTools\nfrom tools.tool_manager import ToolManager\nfrom tools.web_attack import WebAttackTools\nfrom tools.wireless_attack import WirelessAttackTools\nfrom tools.wordlist_generator import WordlistGeneratorTools\nfrom tools.xss_attack import XSSAttackTools\nfrom tools.active_directory import ActiveDirectoryTools\nfrom tools.cloud_security import CloudSecurityTools\nfrom tools.mobile_security import MobileSecurityTools\n\n# ── Tool registry ──────────────────────────────────────────────────────────────\n\n# (full_title, icon, menu_label)\n# menu_label is the concise name shown in the 2-column main menu grid.\n# full_title is shown when entering the category.\ntool_definitions = [\n (\"Anonymously Hiding Tools\", \"🛡 \", \"Anonymously Hiding\"),\n (\"Information gathering tools\", \"🔍\", \"Information Gathering\"),\n (\"Wordlist Generator\", \"📚\", \"Wordlist Generator\"),\n (\"Wireless attack tools\", \"📶\", \"Wireless Attack\"),\n (\"SQL Injection Tools\", \"🧩\", \"SQL Injection\"),\n (\"Phishing attack tools\", \"🎣\", \"Phishing Attack\"),\n (\"Web Attack tools\", \"🌐\", \"Web Attack\"),\n (\"Post exploitation tools\", \"🔧\", \"Post Exploitation\"),\n (\"Forensic tools\", \"🕵 \", \"Forensics\"),\n (\"Payload creation tools\", \"📦\", \"Payload Creation\"),\n (\"Exploit framework\", \"🧰\", \"Exploit Framework\"),\n (\"Reverse engineering tools\", \"🔁\", \"Reverse Engineering\"),\n (\"DDOS Attack Tools\", \"⚡\", \"DDOS Attack\"),\n (\"Remote Administrator Tools (RAT)\", \"🖥 \", \"Remote Admin (RAT)\"),\n (\"XSS Attack Tools\", \"💥\", \"XSS Attack\"),\n (\"Steganography tools\", \"🖼 \", \"Steganography\"),\n (\"Active Directory Tools\", \"🏢\", \"Active Directory\"),\n (\"Cloud Security Tools\", \"☁ \", \"Cloud Security\"),\n (\"Mobile Security Tools\", \"📱\", \"Mobile Security\"),\n (\"Other tools\", \"✨\", \"Other Tools\"),\n (\"Update or Uninstall | Hackingtool\", \"♻ \", \"Update / Uninstall\"),\n]\n\nall_tools = [\n AnonSurfTools(),\n InformationGatheringTools(),\n WordlistGeneratorTools(),\n WirelessAttackTools(),\n SqlInjectionTools(),\n PhishingAttackTools(),\n WebAttackTools(),\n PostExploitationTools(),\n ForensicTools(),\n PayloadCreatorTools(),\n ExploitFrameworkTools(),\n ReverseEngineeringTools(),\n DDOSTools(),\n RemoteAdministrationTools(),\n XSSAttackTools(),\n SteganographyTools(),\n ActiveDirectoryTools(),\n CloudSecurityTools(),\n MobileSecurityTools(),\n OtherTools(),\n ToolManager(),\n]\n\n# Used by generate_readme.py\nclass AllTools(HackingToolsCollection):\n TITLE = \"All tools\"\n TOOLS = all_tools\n\n\n# ── Help overlay ───────────────────────────────────────────────────────────────\n\ndef show_help():\n console.print(Panel(\n Text.assemble(\n (\" Main menu\\n\", \"bold white\"),\n (\" ─────────────────────────────────────\\n\", \"dim\"),\n (\" 1–20 \", \"bold cyan\"), (\"open a category\\n\", \"white\"),\n (\" 21 \", \"bold cyan\"), (\"Update / Uninstall hackingtool\\n\", \"white\"),\n (\" / or s \", \"bold cyan\"), (\"search tools by name or keyword\\n\", \"white\"),\n (\" t \", \"bold cyan\"), (\"filter tools by tag (osint, web, c2, ...)\\n\", \"white\"),\n (\" r \", \"bold cyan\"), (\"recommend tools for a task\\n\", \"white\"),\n (\" ? \", \"bold cyan\"), (\"show this help\\n\", \"white\"),\n (\" q \", \"bold cyan\"), (\"quit hackingtool\\n\\n\", \"white\"),\n (\" Inside a category\\n\", \"bold white\"),\n (\" ─────────────────────────────────────\\n\", \"dim\"),\n (\" 1–N \", \"bold cyan\"), (\"select a tool\\n\", \"white\"),\n (\" 99 \", \"bold cyan\"), (\"back to main menu\\n\", \"white\"),\n (\" 98 \", \"bold cyan\"), (\"open project page (if available)\\n\\n\", \"white\"),\n (\" Inside a tool\\n\", \"bold white\"),\n (\" ─────────────────────────────────────\\n\", \"dim\"),\n (\" 1 \", \"bold cyan\"), (\"install tool\\n\", \"white\"),\n (\" 2 \", \"bold cyan\"), (\"run tool\\n\", \"white\"),\n (\" 99 \", \"bold cyan\"), (\"back to category\\n\", \"white\"),\n ),\n title=\"[bold magenta] ? Quick Help [/bold magenta]\",\n border_style=\"magenta\",\n box=box.ROUNDED,\n padding=(0, 2),\n ))\n Prompt.ask(\"[dim]Press Enter to return[/dim]\", default=\"\")\n\n\n# ── Header: ASCII art + live system info ──────────────────────────────────────\n\n# Full \"HACKING TOOL\" block-letter art — 12 lines, split layout with stats\n_BANNER_ART = [\n \" ██╗ ██╗ █████╗ ██████╗██╗ ██╗██╗███╗ ██╗ ██████╗ \",\n \" ██║ ██║██╔══██╗██╔════╝██║ ██╔╝██║████╗ ██║██╔════╝ \",\n \" ███████║███████║██║ █████╔╝ ██║██╔██╗ ██║██║ ███╗\",\n \" ██╔══██║██╔══██║██║ ██╔═██╗ ██║██║╚██╗██║██║ ██║\",\n \" ██║ ██║██║ ██║╚██████╗██║ ██╗██║██║ ╚████║╚██████╔╝\",\n \" ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚═╝╚═╝ ╚═══╝ ╚═════╝ \",\n \" ████████╗ ██████╗ ██████╗ ██╗\",\n \" ╚══██╔══╝██╔═══██╗██╔═══██╗██║\",\n \" ██║ ██║ ██║██║ ██║██║\",\n \" ██║ ██║ ██║██║ ██║██║\",\n \" ██║ ╚██████╔╝╚██████╔╝███████╗\",\n \" ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝\",\n]\n\n_QUOTES = [\n '\"The quieter you become, the more you can hear.\"',\n '\"Offense informs defense.\"',\n '\"There is no patch for human stupidity.\"',\n '\"In God we trust. All others we monitor.\"',\n '\"Hackers are the immune system of the internet.\"',\n '\"Every system is hackable — know yours before others do.\"',\n '\"Enumerate before you exploit.\"',\n '\"A scope defines your playground.\"',\n '\"The more you sweat in training, the less you bleed in battle.\"',\n '\"Security is a process, not a product.\"',\n]\n\n\ndef _sys_info() -> dict:\n \"\"\"Collect live system info for the header panel.\"\"\"\n info: dict = {}\n\n # OS pretty name\n try:\n info[\"os\"] = platform.freedesktop_os_release().get(\"PRETTY_NAME\", \"\")\n except Exception:\n info[\"os\"] = \"\"\n if not info[\"os\"]:\n info[\"os\"] = f\"{platform.system()} {platform.release()}\"\n\n info[\"kernel\"] = platform.release()\n\n # Current user\n try:\n info[\"user\"] = os.getlogin()\n except Exception:\n info[\"user\"] = os.environ.get(\"USER\", os.environ.get(\"LOGNAME\", \"root\"))\n\n info[\"host\"] = socket.gethostname()\n\n # Local IP — connect to a routable address without sending data\n try:\n s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)\n s.settimeout(0)\n s.connect((\"10.254.254.254\", 1))\n info[\"ip\"] = s.getsockname()[0]\n s.close()\n except Exception:\n info[\"ip\"] = \"127.0.0.1\"\n\n info[\"time\"] = datetime.datetime.now().strftime(\"%Y-%m-%d %H:%M\")\n return info\n\n\ndef _build_header() -> Panel:\n info = _sys_info()\n\n # 12 stat lines paired with the 12 art lines\n stat_lines = [\n (\" os › \", info[\"os\"][:34]),\n (\" kernel › \", info[\"kernel\"][:34]),\n (\" user › \", f\"{info['user']} @ {info['host'][:20]}\"),\n (\" ip › \", info[\"ip\"]),\n (\" tools › \", f\"{len(all_tools)} categories · 185+ modules\"),\n (\" session › \", info[\"time\"]),\n (\"\", \"\"),\n (\" python › \", f\"{sys.version_info.major}.{sys.version_info.minor}.{sys.version_info.micro}\"),\n (\" arch › \", platform.machine()),\n (\" status › \", \"✔ READY\"),\n (\"\", \"\"),\n (\"\", \"\"),\n ]\n\n grid = Table.grid(padding=0)\n grid.add_column(\"art\", no_wrap=True)\n grid.add_column(\"sep\", no_wrap=True)\n grid.add_column(\"lbl\", no_wrap=True)\n grid.add_column(\"val\", no_wrap=True)\n\n for art_line, (lbl_text, val_text) in zip(_BANNER_ART, stat_lines):\n grid.add_row(\n Text(art_line, style=\"bold bright_green\"),\n Text(\" │ \", style=\"dim green\"),\n Text(lbl_text, style=\"dim green\"),\n Text(val_text, style=\"bright_green\"),\n )\n\n # Quote + warning below the split row\n quote = random.choice(_QUOTES)\n body = Table.grid(padding=(0, 0))\n body.add_column()\n body.add_row(grid)\n body.add_row(Text(\"\"))\n body.add_row(Text(f\" {quote}\", style=\"italic dim\"))\n body.add_row(Text(\" ⚠ For authorized security testing only\",\n style=\"bold dim red\"))\n\n return Panel(\n body,\n title=f\"[bold bright_magenta][ HackingTool {VERSION_DISPLAY} ][/bold bright_magenta]\",\n title_align=\"left\",\n subtitle=f\"[dim][ {info['time']} ][/dim]\",\n subtitle_align=\"right\",\n border_style=\"bright_magenta\",\n box=box.HEAVY,\n padding=(0, 1),\n )\n\n\n# ── Main menu renderer ─────────────────────────────────────────────────────────\n\ndef build_menu():\n clear_screen()\n console.print(_build_header())\n\n # ── 2-column category grid ──\n # Items 1-17 in two columns, item 18 (ToolManager) shown separately\n categories = tool_definitions[:-1] # 17 items\n update_def = tool_definitions[-1] # ToolManager\n\n mid = (len(categories) + 1) // 2 # 9 (left), 8 (right)\n left = list(enumerate(categories[:mid], start=1))\n right = list(enumerate(categories[mid:], start=mid + 1))\n\n grid = Table.grid(padding=(0, 1), expand=True)\n grid.add_column(\"ln\", justify=\"right\", style=\"bold magenta\", width=5)\n grid.add_column(\"li\", width=3)\n grid.add_column(\"lt\", style=\"magenta\", ratio=1, no_wrap=True)\n grid.add_column(\"gap\", width=3)\n grid.add_column(\"rn\", justify=\"right\", style=\"bold magenta\", width=5)\n grid.add_column(\"ri\", width=3)\n grid.add_column(\"rt\", style=\"magenta\", ratio=1, no_wrap=True)\n\n for (li, (_, lic, ll)), r in zip_longest(left, right, fillvalue=None):\n if r:\n ri, (_, ric, rl) = r\n grid.add_row(str(li), lic, ll, \"\", str(ri), ric, rl)\n else:\n grid.add_row(str(li), lic, ll, \"\", \"\", \"\", \"\")\n\n console.print(Panel(\n grid,\n title=\"[bold magenta] Select a Category [/bold magenta]\",\n border_style=\"bright_magenta\",\n box=box.ROUNDED,\n padding=(0, 1),\n ))\n\n # ── ToolManager row ──\n tm_num = len(categories) + 1\n console.print(\n f\" [bold magenta] {tm_num}[/bold magenta] {update_def[1]} \"\n f\"[magenta]{update_def[2]}[/magenta]\"\n )\n\n # ── Claude-style dual-line prompt area ──\n console.print(Rule(style=\"dim magenta\"))\n console.print(\n \" [dim cyan]/[/dim cyan][dim]search[/dim] \"\n \"[dim cyan]t[/dim cyan] [dim]tags[/dim] \"\n \"[dim cyan]r[/dim cyan] [dim]recommend[/dim] \"\n \"[dim cyan]?[/dim cyan] [dim]help[/dim] \"\n \"[dim cyan]q[/dim cyan] [dim]quit[/dim]\"\n )\n\n\n# ── Search ─────────────────────────────────────────────────────────────────────\n\ndef _collect_all_tools() -> list[tuple]:\n \"\"\"Walk all collections and return (tool_instance, category_name) pairs.\"\"\"\n from core import HackingTool, HackingToolsCollection\n results = []\n\n def _walk(items, parent_title=\"\"):\n for item in items:\n if isinstance(item, HackingToolsCollection):\n _walk(item.TOOLS, item.TITLE)\n elif isinstance(item, HackingTool):\n results.append((item, parent_title))\n\n _walk(all_tools)\n return results\n\n\ndef _get_all_tags() -> dict[str, list[tuple]]:\n \"\"\"Build tag → [(tool, category)] index from all tools.\"\"\"\n import re\n _rules = {\n r'(osint|harvester|maigret|holehe|spiderfoot|sherlock|recon)': 'osint',\n r'(subdomain|subfinder|amass|sublist|subdomainfinder)': 'recon',\n r'(scanner|scan|nmap|masscan|rustscan|nikto|nuclei|trivy)': 'scanner',\n r'(brute|gobuster|ffuf|dirb|dirsearch|ferox|hashcat|john|kerbrute)': 'bruteforce',\n r'(web|http|proxy|zap|xss|sql|wafw00f|arjun|caido|mitmproxy)': 'web',\n r'(wireless|wifi|wlan|airgeddon|bettercap|wifite|fluxion|deauth)': 'wireless',\n r'(phish|social.media|evilginx|setoolkit|social.fish|social.engineer)': 'social-engineering',\n r'(c2|sliver|havoc|mythic|pwncat|reverse.shell|pyshell)': 'c2',\n r'(privesc|peass|linpeas|winpeas)': 'privesc',\n r'(tunnel|pivot|ligolo|chisel|proxy|anon)': 'network',\n r'(password|credential|hash|crack|secret|trufflehog|gitleaks)': 'credentials',\n r'(forensic|memory|volatility|binwalk|autopsy|wireshark|pspy)': 'forensics',\n r'(reverse.eng|ghidra|radare|jadx|androguard|apk)': 'reversing',\n r'(cloud|aws|azure|gcp|kubernetes|prowler|scout|pacu)': 'cloud',\n r'(mobile|android|ios|frida|mobsf|objection|droid)': 'mobile',\n r'(active.directory|bloodhound|netexec|impacket|responder|certipy|kerberos|winrm|smb|ldap)': 'active-directory',\n r'(ddos|dos|slowloris|goldeneye|ufonet)': 'ddos',\n r'(payload|msfvenom|fatrat|venom|stitch|enigma)': 'payload',\n r'(crawler|spider|katana|gospider)': 'crawler',\n }\n tag_index: dict[str, list[tuple]] = {}\n for tool, cat in _collect_all_tools():\n combined = f\"{tool.TITLE} {tool.DESCRIPTION}\".lower()\n # Manual tags first\n tool_tags = set(getattr(tool, \"TAGS\", []) or [])\n # Auto-derive tags from title/description\n for pattern, tag in _rules.items():\n if re.search(pattern, combined, re.IGNORECASE):\n tool_tags.add(tag)\n for t in tool_tags:\n tag_index.setdefault(t, []).append((tool, cat))\n return tag_index\n\n\ndef filter_by_tag():\n \"\"\"Show available tags, user picks one, show matching tools.\"\"\"\n tag_index = _get_all_tags()\n sorted_tags = sorted(tag_index.keys())\n\n # Show tags in a compact grid\n console.print(Panel(\n \" \".join(f\"[bold cyan]{t}[/bold cyan]([dim]{len(tag_index[t])}[/dim])\" for t in sorted_tags),\n title=\"[bold magenta] Available Tags [/bold magenta]\",\n border_style=\"magenta\", box=box.ROUNDED, padding=(0, 2),\n ))\n\n tag = Prompt.ask(\"[bold cyan]Enter tag[/bold cyan]\", default=\"\").strip().lower()\n if not tag or tag not in tag_index:\n if tag:\n console.print(f\"[dim]Tag '{tag}' not found.[/dim]\")\n Prompt.ask(\"[dim]Press Enter to return[/dim]\", default=\"\")\n return\n\n matches = tag_index[tag]\n table = Table(\n title=f\"Tools tagged '{tag}'\",\n box=box.SIMPLE_HEAD, show_lines=True,\n )\n table.add_column(\"No.\", justify=\"center\", style=\"bold cyan\", width=5)\n table.add_column(\"\", width=2)\n table.add_column(\"Tool\", style=\"bold yellow\", min_width=20)\n table.add_column(\"Category\", style=\"magenta\", min_width=15)\n\n for i, (tool, cat) in enumerate(matches, start=1):\n status = \"[green]✔[/green]\" if tool.is_installed else \"[dim]✘[/dim]\"\n table.add_row(str(i), status, tool.TITLE, cat)\n\n table.add_row(\"99\", \"\", \"Back to main menu\", \"\")\n console.print(table)\n\n raw = Prompt.ask(\"[bold cyan]>[/bold cyan]\", default=\"\").strip()\n if not raw or raw == \"99\":\n return\n try:\n idx = int(raw)\n except ValueError:\n return\n if 1 <= idx <= len(matches):\n tool, cat = matches[idx - 1]\n tool.show_options()\n\n\n_RECOMMENDATIONS = {\n \"scan a network\": [\"scanner\", \"port-scanner\"],\n \"find subdomains\": [\"recon\"],\n \"scan for vulnerabilities\": [\"scanner\", \"web\"],\n \"crack passwords\": [\"bruteforce\", \"credentials\"],\n \"find leaked secrets\": [\"credentials\"],\n \"phishing campaign\": [\"social-engineering\"],\n \"post exploitation\": [\"c2\", \"privesc\"],\n \"pivot through network\": [\"network\"],\n \"pentest active directory\": [\"active-directory\"],\n \"pentest web application\": [\"web\", \"scanner\"],\n \"pentest cloud\": [\"cloud\"],\n \"pentest mobile app\": [\"mobile\"],\n \"reverse engineer binary\": [\"reversing\"],\n \"capture wifi handshake\": [\"wireless\"],\n \"intercept http traffic\": [\"web\", \"network\"],\n \"forensic analysis\": [\"forensics\"],\n \"ddos testing\": [\"ddos\"],\n \"create payloads\": [\"payload\"],\n \"find xss vulnerabilities\": [\"web\"],\n \"brute force directories\": [\"bruteforce\", \"web\"],\n \"osint / recon a target\": [\"osint\", \"recon\"],\n \"hide my identity\": [\"network\"],\n}\n\n\ndef recommend_tools():\n \"\"\"Show common tasks, user picks one, show matching tools.\"\"\"\n table = Table(\n title=\"What do you want to do?\",\n box=box.SIMPLE_HEAD,\n )\n table.add_column(\"No.\", justify=\"center\", style=\"bold cyan\", width=5)\n table.add_column(\"Task\", style=\"bold yellow\")\n\n tasks = list(_RECOMMENDATIONS.keys())\n for i, task in enumerate(tasks, start=1):\n table.add_row(str(i), task.title())\n\n table.add_row(\"99\", \"Back to main menu\")\n console.print(table)\n\n raw = Prompt.ask(\"[bold cyan]>[/bold cyan]\", default=\"\").strip()\n if not raw or raw == \"99\":\n return\n\n try:\n idx = int(raw)\n except ValueError:\n return\n\n if 1 <= idx <= len(tasks):\n task = tasks[idx - 1]\n tag_names = _RECOMMENDATIONS[task]\n tag_index = _get_all_tags()\n\n # Collect unique tools across all matching tags\n seen = set()\n matches = []\n for tag in tag_names:\n for tool, cat in tag_index.get(tag, []):\n if id(tool) not in seen:\n seen.add(id(tool))\n matches.append((tool, cat))\n\n if not matches:\n console.print(\"[dim]No tools found for this task.[/dim]\")\n Prompt.ask(\"[dim]Press Enter to return[/dim]\", default=\"\")\n return\n\n console.print(Panel(\n f\"[bold]Recommended tools for: {task.title()}[/bold]\",\n border_style=\"green\", box=box.ROUNDED,\n ))\n\n rtable = Table(box=box.SIMPLE_HEAD, show_lines=True)\n rtable.add_column(\"No.\", justify=\"center\", style=\"bold cyan\", width=5)\n rtable.add_column(\"\", width=2)\n rtable.add_column(\"Tool\", style=\"bold yellow\", min_width=20)\n rtable.add_column(\"Category\", style=\"magenta\")\n\n for i, (tool, cat) in enumerate(matches, start=1):\n status = \"[green]✔[/green]\" if tool.is_installed else \"[dim]✘[/dim]\"\n rtable.add_row(str(i), status, tool.TITLE, cat)\n\n rtable.add_row(\"99\", \"\", \"Back\", \"\")\n console.print(rtable)\n\n raw2 = Prompt.ask(\"[bold cyan]>[/bold cyan]\", default=\"\").strip()\n if raw2 and raw2 != \"99\":\n try:\n ridx = int(raw2)\n if 1 <= ridx <= len(matches):\n matches[ridx - 1][0].show_options()\n except ValueError:\n pass\n\n\ndef search_tools(query: str | None = None):\n \"\"\"Search tools — accepts inline query or prompts for one.\"\"\"\n if query is None:\n query = Prompt.ask(\"[bold cyan]/ Search[/bold cyan]\", default=\"\").strip().lower()\n else:\n query = query.lower()\n if not query:\n return\n\n all_tool_list = _collect_all_tools()\n\n # Match against title + description + tags\n matches = []\n for tool, category in all_tool_list:\n title = (tool.TITLE or \"\").lower()\n desc = (tool.DESCRIPTION or \"\").lower()\n tags = \" \".join(getattr(tool, \"TAGS\", []) or []).lower()\n if query in title or query in desc or query in tags:\n matches.append((tool, category))\n\n if not matches:\n console.print(f\"[dim]No tools found matching '{query}'[/dim]\")\n Prompt.ask(\"[dim]Press Enter to return[/dim]\", default=\"\")\n return\n\n # Display results\n table = Table(\n title=f\"Search results for '{query}'\",\n box=box.SIMPLE_HEAD, show_lines=True,\n )\n table.add_column(\"No.\", justify=\"center\", style=\"bold cyan\", width=5)\n table.add_column(\"Tool\", style=\"bold yellow\", min_width=20)\n table.add_column(\"Category\", style=\"magenta\", min_width=15)\n table.add_column(\"Description\", style=\"white\", overflow=\"fold\")\n\n for i, (tool, cat) in enumerate(matches, start=1):\n desc = (tool.DESCRIPTION or \"—\").splitlines()[0]\n table.add_row(str(i), tool.TITLE, cat, desc)\n\n table.add_row(\"99\", \"Back to main menu\", \"\", \"\")\n console.print(table)\n\n raw = Prompt.ask(\"[bold cyan]>[/bold cyan]\", default=\"\").strip().lower()\n if not raw or raw == \"99\":\n return\n\n try:\n idx = int(raw)\n except ValueError:\n return\n\n if 1 <= idx <= len(matches):\n tool, cat = matches[idx - 1]\n console.print(Panel(\n f\"[bold magenta]{tool.TITLE}[/bold magenta] [dim]({cat})[/dim]\",\n border_style=\"magenta\", box=box.ROUNDED,\n ))\n tool.show_options()\n\n\n# ── Main interaction loop ──────────────────────────────────────────────────────\n\ndef interact_menu():\n while True:\n try:\n build_menu()\n raw = Prompt.ask(\n \"[bold magenta]╰─>[/bold magenta]\", default=\"\"\n ).strip()\n\n if not raw:\n continue\n\n raw_lower = raw.lower()\n\n if raw_lower in (\"?\", \"help\"):\n show_help()\n continue\n\n if raw.startswith(\"/\"):\n # Inline search: /subdomain → search immediately\n query = raw[1:].strip()\n search_tools(query=query if query else None)\n continue\n\n if raw_lower in (\"s\", \"search\"):\n search_tools()\n continue\n\n if raw_lower in (\"t\", \"tag\", \"tags\", \"filter\"):\n filter_by_tag()\n continue\n\n if raw_lower in (\"r\", \"rec\", \"recommend\"):\n recommend_tools()\n continue\n\n if raw_lower in (\"q\", \"quit\", \"exit\"):\n console.print(Panel(\n \"[bold white on magenta] Goodbye — Come Back Safely [/bold white on magenta]\",\n box=box.HEAVY, border_style=\"magenta\",\n ))\n break\n\n try:\n choice = int(raw_lower)\n except ValueError:\n console.print(\"[red]⚠ Invalid input — enter a number, /query to search, or q to quit.[/red]\")\n Prompt.ask(\"[dim]Press Enter to continue[/dim]\", default=\"\")\n continue\n\n if 1 <= choice <= len(all_tools):\n title, icon, _ = tool_definitions[choice - 1]\n console.print(Panel(\n f\"[bold magenta]{icon} {title}[/bold magenta]\",\n border_style=\"magenta\", box=box.ROUNDED,\n ))\n try:\n all_tools[choice - 1].show_options()\n except Exception as e:\n console.print(Panel(\n f\"[red]Error while opening {title}[/red]\\n{e}\",\n border_style=\"red\",\n ))\n Prompt.ask(\"[dim]Press Enter to return to main menu[/dim]\", default=\"\")\n else:\n console.print(f\"[red]⚠ Choose 1–{len(all_tools)}, ? for help, or q to quit.[/red]\")\n Prompt.ask(\"[dim]Press Enter to continue[/dim]\", default=\"\")\n\n except KeyboardInterrupt:\n console.print(\"\\n[bold red]Interrupted — exiting[/bold red]\")\n break\n\n\n# ── Entry point ────────────────────────────────────────────────────────────────\n\ndef main():\n try:\n from os_detect import CURRENT_OS\n\n if CURRENT_OS.system == \"windows\":\n console.print(Panel(\"[bold red]Please run this tool on Linux or macOS.[/bold red]\"))\n if Confirm.ask(\"Open guidance link in your browser?\", default=True):\n webbrowser.open_new_tab(f\"{REPO_WEB_URL}#windows\")\n return\n\n if CURRENT_OS.system not in (\"linux\", \"macos\"):\n console.print(f\"[yellow]Unsupported OS: {CURRENT_OS.system}. Proceeding anyway...[/yellow]\")\n\n get_tools_dir() # ensures ~/.hackingtool/tools/ exists\n interact_menu()\n\n except KeyboardInterrupt:\n console.print(\"\\n[bold red]Exiting...[/bold red]\")\n\n\nif __name__ == \"__main__\":\n main()\n" }, { "path": "images/demo", "content": "\n" }, { "path": "install.py", "content": "#!/usr/bin/env python3\nimport os\nimport sys\nimport shutil\nimport subprocess\nfrom pathlib import Path\n\n# ── Python version check (must be before any other local import) ──────────────\nif sys.version_info < (3, 10):\n print(\n f\"[ERROR] Python 3.10 or newer is required.\\n\"\n f\"You are running Python {sys.version_info.major}.{sys.version_info.minor}.\\n\"\n f\"Install with: sudo apt install python3.10\"\n )\n sys.exit(1)\n\nfrom rich.console import Console\nfrom rich.panel import Panel\nfrom rich.prompt import Confirm\nfrom rich.progress import Progress, SpinnerColumn, TextColumn\nfrom rich.text import Text\nfrom rich import box\n\nfrom constants import (\n REPO_URL, APP_INSTALL_DIR, APP_BIN_PATH,\n VERSION, VERSION_DISPLAY,\n USER_CONFIG_DIR, USER_TOOLS_DIR, USER_CONFIG_FILE,\n DEFAULT_CONFIG,\n)\nfrom os_detect import CURRENT_OS, REQUIRED_PACKAGES, PACKAGE_UPDATE_CMDS, PACKAGE_INSTALL_CMDS\n\nconsole = Console()\n\nVENV_DIR_NAME = \"venv\"\nREQUIREMENTS = \"requirements.txt\"\n\n\n# ── Privilege check ────────────────────────────────────────────────────────────\n\ndef check_root():\n if os.geteuid() != 0:\n console.print(Panel(\n \"[error]This installer must be run as root.\\n\"\n \"Use: [bold]sudo python3 install.py[/bold][/error]\",\n border_style=\"red\",\n ))\n sys.exit(1)\n\n\n# ── OS compatibility check ─────────────────────────────────────────────────────\n\ndef check_os_compatibility():\n \"\"\"Print detected OS info and exit on unsupported systems.\"\"\"\n info = CURRENT_OS\n console.print(\n f\"[dim]Detected: OS={info.system} | distro={info.distro_id or 'n/a'} | \"\n f\"pkg_mgr={info.pkg_manager or 'none'} | arch={info.arch}[/dim]\"\n )\n\n if info.system == \"windows\":\n console.print(Panel(\n \"[error]Windows is not supported natively.[/error]\\n\"\n \"Use WSL2 with a Kali or Ubuntu image.\",\n border_style=\"red\",\n ))\n sys.exit(1)\n\n if info.is_wsl:\n console.print(\"[warning]WSL detected. Wireless tools will NOT work in WSL.[/warning]\")\n\n if info.system == \"macos\":\n console.print(Panel(\n \"[warning]macOS support is partial.[/warning]\\n\"\n \"Network/wireless tools require Linux. OSINT and web tools work.\",\n border_style=\"yellow\",\n ))\n if not shutil.which(\"brew\"):\n console.print(\"[error]Homebrew not found. Install it first: https://brew.sh[/error]\")\n sys.exit(1)\n\n if not info.pkg_manager:\n console.print(\"[warning]No supported package manager found.[/warning]\")\n console.print(\"[dim]Supported: apt-get, pacman, dnf, zypper, apk, brew[/dim]\")\n\n\n# ── Internet check ─────────────────────────────────────────────────────────────\n\ndef check_internet() -> bool:\n console.print(\"[dim]Checking internet...[/dim]\")\n for host in (\"https://github.com\", \"https://www.google.com\"):\n r = subprocess.run(\n [\"curl\", \"-sSf\", \"--max-time\", \"8\", host],\n capture_output=True,\n )\n if r.returncode == 0:\n console.print(\"[success]✔ Internet connection OK[/success]\")\n return True\n console.print(\"[error]✘ No internet connection[/error]\")\n return False\n\n\n# ── System packages ────────────────────────────────────────────────────────────\n\ndef install_system_packages():\n mgr = CURRENT_OS.pkg_manager\n if not mgr:\n console.print(\"[warning]Skipping system packages — no package manager found.[/warning]\")\n return\n\n # Use sudo only when not already root (uid != 0).\n # Inside Docker we run as root and sudo is not installed.\n priv = \"\" if os.geteuid() == 0 else \"sudo \"\n\n # Update index first (skip for brew — not needed)\n if mgr != \"brew\":\n update_cmd = PACKAGE_UPDATE_CMDS.get(mgr, \"\")\n if update_cmd:\n console.print(f\"[dim]Updating package index ({mgr})...[/dim]\")\n subprocess.run(f\"{priv}{update_cmd}\", shell=True, check=False)\n\n packages = REQUIRED_PACKAGES.get(mgr, [])\n if not packages:\n return\n\n install_tpl = PACKAGE_INSTALL_CMDS[mgr]\n cmd = install_tpl.format(packages=\" \".join(packages))\n console.print(f\"[dim]Installing system dependencies ({mgr})...[/dim]\")\n result = subprocess.run(f\"{priv}{cmd}\", shell=True, check=False)\n if result.returncode != 0:\n console.print(\"[warning]Some packages failed — you may need to install them manually.[/warning]\")\n\n\n# ── App directory ──────────────────────────────────────────────────────────────\n\ndef _is_source_dir() -> bool:\n \"\"\"Check if install.py is being run from a local clone (hackingtool.py exists alongside it).\"\"\"\n return (Path(__file__).resolve().parent / \"hackingtool.py\").exists()\n\n\ndef prepare_install_dir():\n if APP_INSTALL_DIR.exists():\n console.print(f\"[warning]{APP_INSTALL_DIR} already exists.[/warning]\")\n if not Confirm.ask(\"Replace it? This removes the existing installation.\", default=False):\n console.print(\"[error]Installation aborted.[/error]\")\n sys.exit(1)\n subprocess.run([\"rm\", \"-rf\", str(APP_INSTALL_DIR)], check=True)\n APP_INSTALL_DIR.mkdir(parents=True, exist_ok=True)\n\n\ndef install_source() -> bool:\n \"\"\"Clone the repo or copy from local source if already in a clone.\"\"\"\n source_dir = Path(__file__).resolve().parent\n\n if _is_source_dir() and source_dir != APP_INSTALL_DIR:\n # Already in a local clone — copy instead of re-cloning\n console.print(f\"[dim]Copying source from {source_dir}...[/dim]\")\n # Remove first to ensure clean copy (prepare_install_dir may have created it)\n if APP_INSTALL_DIR.exists():\n subprocess.run([\"rm\", \"-rf\", str(APP_INSTALL_DIR)], check=True)\n subprocess.run([\"cp\", \"-a\", str(source_dir), str(APP_INSTALL_DIR)], check=True)\n # Fix ownership so git doesn't complain about \"dubious ownership\"\n subprocess.run([\"chown\", \"-R\", \"root:root\", str(APP_INSTALL_DIR)], check=False)\n console.print(\"[success]✔ Source copied (no re-clone needed)[/success]\")\n return True\n\n # Not running from source — clone from GitHub\n console.print(f\"[dim]Cloning {REPO_URL}...[/dim]\")\n r = subprocess.run([\"git\", \"clone\", \"--depth\", \"1\", REPO_URL, str(APP_INSTALL_DIR)], check=False)\n if r.returncode == 0:\n console.print(\"[success]✔ Repository cloned[/success]\")\n return True\n console.print(\"[error]✘ Failed to clone repository[/error]\")\n return False\n\n\n# ── Python venv ────────────────────────────────────────────────────────────────\n\ndef create_venv_and_install():\n venv_path = APP_INSTALL_DIR / VENV_DIR_NAME\n console.print(\"[dim]Creating virtual environment...[/dim]\")\n subprocess.run([sys.executable, \"-m\", \"venv\", str(venv_path)], check=True)\n\n pip = str(venv_path / \"bin\" / \"pip\")\n req = APP_INSTALL_DIR / REQUIREMENTS\n if req.exists():\n console.print(\"[dim]Installing Python requirements...[/dim]\")\n subprocess.run([pip, \"install\", \"--quiet\", \"-r\", str(req)], check=False)\n else:\n console.print(\"[warning]requirements.txt not found — skipping pip install.[/warning]\")\n\n\n# ── Launcher script ────────────────────────────────────────────────────────────\n\ndef create_launcher():\n launcher = APP_INSTALL_DIR / \"hackingtool.sh\"\n launcher.write_text(\n \"#!/bin/bash\\n\"\n f'source \"{APP_INSTALL_DIR / VENV_DIR_NAME}/bin/activate\"\\n'\n f'python3 \"{APP_INSTALL_DIR / \"hackingtool.py\"}\" \"$@\"\\n'\n )\n launcher.chmod(0o755)\n if APP_BIN_PATH.exists():\n APP_BIN_PATH.unlink()\n shutil.move(str(launcher), str(APP_BIN_PATH))\n console.print(f\"[success]✔ Launcher installed at {APP_BIN_PATH}[/success]\")\n\n\n# ── User directories ───────────────────────────────────────────────────────────\n\ndef create_user_directories():\n \"\"\"\n Create ~/.hackingtool/ and write initial config.json.\n Uses Path.home() — always correct regardless of username or OS.\n Safe to run as root (creates /root/.hackingtool/) or as a normal user.\n \"\"\"\n import json\n USER_CONFIG_DIR.mkdir(parents=True, exist_ok=True)\n USER_TOOLS_DIR.mkdir(parents=True, exist_ok=True)\n if not USER_CONFIG_FILE.exists():\n USER_CONFIG_FILE.write_text(json.dumps(DEFAULT_CONFIG, indent=2, sort_keys=True))\n console.print(f\"[success]✔ Config created at {USER_CONFIG_FILE}[/success]\")\n console.print(f\"[success]✔ Tools directory: {USER_TOOLS_DIR}[/success]\")\n\n\n# ── Entry point ────────────────────────────────────────────────────────────────\n\ndef main():\n check_root()\n console.clear()\n\n console.print(Panel(\n Text(f\"HackingTool Installer {VERSION_DISPLAY}\", style=\"bold magenta\"),\n box=box.DOUBLE, border_style=\"bright_magenta\",\n ))\n\n check_os_compatibility()\n\n if not check_internet():\n sys.exit(1)\n\n with Progress(SpinnerColumn(), TextColumn(\"[progress.description]{task.description}\")) as p:\n p.add_task(\"Installing system packages...\", total=None)\n install_system_packages()\n\n prepare_install_dir()\n\n if not install_source():\n sys.exit(1)\n\n with Progress(SpinnerColumn(), TextColumn(\"[progress.description]{task.description}\")) as p:\n p.add_task(\"Setting up virtualenv & requirements...\", total=None)\n create_venv_and_install()\n\n create_launcher()\n create_user_directories()\n\n console.print(Panel(\n \"[bold magenta]Installation complete![/bold magenta]\\n\\n\"\n \"Type [bold cyan]hackingtool[/bold cyan] in a terminal to start.\",\n border_style=\"magenta\",\n ))\n\n\nif __name__ == \"__main__\":\n try:\n main()\n except KeyboardInterrupt:\n console.print(\"\\n[error]Installation interrupted.[/error]\")\n sys.exit(1)\n except subprocess.CalledProcessError as e:\n console.print(f\"[error]Command failed: {e}[/error]\")\n sys.exit(1)\n" }, { "path": "install.sh", "content": "#!/usr/bin/env bash\n# ──────────────────────────────────────────────────────────────────────────────\n# HackingTool — One-liner installer\n#\n# Usage:\n# curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash\n#\n# What it does:\n# 1. Checks prerequisites (Python 3.10+, git, pip, venv)\n# 2. Clones the repository to /usr/share/hackingtool\n# 3. Creates a Python venv and installs requirements\n# 4. Creates a launcher at /usr/bin/hackingtool\n# 5. Creates user directories at ~/.hackingtool/\n# ──────────────────────────────────────────────────────────────────────────────\nset -euo pipefail\n\nREPO_URL=\"https://github.com/Z4nzu/hackingtool.git\"\nINSTALL_DIR=\"/usr/share/hackingtool\"\nBIN_PATH=\"/usr/bin/hackingtool\"\nCONFIG_DIR=\"${SUDO_USER:+$(eval echo ~\"$SUDO_USER\")}/.hackingtool\"\n# Fallback if not run via sudo\n: \"${CONFIG_DIR:=$HOME/.hackingtool}\"\n\nRED='\\033[0;31m'\nGREEN='\\033[0;32m'\nYELLOW='\\033[1;33m'\nCYAN='\\033[0;36m'\nBOLD='\\033[1m'\nRESET='\\033[0m'\n\ninfo() { echo -e \"${CYAN}[*]${RESET} $1\"; }\nok() { echo -e \"${GREEN}[✔]${RESET} $1\"; }\nwarn() { echo -e \"${YELLOW}[!]${RESET} $1\"; }\nfail() { echo -e \"${RED}[✘]${RESET} $1\"; exit 1; }\n\n# ── Root check ────────────────────────────────────────────────────────────────\nif [ \"$(id -u)\" -ne 0 ]; then\n fail \"This installer must be run as root.\\n Usage: curl -sSL | ${BOLD}sudo${RESET} bash\"\nfi\n\necho \"\"\necho -e \"${BOLD}${CYAN} ⚔ HackingTool Installer${RESET}\"\necho -e \" ─────────────────────────────────────\"\necho \"\"\n\n# ── Detect package manager ────────────────────────────────────────────────────\nif command -v apt-get &>/dev/null; then\n PKG_MGR=\"apt-get\"\n PKG_UPDATE=\"apt-get update -qq\"\n PKG_INSTALL=\"apt-get install -y -qq\"\nelif command -v pacman &>/dev/null; then\n PKG_MGR=\"pacman\"\n PKG_UPDATE=\"pacman -Sy --noconfirm\"\n PKG_INSTALL=\"pacman -S --noconfirm --needed\"\nelif command -v dnf &>/dev/null; then\n PKG_MGR=\"dnf\"\n PKG_UPDATE=\"true\"\n PKG_INSTALL=\"dnf install -y -q\"\nelif command -v brew &>/dev/null; then\n PKG_MGR=\"brew\"\n PKG_UPDATE=\"true\"\n PKG_INSTALL=\"brew install\"\nelse\n fail \"No supported package manager found (need apt-get, pacman, dnf, or brew).\"\nfi\ninfo \"Package manager: ${BOLD}$PKG_MGR${RESET}\"\n\n# ── Install system prerequisites ──────────────────────────────────────────────\ninfo \"Installing prerequisites...\"\n$PKG_UPDATE 2>/dev/null || true\n\nfor pkg in git curl python3 python3-pip python3-venv; do\n if [ \"$PKG_MGR\" = \"pacman\" ]; then\n case \"$pkg\" in\n python3) pkg=\"python\" ;;\n python3-pip) pkg=\"python-pip\" ;;\n python3-venv) continue ;; # included in python on Arch\n esac\n elif [ \"$PKG_MGR\" = \"brew\" ]; then\n case \"$pkg\" in\n python3-pip|python3-venv) continue ;; # included in python3 on macOS\n esac\n elif [ \"$PKG_MGR\" = \"dnf\" ]; then\n case \"$pkg\" in\n python3-venv) continue ;; # included in python3 on Fedora\n esac\n fi\n $PKG_INSTALL \"$pkg\" 2>/dev/null || warn \"Could not install $pkg — may already be present\"\ndone\n\n# ── Python version check ─────────────────────────────────────────────────────\nPYTHON_VERSION=$(python3 -c 'import sys; print(f\"{sys.version_info.major}.{sys.version_info.minor}\")' 2>/dev/null || echo \"0.0\")\nPYTHON_MAJOR=$(echo \"$PYTHON_VERSION\" | cut -d. -f1)\nPYTHON_MINOR=$(echo \"$PYTHON_VERSION\" | cut -d. -f2)\n\nif [ \"$PYTHON_MAJOR\" -lt 3 ] || { [ \"$PYTHON_MAJOR\" -eq 3 ] && [ \"$PYTHON_MINOR\" -lt 10 ]; }; then\n fail \"Python 3.10+ required. Found: Python $PYTHON_VERSION\"\nfi\nok \"Python $PYTHON_VERSION\"\n\n# ── Clone repository ──────────────────────────────────────────────────────────\nif [ -d \"$INSTALL_DIR\" ]; then\n warn \"$INSTALL_DIR already exists.\"\n read -rp \" Replace it? [y/N] \" answer\n if [[ \"$answer\" =~ ^[Yy] ]]; then\n rm -rf \"$INSTALL_DIR\"\n else\n fail \"Installation aborted.\"\n fi\nfi\n\ninfo \"Cloning repository...\"\ngit clone --depth 1 \"$REPO_URL\" \"$INSTALL_DIR\" 2>/dev/null\nok \"Cloned to $INSTALL_DIR\"\n\n# ── Python venv + requirements ────────────────────────────────────────────────\ninfo \"Creating virtual environment...\"\npython3 -m venv \"$INSTALL_DIR/venv\"\n\ninfo \"Installing Python dependencies...\"\n\"$INSTALL_DIR/venv/bin/pip\" install --quiet -r \"$INSTALL_DIR/requirements.txt\" 2>/dev/null\nok \"Dependencies installed\"\n\n# ── Create launcher ──────────────────────────────────────────────────────────\ncat > \"$BIN_PATH\" << 'LAUNCHER'\n#!/bin/bash\nsource \"/usr/share/hackingtool/venv/bin/activate\"\npython3 \"/usr/share/hackingtool/hackingtool.py\" \"$@\"\nLAUNCHER\nchmod 755 \"$BIN_PATH\"\nok \"Launcher installed at $BIN_PATH\"\n\n# ── User directories ─────────────────────────────────────────────────────────\nmkdir -p \"$CONFIG_DIR/tools\"\nif [ ! -f \"$CONFIG_DIR/config.json\" ]; then\n cat > \"$CONFIG_DIR/config.json\" << CONF\n{\n \"tools_dir\": \"$CONFIG_DIR/tools\",\n \"version\": \"2.0.0\"\n}\nCONF\nfi\n# Fix ownership if run via sudo\nif [ -n \"${SUDO_USER:-}\" ]; then\n chown -R \"$SUDO_USER:$SUDO_USER\" \"$CONFIG_DIR\"\nfi\nok \"User config: $CONFIG_DIR\"\n\n# ── Done ──────────────────────────────────────────────────────────────────────\necho \"\"\necho -e \"${GREEN}${BOLD} ✔ Installation complete!${RESET}\"\necho -e \" Type ${BOLD}${CYAN}hackingtool${RESET} to start.\"\necho \"\"" }, { "path": "os_detect.py", "content": "import platform\nimport shutil\nfrom dataclasses import dataclass, field\nfrom pathlib import Path\n\n\n@dataclass\nclass OSInfo:\n system: str # \"linux\", \"macos\", \"windows\", \"unknown\"\n distro_id: str = \"\" # \"kali\", \"ubuntu\", \"arch\", \"fedora\", etc.\n distro_like: str = \"\" # \"debian\", \"rhel\", etc. (from ID_LIKE)\n distro_version: str = \"\" # \"2024.1\", \"22.04\", etc.\n pkg_manager: str = \"\" # \"apt-get\", \"pacman\", \"dnf\", \"brew\", etc.\n is_root: bool = False\n home_dir: Path = field(default_factory=Path.home)\n is_wsl: bool = False # Windows Subsystem for Linux\n arch: str = \"\" # \"x86_64\", \"aarch64\", \"arm64\"\n\n\ndef detect() -> OSInfo:\n \"\"\"\n Fully detect the current OS, distro, and available package manager.\n Never asks the user — entirely automatic.\n \"\"\"\n import os\n\n system_raw = platform.system()\n system = system_raw.lower()\n if system == \"darwin\":\n system = \"macos\"\n\n info = OSInfo(\n system = system,\n is_root = (os.geteuid() == 0) if hasattr(os, \"geteuid\") else False,\n home_dir = Path.home(),\n arch = platform.machine(),\n )\n\n # ── Linux-specific ─────────────────────────────────────────────────────────\n if system == \"linux\":\n # Detect WSL\n try:\n info.is_wsl = \"microsoft\" in Path(\"/proc/version\").read_text().lower()\n except (FileNotFoundError, PermissionError):\n pass\n\n # Read /etc/os-release (standard on all modern distros)\n os_release: dict[str, str] = {}\n for path in (\"/etc/os-release\", \"/usr/lib/os-release\"):\n try:\n for line in Path(path).read_text().splitlines():\n k, _, v = line.partition(\"=\")\n os_release[k.strip()] = v.strip().strip('\"')\n break\n except FileNotFoundError:\n continue\n\n info.distro_id = os_release.get(\"ID\", \"\").lower()\n info.distro_like = os_release.get(\"ID_LIKE\", \"\").lower()\n info.distro_version = os_release.get(\"VERSION_ID\", \"\")\n\n # ── Package manager detection (in priority order) ──────────────────────────\n for mgr in (\"apt-get\", \"pacman\", \"dnf\", \"zypper\", \"apk\", \"brew\", \"pkg\"):\n if shutil.which(mgr):\n info.pkg_manager = mgr\n break\n\n return info\n\n\n# Module-level singleton — computed once on import\nCURRENT_OS: OSInfo = detect()\n\n\n# ── Per-OS package manager commands ────────────────────────────────────────────\nPACKAGE_INSTALL_CMDS: dict[str, str] = {\n \"apt-get\": \"apt-get install -y {packages}\",\n \"pacman\": \"pacman -S --noconfirm {packages}\",\n \"dnf\": \"dnf install -y {packages}\",\n \"zypper\": \"zypper install -y {packages}\",\n \"apk\": \"apk add {packages}\",\n \"brew\": \"brew install {packages}\",\n \"pkg\": \"pkg install -y {packages}\",\n}\n\nPACKAGE_UPDATE_CMDS: dict[str, str] = {\n \"apt-get\": \"apt-get update -qq && apt-get upgrade -y\",\n \"pacman\": \"pacman -Syu --noconfirm\",\n \"dnf\": \"dnf upgrade -y\",\n \"zypper\": \"zypper update -y\",\n \"apk\": \"apk update && apk upgrade\",\n \"brew\": \"brew update && brew upgrade\",\n \"pkg\": \"pkg update && pkg upgrade -y\",\n}\n\n# Core system packages needed per package manager\nREQUIRED_PACKAGES: dict[str, list[str]] = {\n \"apt-get\": [\"git\", \"python3-pip\", \"python3-venv\", \"curl\", \"wget\",\n \"ruby\", \"ruby-dev\", \"golang-go\", \"php\", \"default-jre-headless\"],\n \"pacman\": [\"git\", \"python-pip\", \"curl\", \"wget\",\n \"ruby\", \"go\", \"php\", \"jre-openjdk-headless\"],\n \"dnf\": [\"git\", \"python3-pip\", \"curl\", \"wget\",\n \"ruby\", \"golang\", \"php\", \"java-17-openjdk-headless\"],\n \"zypper\": [\"git\", \"python3-pip\", \"curl\", \"wget\", \"ruby\", \"go\", \"php\"],\n \"brew\": [\"git\", \"python3\", \"curl\", \"wget\", \"ruby\", \"go\", \"php\"],\n \"pkg\": [\"git\", \"python3\", \"py39-pip\", \"curl\", \"wget\", \"ruby\", \"go\", \"php83\"],\n}\n\n\ndef install_packages(packages: list[str], os_info: OSInfo | None = None) -> bool:\n \"\"\"Install system packages using the detected package manager.\"\"\"\n import subprocess\n if os_info is None:\n os_info = CURRENT_OS\n\n mgr = os_info.pkg_manager\n if mgr not in PACKAGE_INSTALL_CMDS:\n print(f\"[warning] Unknown package manager. Install manually: {packages}\")\n return False\n\n cmd_template = PACKAGE_INSTALL_CMDS[mgr]\n pkg_str = \" \".join(packages)\n cmd = cmd_template.format(packages=pkg_str)\n\n # Prepend privilege escalation only on Linux (brew on macOS doesn't need sudo)\n if os_info.system == \"linux\" and not os_info.is_root:\n from constants import PRIV_CMD\n cmd = f\"{PRIV_CMD} {cmd}\"\n\n result = subprocess.run(cmd, shell=True, check=False)\n return result.returncode == 0" }, { "path": "requirements.txt", "content": "# Python dependencies for hackingtool\n# boxes and lolcat are system CLI tools, not pip packages — install via apt/brew\n# flask is unused — removed\n# requests is unused at runtime — removed\nrich>=13.0.0\n" }, { "path": "tools/__init__.py", "content": "" }, { "path": "tools/active_directory.py", "content": "from core import HackingTool\nfrom core import HackingToolsCollection\n\n\nclass BloodHound(HackingTool):\n TITLE = \"BloodHound (AD Attack Paths)\"\n DESCRIPTION = \"Uses graph theory to reveal hidden attack paths in Active Directory/Azure environments.\"\n INSTALL_COMMANDS = [\n \"pip install --user bloodhound\",\n \"sudo apt-get install -y neo4j\",\n ]\n RUN_COMMANDS = [\"bloodhound-python --help\"]\n PROJECT_URL = \"https://github.com/BloodHoundAD/BloodHound\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass NetExec(HackingTool):\n TITLE = \"NetExec — nxc (Network Pentesting)\"\n DESCRIPTION = \"Swiss army knife for pentesting Windows/AD networks. Successor to CrackMapExec.\"\n INSTALL_COMMANDS = [\"pip install --user netexec\"]\n RUN_COMMANDS = [\"nxc --help\"]\n PROJECT_URL = \"https://github.com/Pennyw0rth/NetExec\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Impacket(HackingTool):\n TITLE = \"Impacket (Network Protocol Tools)\"\n DESCRIPTION = \"Python classes for working with SMB, MSRPC, Kerberos, LDAP, and more.\"\n INSTALL_COMMANDS = [\"pip install --user impacket\"]\n RUN_COMMANDS = [\"impacket-smbclient --help\"]\n PROJECT_URL = \"https://github.com/fortra/impacket\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Responder(HackingTool):\n TITLE = \"Responder (LLMNR/NBT-NS Poisoner)\"\n DESCRIPTION = \"LLMNR/NBT-NS/MDNS poisoner with rogue authentication servers for credential capture.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/lgandx/Responder.git\"]\n RUN_COMMANDS = [\"cd Responder && sudo python3 Responder.py --help\"]\n PROJECT_URL = \"https://github.com/lgandx/Responder\"\n SUPPORTED_OS = [\"linux\"]\n\n\nclass Certipy(HackingTool):\n TITLE = \"Certipy (AD Certificate Abuse)\"\n DESCRIPTION = \"Active Directory Certificate Services enumeration and abuse tool.\"\n INSTALL_COMMANDS = [\"pip install --user certipy-ad\"]\n RUN_COMMANDS = [\"certipy --help\"]\n PROJECT_URL = \"https://github.com/ly4k/Certipy\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Kerbrute(HackingTool):\n TITLE = \"Kerbrute (Kerberos Brute Force)\"\n DESCRIPTION = \"Kerberos pre-auth brute-forcer for username enumeration and password spraying.\"\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install github.com/ropnop/kerbrute@latest\",\n ]\n RUN_COMMANDS = [\"kerbrute --help\"]\n PROJECT_URL = \"https://github.com/ropnop/kerbrute\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass ActiveDirectoryTools(HackingToolsCollection):\n TITLE = \"Active Directory Tools\"\n DESCRIPTION = \"Tools for AD enumeration, attack path discovery, and credential attacks.\"\n TOOLS = [\n BloodHound(),\n NetExec(),\n Impacket(),\n Responder(),\n Certipy(),\n Kerbrute(),\n ]" }, { "path": "tools/anonsurf.py", "content": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass AnonymouslySurf(HackingTool):\n TITLE = \"Anonymously Surf\"\n DESCRIPTION = (\n \"It automatically overwrites the RAM when the system shuts down\\n\"\n \"and also changes your IP address.\"\n )\n # Bug 28 fix: was \"cd kali-anonsurf && ./installer.sh && cd .. && sudo rm -r kali-anonsurf\"\n # Deleting the source on install means there is no retry if install fails.\n # Now kept in a separate step so failure does not destroy the source.\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Und3rf10w/kali-anonsurf.git\",\n \"cd kali-anonsurf && sudo ./installer.sh\",\n ]\n RUN_COMMANDS = [\"sudo anonsurf start\"]\n PROJECT_URL = \"https://github.com/Und3rf10w/kali-anonsurf\"\n SUPPORTED_OS = [\"linux\"]\n\n def __init__(self):\n super().__init__([(\"Stop\", self.stop)])\n\n def stop(self):\n import subprocess\n console.print(\"[bold magenta]Stopping Anonsurf...[/bold magenta]\")\n subprocess.run([\"sudo\", \"anonsurf\", \"stop\"])\n\n\nclass Multitor(HackingTool):\n TITLE = \"Multitor\"\n DESCRIPTION = \"How to stay in multi places at the same time.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/trimstray/multitor.git\",\n \"cd multitor && sudo bash setup.sh install\",\n ]\n RUN_COMMANDS = [\n \"multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy\"\n ]\n PROJECT_URL = \"https://github.com/trimstray/multitor\"\n SUPPORTED_OS = [\"linux\"]\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass AnonSurfTools(HackingToolsCollection):\n TITLE = \"Anonymously Hiding Tools\"\n TOOLS = [\n AnonymouslySurf(),\n Multitor(),\n ]\n\n\nif __name__ == \"__main__\":\n tools = AnonSurfTools()\n tools.show_options()\n" }, { "path": "tools/cloud_security.py", "content": "from core import HackingTool\nfrom core import HackingToolsCollection\n\n\nclass Prowler(HackingTool):\n TITLE = \"Prowler (Cloud Security Scanner)\"\n DESCRIPTION = \"Open-source security tool for AWS, Azure, GCP, and Kubernetes assessments.\"\n INSTALL_COMMANDS = [\"pip install --user prowler\"]\n RUN_COMMANDS = [\"prowler --help\"]\n PROJECT_URL = \"https://github.com/prowler-cloud/prowler\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass ScoutSuite(HackingTool):\n TITLE = \"ScoutSuite (Multi-Cloud Auditing)\"\n DESCRIPTION = \"Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba, and Oracle.\"\n INSTALL_COMMANDS = [\"pip install --user scoutsuite\"]\n RUN_COMMANDS = [\"scout --help\"]\n PROJECT_URL = \"https://github.com/nccgroup/ScoutSuite\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Pacu(HackingTool):\n TITLE = \"Pacu (AWS Exploitation Framework)\"\n DESCRIPTION = \"AWS exploitation framework for offensive security testing of AWS environments.\"\n INSTALL_COMMANDS = [\"pip install --user pacu\"]\n RUN_COMMANDS = [\"pacu --help\"]\n PROJECT_URL = \"https://github.com/RhinoSecurityLabs/pacu\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Trivy(HackingTool):\n TITLE = \"Trivy (Container/K8s Scanner)\"\n DESCRIPTION = \"Comprehensive vulnerability scanner for containers, Kubernetes, IaC, and code.\"\n INSTALL_COMMANDS = [\n \"curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin\",\n ]\n RUN_COMMANDS = [\"trivy --help\"]\n PROJECT_URL = \"https://github.com/aquasecurity/trivy\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass CloudSecurityTools(HackingToolsCollection):\n TITLE = \"Cloud Security Tools\"\n DESCRIPTION = \"Tools for cloud infrastructure security assessment and exploitation.\"\n TOOLS = [\n Prowler(),\n ScoutSuite(),\n Pacu(),\n Trivy(),\n ]\n" }, { "path": "tools/ddos.py", "content": "import subprocess\n\nfrom rich.prompt import Prompt\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass DDoSTool(HackingTool):\n TITLE = \"DDoS\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"Best DDoS Attack Script With 36 Plus Methods. \"\n \"DDoS attacks for SECURITY TESTING PURPOSES ONLY!\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/the-deepnet/ddos.git\",\n \"cd ddos && sudo pip3 install -r requirements.txt\",\n ]\n PROJECT_URL = \"https://github.com/the-deepnet/ddos\"\n\n def run(self):\n from config import get_tools_dir\n method = Prompt.ask(\"Enter Method\")\n url = Prompt.ask(\"Enter URL\")\n threads = Prompt.ask(\"Enter Threads\")\n proxylist = Prompt.ask(\"Enter ProxyList\")\n multiple = Prompt.ask(\"Enter Multiple\")\n timer = Prompt.ask(\"Enter Timer\")\n # Bug 4 fix: removed os.system(\"cd ddos;\") — use cwd= instead\n subprocess.run(\n [\"sudo\", \"python3\", \"ddos.py\", method, url,\n \"socks_type5.4.1\", threads, proxylist, multiple, timer],\n cwd=str(get_tools_dir() / \"ddos\"),\n )\n\n\nclass SlowLoris(HackingTool):\n TITLE = \"SlowLoris\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"Slowloris is basically an HTTP Denial of Service attack. \"\n \"It sends lots of HTTP requests.\"\n )\n INSTALL_COMMANDS = [\"sudo pip3 install slowloris\"]\n\n def run(self):\n target_site = Prompt.ask(\"Enter Target Site\")\n subprocess.run([\"slowloris\", target_site])\n\n\nclass Asyncrone(HackingTool):\n TITLE = \"Asyncrone | Multifunction SYN Flood DDoS Weapon\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"aSYNcrone is a C language based, multifunction SYN Flood DDoS Weapon.\\n\"\n \"Disable the destination system by sending SYN packets intensively.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/fatih4842/aSYNcrone.git\",\n \"cd aSYNcrone && sudo gcc aSYNcrone.c -o aSYNcrone -lpthread\",\n ]\n PROJECT_URL = \"https://github.com/fatihsnsy/aSYNcrone\"\n\n def run(self):\n from config import get_tools_dir\n source_port = Prompt.ask(\"Enter Source Port\")\n target_ip = Prompt.ask(\"Enter Target IP\")\n target_port = Prompt.ask(\"Enter Target Port\")\n # Bug 5 fix: 1000 was int — subprocess requires all args str\n # Bug 4 fix: removed os.system(\"cd aSYNcrone;\") — use cwd= instead\n subprocess.run(\n [\"sudo\", \"./aSYNcrone\", str(source_port), str(target_ip), str(target_port), \"1000\"],\n cwd=str(get_tools_dir() / \"aSYNcrone\"),\n )\n\n\nclass UFONet(HackingTool):\n TITLE = \"UFOnet\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"UFONet is a free software, P2P and cryptographic disruptive toolkit \"\n \"that allows performing DoS and DDoS attacks.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/epsylon/ufonet.git\",\n \"cd ufonet && pip install --user .\",\n ]\n RUN_COMMANDS = [\"python3 ufonet --gui\"]\n PROJECT_URL = \"https://github.com/epsylon/ufonet\"\n\n\nclass GoldenEye(HackingTool):\n TITLE = \"GoldenEye\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"GoldenEye is a python3 app for SECURITY TESTING PURPOSES ONLY!\\n\"\n \"GoldenEye is a HTTP DoS Test Tool.\\n\"\n \"Usage: ./goldeneye.py [OPTIONS]\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/jseidl/GoldenEye.git\",\n \"chmod -R 755 GoldenEye\",\n ]\n PROJECT_URL = \"https://github.com/jseidl/GoldenEye\"\n\n def run(self):\n from config import get_tools_dir\n # Bug 4 fix: removed os.system(\"cd GoldenEye; ...\") — no-op cd subshell\n url = Prompt.ask(\"Enter target URL\")\n subprocess.run([\"sudo\", \"./goldeneye.py\", url],\n cwd=str(get_tools_dir() / \"GoldenEye\"))\n\n\nclass Saphyra(HackingTool):\n TITLE = \"SaphyraDDoS\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"A Python DDoS script for SECURITY TESTING PURPOSES ONLY.\"\n INSTALL_COMMANDS = [\n # Bug 7 fix: removed \"sudo su\" (first step was dropping into interactive root shell)\n \"git clone https://github.com/anonymous24x7/Saphyra-DDoS.git\",\n \"chmod +x Saphyra-DDoS/saphyra.py\",\n ]\n PROJECT_URL = \"https://github.com/anonymous24x7/Saphyra-DDoS\"\n\n def run(self):\n from config import get_tools_dir\n url = Prompt.ask(\"Enter URL\")\n # Vuln 1 fix: was os.system(\"python saphyra.py \" + url) — command injection\n # Now uses subprocess list form — url is never interpolated into a shell string\n subprocess.run(\n [\"python3\", \"saphyra.py\", url],\n cwd=str(get_tools_dir() / \"Saphyra-DDoS\"),\n )\n\n\nclass DDOSTools(HackingToolsCollection):\n TITLE = \"DDOS Attack Tools\"\n TOOLS = [DDoSTool(), SlowLoris(), Asyncrone(), UFONet(), GoldenEye(), Saphyra()]\n\n\nif __name__ == \"__main__\":\n tools = DDOSTools()\n tools.show_options()\n" }, { "path": "tools/exploit_frameworks.py", "content": "from core import HackingTool, HackingToolsCollection, console\nfrom tools.web_attack import Web2Attack\n\nfrom rich.panel import Panel\nfrom rich.text import Text\nfrom rich.prompt import Prompt\n\n\nclass RouterSploit(HackingTool):\n TITLE = \"RouterSploit\"\n DESCRIPTION = \"The RouterSploit Framework is an open-source exploitation \" \\\n \"framework dedicated to embedded devices\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/threat9/routersploit.git\",\n \"cd routersploit && sudo python3 -m pip install -r requirements.txt\"\n ]\n RUN_COMMANDS = [\"cd routersploit && sudo python3 rsf.py\"]\n PROJECT_URL = \"https://github.com/threat9/routersploit\"\n\n\nclass WebSploit(HackingTool):\n TITLE = \"WebSploit\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Websploit is an advanced MITM framework.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/The404Hacking/websploit.git;cd websploit/Setup;sudo chmod +x install.sh && sudo bash install.sh\"\n ]\n RUN_COMMANDS = [\"sudo websploit\"]\n PROJECT_URL = \"https://github.com/The404Hacking/websploit \"\n\n\nclass Commix(HackingTool):\n TITLE = \"Commix\"\n DESCRIPTION = \"Automated All-in-One OS command injection and exploitation \" \\\n \"tool.\\nCommix can be used from web developers, penetration \" \\\n \"testers or even security researchers\\n in order to test \" \\\n \"web-based applications with the view to find bugs,\\n \" \\\n \"errors or vulnerabilities related to command injection \" \\\n \"attacks.\\n Usage: python commix.py [option(s)]\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/commixproject/commix.git commix\",\n # Bug 26 fix: was \"sudo python setup.py install\" (Python 2)\n \"cd commix && pip install --user .\",\n ]\n # Bug 26 fix: was \"sudo python commix.py --wizard\" (Python 2)\n RUN_COMMANDS = [\"cd commix && sudo python3 commix.py --wizard\"]\n PROJECT_URL = \"https://github.com/commixproject/commix\"\n\n def __init__(self):\n # Py3-4 fix: super(Commix, self) → super()\n super().__init__(runnable=False)\n\n\nclass ExploitFrameworkTools(HackingToolsCollection):\n TITLE = \"Exploit framework\"\n TOOLS = [\n RouterSploit(),\n WebSploit(),\n Commix(),\n Web2Attack()\n ]\n\nif __name__ == \"__main__\":\n tools = ExploitFrameworkTools()\n tools.show_options()\n" }, { "path": "tools/forensics.py", "content": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.text import Text\nfrom rich.prompt import Prompt\n\n\nclass Autopsy(HackingTool):\n TITLE = \"Autopsy\"\n DESCRIPTION = \"Autopsy is a platform that is used by Cyber Investigators.\\n\" \\\n \"[!] Works in any OS\\n\" \\\n \"[!] Recover Deleted Files from any OS & Media \\n\" \\\n \"[!] Extract Image Metadata\"\n RUN_COMMANDS = [\"sudo autopsy\"]\n\n def __init__(self):\n super().__init__(installable=False)\n\n\nclass Wireshark(HackingTool):\n TITLE = \"Wireshark\"\n DESCRIPTION = \"Wireshark is a network capture and analyzer \\n\" \\\n \"tool to see what’s happening in your network.\\n \" \\\n \"And also investigate Network related incident\"\n RUN_COMMANDS = [\"sudo wireshark\"]\n\n def __init__(self):\n super().__init__(installable=False)\n\n\nclass BulkExtractor(HackingTool):\n TITLE = \"Bulk extractor\"\n DESCRIPTION = \"Extract useful information without parsing the file system\"\n PROJECT_URL = \"https://github.com/simsong/bulk_extractor\"\n SUPPORTED_OS = [\"linux\"]\n\n def __init__(self):\n super().__init__([\n ('GUI Mode (Download required)', self.gui_mode),\n ('CLI Mode', self.cli_mode)\n ], installable=False, runnable=False)\n\n def gui_mode(self):\n import subprocess\n from config import get_tools_dir\n console.print(Panel(Text(self.TITLE, justify=\"center\"), style=\"bold magenta\"))\n console.print(\"[bold magenta]Cloning repository and attempting to run GUI...[/]\")\n tools_dir = get_tools_dir()\n subprocess.run([\"git\", \"clone\", \"https://github.com/simsong/bulk_extractor.git\"],\n cwd=str(tools_dir))\n be_dir = tools_dir / \"bulk_extractor\"\n subprocess.run([\"./BEViewer\"], cwd=str(be_dir / \"java_gui\"))\n console.print(\n \"[magenta]If you get an error after clone go to /java_gui/src/ and compile the .jar file && run ./BEViewer[/]\")\n console.print(\n \"[magenta]Please visit for more details about installation: https://github.com/simsong/bulk_extractor[/]\")\n\n def cli_mode(self):\n import subprocess\n console.print(Panel(Text(self.TITLE + \" - CLI Mode\", justify=\"center\"), style=\"bold magenta\"))\n subprocess.run([\"sudo\", \"apt\", \"install\", \"-y\", \"bulk-extractor\"])\n console.print(\"[magenta]bulk_extractor [options] imagefile[/]\")\n subprocess.run([\"bulk_extractor\", \"-h\"])\n\n\nclass Guymager(HackingTool):\n TITLE = \"Disk Clone and ISO Image Acquire\"\n DESCRIPTION = \"Guymager is a free forensic imager for media acquisition.\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"sudo apt install guymager\"]\n RUN_COMMANDS = [\"sudo guymager\"]\n PROJECT_URL = \"https://guymager.sourceforge.io/\"\n\n\n\nclass Toolsley(HackingTool):\n TITLE = \"Toolsley\"\n DESCRIPTION = \"Toolsley got more than ten useful tools for investigation.\\n\" \\\n \"[+]File signature verifier\\n\" \\\n \"[+]File identifier \\n\" \\\n \"[+]Hash & Validate \\n\" \\\n \"[+]Binary inspector \\n \" \\\n \"[+]Encode text \\n\" \\\n \"[+]Data URI generator \\n\" \\\n \"[+]Password generator\"\n PROJECT_URL = \"https://www.toolsley.com/\"\n\n def __init__(self):\n super().__init__(installable=False, runnable=False)\n\n\nclass Volatility3(HackingTool):\n TITLE = \"Volatility 3 (Memory Forensics)\"\n DESCRIPTION = (\n \"The world's most widely used memory forensics framework.\\n\"\n \"Usage: python3 vol.py -f memory.dmp windows.pslist\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/volatilityfoundation/volatility3.git\",\n \"cd volatility3 && pip install --user -r requirements.txt\",\n ]\n PROJECT_URL = \"https://github.com/volatilityfoundation/volatility3\"\n\n def run(self):\n from config import get_tools_dir\n import subprocess\n from rich.prompt import Prompt\n dump = Prompt.ask(\"Enter path to memory dump\")\n plugin = Prompt.ask(\"Enter plugin\", default=\"windows.pslist\")\n subprocess.run(\n [\"python3\", \"vol.py\", \"-f\", dump, plugin],\n cwd=str(get_tools_dir() / \"volatility3\"),\n )\n\n\nclass Binwalk(HackingTool):\n TITLE = \"Binwalk (Firmware Analysis)\"\n DESCRIPTION = (\n \"Analyze, reverse engineer, and extract firmware images.\\n\"\n \"Usage: binwalk -e firmware.bin\"\n )\n INSTALL_COMMANDS = [\"pip install --user binwalk\"]\n RUN_COMMANDS = [\"binwalk --help\"]\n PROJECT_URL = \"https://github.com/ReFirmLabs/binwalk\"\n\n\nclass Pspy(HackingTool):\n TITLE = \"pspy (Process Monitor — No Root)\"\n DESCRIPTION = \"Monitor Linux processes without root — detects cron jobs, scheduled tasks, other users' commands.\"\n INSTALL_COMMANDS = [\n \"curl -sSL https://github.com/DominicBreuker/pspy/releases/latest/download/pspy64 -o pspy\",\n \"chmod +x pspy\",\n ]\n RUN_COMMANDS = [\"./pspy --help\"]\n PROJECT_URL = \"https://github.com/DominicBreuker/pspy\"\n SUPPORTED_OS = [\"linux\"]\n\n\nclass ForensicTools(HackingToolsCollection):\n TITLE = \"Forensic tools\"\n TOOLS = [\n Autopsy(),\n Wireshark(),\n BulkExtractor(),\n Guymager(),\n Toolsley(),\n Volatility3(),\n Binwalk(),\n Pspy(),\n ]\n\nif __name__ == \"__main__\":\n tools = ForensicTools()\n tools.show_options()\n" }, { "path": "tools/information_gathering.py", "content": "import os\nimport socket\nimport subprocess\nimport webbrowser\nimport sys\n\nfrom core import HackingTool, HackingToolsCollection, console\nfrom core import clear_screen\n\nfrom rich.panel import Panel\nfrom rich.text import Text\nfrom rich.prompt import Prompt\n\n\nclass NMAP(HackingTool):\n TITLE = \"Network Map (nmap)\"\n DESCRIPTION = \"Free and open source utility for network discovery and security auditing\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/nmap/nmap.git\",\n \"sudo chmod -R 755 nmap && cd nmap && sudo ./configure && make && sudo make install\"\n ]\n PROJECT_URL = \"https://github.com/nmap/nmap\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass Dracnmap(HackingTool):\n TITLE = \"Dracnmap\"\n DESCRIPTION = \"Dracnmap is an open source program which is using to \\n\" \\\n \"exploit the network and gathering information with nmap help.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Screetsec/Dracnmap.git\",\n \"cd Dracnmap && chmod +x dracnmap-v2.2-dracOs.sh dracnmap-v2.2.sh\"\n ]\n RUN_COMMANDS = [\"cd Dracnmap;sudo ./dracnmap-v2.2.sh\"]\n PROJECT_URL = \"https://github.com/Screetsec/Dracnmap\"\n\n\nclass PortScan(HackingTool):\n TITLE = \"Port scanning\"\n\n def __init__(self):\n super().__init__(installable=False)\n\n def run(self):\n clear_screen()\n console.print(Panel(Text(self.TITLE, justify=\"center\"), style=\"bold magenta\"))\n target = Prompt.ask(\"[bold]Select a Target IP[/bold magenta]\", default=\"\", show_default=False)\n subprocess.run([\"sudo\", \"nmap\", \"-O\", \"-Pn\", target])\n\n\nclass Host2IP(HackingTool):\n TITLE = \"Host to IP \"\n\n def __init__(self):\n super().__init__(installable=False)\n\n def run(self):\n clear_screen()\n console.print(Panel(Text(self.TITLE, justify=\"center\"), style=\"bold magenta\"))\n host = Prompt.ask(\"Enter host name (e.g. www.google.com):- \")\n ips = socket.gethostbyname(host)\n console.print(\"[bold magenta]{host} -> {ips}[/bold magenta]\")\n\n\nclass XeroSploit(HackingTool):\n TITLE = \"Xerosploit\"\n DESCRIPTION = \"Xerosploit is a penetration testing toolkit whose goal is to perform\\n\" \\\n \"man-in-the-middle attacks for testing purposes\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/LionSec/xerosploit.git\",\n \"cd xerosploit && sudo python install.py\"\n ]\n RUN_COMMANDS = [\"sudo xerosploit\"]\n PROJECT_URL = \"https://github.com/LionSec/xerosploit\"\n\n\nclass RedHawk(HackingTool):\n TITLE = \"RED HAWK (All In One Scanning)\"\n DESCRIPTION = \"All in one tool for Information Gathering and Vulnerability Scanning.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Tuhinshubhra/RED_HAWK.git\"]\n RUN_COMMANDS = [\"cd RED_HAWK;php rhawk.php\"]\n PROJECT_URL = \"https://github.com/Tuhinshubhra/RED_HAWK\"\n\n\nclass ReconSpider(HackingTool):\n TITLE = \"ReconSpider(For All Scanning)\"\n DESCRIPTION = \"ReconSpider is most Advanced Open Source Intelligence (OSINT)\" \\\n \" Framework for scanning IP Address, Emails, \\n\" \\\n \"Websites, Organizations and find out information from\" \\\n \" different sources.\\n\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/bhavsec/reconspider.git\",\n \"sudo apt install -y python3 python3-pip && cd reconspider && pip install --user .\"\n ]\n RUN_COMMANDS = [\"cd reconspider;python3 reconspider.py\"]\n PROJECT_URL = \"https://github.com/bhavsec/reconspider\"\n\n\nclass IsItDown(HackingTool):\n TITLE = \"IsItDown (Check Website Down/Up)\"\n DESCRIPTION = \"Check Website Is Online or Not\"\n\n def __init__(self):\n super().__init__(\n [('Open', self.open)], installable=False, runnable=False)\n\n def open(self):\n console.print(Panel(\"Opening isitdownrightnow.com\", style=\"bold magenta\"))\n webbrowser.open_new_tab(\"https://www.isitdownrightnow.com/\")\n\n\nclass Infoga(HackingTool):\n TITLE = \"Infoga - Email OSINT\"\n DESCRIPTION = \"Infoga is a tool gathering email accounts information\\n\" \\\n \"(ip, hostname, country,...) from different public source\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/m4ll0k/Infoga.git\",\n \"cd Infoga && pip install --user .\"\n ]\n RUN_COMMANDS = [\"cd Infoga;python3 infoga.py\"]\n PROJECT_URL = \"https://github.com/m4ll0k/Infoga\"\n\n\nclass ReconDog(HackingTool):\n TITLE = \"ReconDog\"\n DESCRIPTION = \"ReconDog Information Gathering Suite\"\n INSTALL_COMMANDS = [\"git clone https://github.com/s0md3v/ReconDog.git\"]\n RUN_COMMANDS = [\"cd ReconDog;sudo python dog\"]\n PROJECT_URL = \"https://github.com/s0md3v/ReconDog\"\n\n\nclass Striker(HackingTool):\n TITLE = \"Striker\"\n DESCRIPTION = \"Recon & Vulnerability Scanning Suite\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/s0md3v/Striker.git\",\n \"cd Striker && pip3 install -r requirements.txt\"\n ]\n PROJECT_URL = \"https://github.com/s0md3v/Striker\"\n\n def run(self):\n from config import get_tools_dir\n site = Prompt.ask(\"Enter Site Name (example.com)\")\n # Bug 3 fix: os.chdir() corrupts the process CWD permanently — use cwd= instead\n subprocess.run(\n [\"sudo\", \"python3\", \"striker.py\", site],\n cwd=str(get_tools_dir() / \"Striker\"),\n )\n\n\nclass SecretFinder(HackingTool):\n TITLE = \"SecretFinder (like API & etc)\"\n DESCRIPTION = \"SecretFinder - A python script for find sensitive data \\n\" \\\n \"like apikeys, accesstoken, authorizations, jwt,..etc \\n \" \\\n \"and search anything on javascript files.\\n\\n \" \\\n \"Usage: python SecretFinder.py -h\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/m4ll0k/SecretFinder.git secretfinder\",\n \"cd secretfinder; sudo pip3 install -r requirements.txt\"\n ]\n PROJECT_URL = \"https://github.com/m4ll0k/SecretFinder\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass Shodan(HackingTool):\n TITLE = \"Find Info Using Shodan\"\n DESCRIPTION = \"Get ports, vulnerabilities, information, banners,..etc \\n \" \\\n \"for any IP with Shodan (no apikey! no rate limit!)\\n\" \\\n \"[X] Don't use this tool because your ip will be blocked by Shodan!\"\n INSTALL_COMMANDS = [\"git clone https://github.com/m4ll0k/Shodanfy.py.git\"]\n PROJECT_URL = \"https://github.com/m4ll0k/Shodanfy.py\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass PortScannerRanger(HackingTool):\n TITLE = \"Port Scanner - rang3r\"\n DESCRIPTION = \"rang3r is a python script which scans in multi thread\\n \" \\\n \"all alive hosts within your range that you specify.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/floriankunushevci/rang3r.git;\"\n \"pip install --user termcolor\"]\n PROJECT_URL = \"https://github.com/floriankunushevci/rang3r\"\n\n def run(self):\n from config import get_tools_dir\n ip = Prompt.ask(\"Enter IP\")\n # Bug 3 fix: os.chdir() replaced with cwd= parameter\n subprocess.run(\n [\"sudo\", \"python3\", \"rang3r.py\", \"--ip\", ip],\n cwd=str(get_tools_dir() / \"rang3r\"),\n )\n\n\nclass Breacher(HackingTool):\n TITLE = \"Breacher\"\n DESCRIPTION = \"An advanced multithreaded admin panel finder written in python.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/s0md3v/Breacher.git\"]\n PROJECT_URL = \"https://github.com/s0md3v/Breacher\"\n\n def run(self):\n from config import get_tools_dir\n domain = Prompt.ask(\"Enter domain (example.com)\")\n # Bug 3 fix: os.chdir() replaced with cwd= parameter\n subprocess.run(\n [\"python3\", \"breacher.py\", \"-u\", domain],\n cwd=str(get_tools_dir() / \"Breacher\"),\n )\n\n\nclass TheHarvester(HackingTool):\n TITLE = \"theHarvester (OSINT)\"\n DESCRIPTION = (\n \"Gather emails, names, subdomains, IPs and URLs from public sources.\\n\"\n \"Usage: theHarvester -d example.com -b all\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/laramies/theHarvester.git\",\n \"cd theHarvester && pip install --user -r requirements/base.txt\",\n ]\n RUN_COMMANDS = [\"cd theHarvester && python3 theHarvester.py -h\"]\n PROJECT_URL = \"https://github.com/laramies/theHarvester\"\n\n\nclass Amass(HackingTool):\n TITLE = \"Amass (Attack Surface Mapping)\"\n DESCRIPTION = (\n \"In-depth subdomain enumeration and attack surface mapping.\\n\"\n \"Usage: amass enum -d example.com\"\n )\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install -v github.com/owasp-amass/amass/v4/...@master\",\n ]\n RUN_COMMANDS = [\"amass -h\"]\n PROJECT_URL = \"https://github.com/owasp-amass/amass\"\n\n\nclass Masscan(HackingTool):\n TITLE = \"Masscan (Fast Port Scanner)\"\n DESCRIPTION = (\n \"Fastest internet port scanner — 10 million packets/sec.\\n\"\n \"Usage: masscan -p1-65535 --rate=1000\"\n )\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"sudo apt-get install -y masscan\"]\n RUN_COMMANDS = [\"masscan --help\"]\n PROJECT_URL = \"https://github.com/robertdavidgraham/masscan\"\n\n\nclass RustScan(HackingTool):\n TITLE = \"RustScan (Modern Port Scanner)\"\n DESCRIPTION = (\n \"Scans all 65k ports in 3 seconds, passes results to nmap automatically.\\n\"\n \"Usage: rustscan -a -- -sV\"\n )\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"curl -sLO https://github.com/RustScan/RustScan/releases/latest/download/rustscan_2.3.0_amd64.deb\",\n \"sudo dpkg -i rustscan_2.3.0_amd64.deb\",\n ]\n RUN_COMMANDS = [\"rustscan --help\"]\n PROJECT_URL = \"https://github.com/RustScan/RustScan\"\n\n\nclass Holehe(HackingTool):\n TITLE = \"Holehe (Email → Social Accounts)\"\n DESCRIPTION = (\n \"Check if an email address is registered on 120+ websites.\\n\"\n \"Usage: holehe user@example.com\"\n )\n INSTALL_COMMANDS = [\"pip install --user holehe\"]\n RUN_COMMANDS = [\"holehe --help\"]\n PROJECT_URL = \"https://github.com/megadose/holehe\"\n\n\nclass Maigret(HackingTool):\n TITLE = \"Maigret (Username OSINT)\"\n DESCRIPTION = (\n \"Collect a dossier on a person by username across 3000+ sites.\\n\"\n \"Usage: maigret \"\n )\n INSTALL_COMMANDS = [\"pip install --user maigret\"]\n RUN_COMMANDS = [\"maigret --help\"]\n PROJECT_URL = \"https://github.com/soxoj/maigret\"\n\n\nclass Httpx(HackingTool):\n TITLE = \"httpx (HTTP Toolkit)\"\n DESCRIPTION = (\n \"Fast multi-purpose HTTP probing tool.\\n\"\n \"Usage: httpx -l urls.txt -status-code -title -tech-detect\"\n )\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest\",\n ]\n RUN_COMMANDS = [\"httpx -h\"]\n PROJECT_URL = \"https://github.com/projectdiscovery/httpx\"\n\n\nclass SpiderFoot(HackingTool):\n TITLE = \"SpiderFoot (OSINT Automation)\"\n DESCRIPTION = \"Automates OSINT collection for threat intelligence and attack surface mapping.\"\n INSTALL_COMMANDS = [\"pip install --user spiderfoot\"]\n RUN_COMMANDS = [\"spiderfoot -h\"]\n PROJECT_URL = \"https://github.com/smicallef/spiderfoot\"\n\n\nclass Subfinder(HackingTool):\n TITLE = \"Subfinder (Subdomain Enumeration)\"\n DESCRIPTION = \"Fast passive subdomain enumeration using multiple sources.\"\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest\",\n ]\n RUN_COMMANDS = [\"subfinder -h\"]\n PROJECT_URL = \"https://github.com/projectdiscovery/subfinder\"\n\n\nclass TruffleHog(HackingTool):\n TITLE = \"TruffleHog (Secret Scanner)\"\n DESCRIPTION = \"Find, verify, and analyze leaked credentials across git repos, S3 buckets, filesystems.\"\n INSTALL_COMMANDS = [\"pip install --user trufflehog\"]\n RUN_COMMANDS = [\"trufflehog --help\"]\n PROJECT_URL = \"https://github.com/trufflesecurity/trufflehog\"\n\n\nclass Gitleaks(HackingTool):\n TITLE = \"Gitleaks (Git Secret Scanner)\"\n DESCRIPTION = \"Fast secret scanner for git repos — detects hardcoded passwords, API keys, tokens.\"\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install github.com/gitleaks/gitleaks/v8@latest\",\n ]\n RUN_COMMANDS = [\"gitleaks --help\"]\n PROJECT_URL = \"https://github.com/gitleaks/gitleaks\"\n\n\nclass InformationGatheringTools(HackingToolsCollection):\n TITLE = \"Information gathering tools\"\n TOOLS = [\n NMAP(),\n Dracnmap(),\n PortScan(),\n Host2IP(),\n XeroSploit(),\n RedHawk(),\n ReconSpider(),\n IsItDown(),\n Infoga(),\n ReconDog(),\n Striker(),\n SecretFinder(),\n Shodan(),\n PortScannerRanger(),\n Breacher(),\n TheHarvester(),\n Amass(),\n Masscan(),\n RustScan(),\n Holehe(),\n Maigret(),\n Httpx(),\n SpiderFoot(),\n Subfinder(),\n TruffleHog(),\n Gitleaks(),\n ]\n\nif __name__ == \"__main__\":\n tools = InformationGatheringTools()\n tools.show_options()\n" }, { "path": "tools/mobile_security.py", "content": "from core import HackingTool\nfrom core import HackingToolsCollection\n\n\nclass MobSF(HackingTool):\n TITLE = \"MobSF (Mobile Security Framework)\"\n DESCRIPTION = \"All-in-one mobile app pentesting, malware analysis, and security assessment.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git\",\n \"cd Mobile-Security-Framework-MobSF && ./setup.sh\",\n ]\n RUN_COMMANDS = [\"cd Mobile-Security-Framework-MobSF && ./run.sh\"]\n PROJECT_URL = \"https://github.com/MobSF/Mobile-Security-Framework-MobSF\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Frida(HackingTool):\n TITLE = \"Frida (Dynamic Instrumentation)\"\n DESCRIPTION = \"Dynamic instrumentation toolkit for runtime hooking on Android, iOS, Windows, macOS, Linux.\"\n INSTALL_COMMANDS = [\"pip install --user frida-tools\"]\n RUN_COMMANDS = [\"frida --help\"]\n PROJECT_URL = \"https://github.com/frida/frida\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Objection(HackingTool):\n TITLE = \"Objection (Mobile Runtime Exploration)\"\n DESCRIPTION = \"Runtime mobile exploration toolkit powered by Frida — no jailbreak/root required.\"\n INSTALL_COMMANDS = [\"pip install --user objection\"]\n RUN_COMMANDS = [\"objection --help\"]\n PROJECT_URL = \"https://github.com/sensepost/objection\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass MobileSecurityTools(HackingToolsCollection):\n TITLE = \"Mobile Security Tools\"\n DESCRIPTION = \"Tools for Android/iOS application security testing and analysis.\"\n TOOLS = [\n MobSF(),\n Frida(),\n Objection(),\n ]" }, { "path": "tools/other_tools.py", "content": "import os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\nfrom tools.others.android_attack import AndroidAttackTools\nfrom tools.others.email_verifier import EmailVerifyTools\nfrom tools.others.hash_crack import HashCrackingTools\nfrom tools.others.homograph_attacks import IDNHomographAttackTools\nfrom tools.others.mix_tools import MixTools\nfrom tools.others.payload_injection import PayloadInjectorTools\nfrom tools.others.socialmedia import SocialMediaBruteforceTools\nfrom tools.others.socialmedia_finder import SocialMediaFinderTools\nfrom tools.others.web_crawling import WebCrawlingTools\nfrom tools.others.wifi_jamming import WifiJammingTools\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\nclass HatCloud(HackingTool):\n TITLE = \"HatCloud(Bypass CloudFlare for IP)\"\n DESCRIPTION = \"HatCloud build in Ruby. It makes bypass in CloudFlare for \" \\\n \"discover real IP.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/HatBashBR/HatCloud.git\"]\n PROJECT_URL = \"https://github.com/HatBashBR/HatCloud\"\n\n def run(self):\n from config import get_tools_dir\n from rich.prompt import Prompt\n site = Prompt.ask(\"Enter Site\")\n # Bug 3 fix: os.chdir() replaced with cwd= parameter\n subprocess.run(\n [\"sudo\", \"ruby\", \"hatcloud.rb\", \"-b\", site],\n cwd=str(get_tools_dir() / \"HatCloud\"),\n )\n\n\nclass OtherTools(HackingToolsCollection):\n TITLE = \"Other tools\"\n TOOLS = [\n SocialMediaBruteforceTools(),\n AndroidAttackTools(),\n HatCloud(),\n IDNHomographAttackTools(),\n EmailVerifyTools(),\n HashCrackingTools(),\n WifiJammingTools(),\n SocialMediaFinderTools(),\n PayloadInjectorTools(),\n WebCrawlingTools(),\n MixTools()\n ]\n\nif __name__ == \"__main__\":\n tools = OtherTools()\n tools.show_options()\n" }, { "path": "tools/others/__init__.py", "content": "" }, { "path": "tools/others/android_attack.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass Keydroid(HackingTool):\n TITLE = \"Keydroid\"\n DESCRIPTION = \"Android Keylogger + Reverse Shell\\n\" \\\n \"[!] You have to install Some Manually Refer Below Link:\\n \" \\\n \"[+] https://github.com/F4dl0/keydroid\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"git clone https://github.com/F4dl0/keydroid.git\"]\n RUN_COMMANDS = [\"cd keydroid && bash keydroid.sh\"]\n PROJECT_URL = \"https://github.com/F4dl0/keydroid\"\n\n\nclass MySMS(HackingTool):\n TITLE = \"MySMS\"\n DESCRIPTION = \"Script that generates an Android App to hack SMS through WAN \\n\" \\\n \"[!] You have to install Some Manually Refer Below Link:\\n\\t \" \\\n \"[+] https://github.com/papusingh2sms/mysms\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"git clone https://github.com/papusingh2sms/mysms.git\"]\n RUN_COMMANDS = [\"cd mysms && bash mysms.sh\"]\n PROJECT_URL = \"https://github.com/papusingh2sms/mysms\"\n\n\nclass LockPhish(HackingTool):\n TITLE = \"Lockphish (Grab target LOCK PIN)\"\n DESCRIPTION = \"Lockphish it's the first tool for phishing attacks on the \" \\\n \"lock screen, designed to\\n Grab Windows credentials,Android\" \\\n \" PIN and iPhone Passcode using a https link.\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"git clone https://github.com/JasonJerry/lockphish.git\"]\n RUN_COMMANDS = [\"cd lockphish && bash lockphish.sh\"]\n PROJECT_URL = \"https://github.com/JasonJerry/lockphish\"\n\n\nclass Droidcam(HackingTool):\n TITLE = \"DroidCam (Capture Image)\"\n DESCRIPTION = \"Powerful Tool For Grab Front Camera Snap Using A Link\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n # Bug 16 fix: missing comma caused two strings to be implicitly concatenated into one\n \"git clone https://github.com/kinghacker0/WishFish.git\",\n \"sudo apt install -y php wget openssh-client\",\n ]\n RUN_COMMANDS = [\"cd WishFish && sudo bash wishfish.sh\"]\n PROJECT_URL = \"https://github.com/kinghacker0/WishFish\"\n\n\nclass EvilApp(HackingTool):\n TITLE = \"EvilApp (Hijack Session)\"\n DESCRIPTION = \"EvilApp is a script to generate Android App that can \" \\\n \"hijack authenticated sessions in cookies.\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"git clone https://github.com/crypticterminal/EvilApp.git\"]\n RUN_COMMANDS = [\"cd EvilApp && bash evilapp.sh\"]\n PROJECT_URL = \"https://github.com/crypticterminal/EvilApp\"\n\n\nclass AndroidAttackTools(HackingToolsCollection):\n TITLE = \"Android Hacking tools\"\n TOOLS = [\n Keydroid(),\n MySMS(),\n LockPhish(),\n Droidcam(),\n EvilApp()\n ]\n\nif __name__ == \"__main__\":\n tools = AndroidAttackTools()\n tools.show_options()\n" }, { "path": "tools/others/email_verifier.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\nclass KnockMail(HackingTool):\n TITLE = \"Knockmail\"\n DESCRIPTION = \"KnockMail Tool Verify If Email Exists\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/heywoodlh/KnockMail.git\",\n \"cd KnockMail;sudo pip3 install -r requirements.txt\"\n ]\n RUN_COMMANDS = [\"cd KnockMail;python3 knockmail.py\"]\n PROJECT_URL = \"https://github.com/heywoodlh/KnockMail\"\n\n\nclass EmailVerifyTools(HackingToolsCollection):\n TITLE = \"Email Verify tools\"\n TOOLS = [KnockMail()]\n\nif __name__ == \"__main__\":\n tools = EmailVerifyTools()\n tools.show_options()\n" }, { "path": "tools/others/hash_crack.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass HashBuster(HackingTool):\n TITLE = \"Hash Buster\"\n DESCRIPTION = \"Features: \\n \" \\\n \"Automatic hash type identification \\n \" \\\n \"Supports MD5, SHA1, SHA256, SHA384, SHA512\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/s0md3v/Hash-Buster.git\",\n \"cd Hash-Buster;make install\"\n ]\n RUN_COMMANDS = [\"buster -h\"]\n PROJECT_URL = \"https://github.com/s0md3v/Hash-Buster\"\n\n\nclass HashCrackingTools(HackingToolsCollection):\n TITLE = \"Hash cracking tools\"\n TOOLS = [HashBuster()]\n\nif __name__ == \"__main__\":\n tools = HashCrackingTools()\n tools.show_options()\n" }, { "path": "tools/others/homograph_attacks.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass EvilURL(HackingTool):\n TITLE = \"EvilURL\"\n DESCRIPTION = \"Generate unicode evil domains for IDN Homograph Attack \" \\\n \"and detect them.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/UndeadSec/EvilURL.git\"]\n RUN_COMMANDS = [\"cd EvilURL;python3 evilurl.py\"]\n PROJECT_URL = \"https://github.com/UndeadSec/EvilURL\"\n\n\nclass IDNHomographAttackTools(HackingToolsCollection):\n TITLE = \"IDN Homograph Attack\"\n TOOLS = [EvilURL()]\n\nif __name__ == \"__main__\":\n tools = IDNHomographAttackTools()\n tools.show_options()\n" }, { "path": "tools/others/mix_tools.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass TerminalMultiplexer(HackingTool):\n TITLE = \"Terminal Multiplexer\"\n DESCRIPTION = (\n \"Terminal Multiplexer (tilix) is a tiling terminal emulator that \"\n \"allows opening several terminal sessions inside one window.\"\n )\n # Bug 19 fix: tilix is a Debian/Ubuntu package only — mark Linux-only\n INSTALL_COMMANDS = [\"sudo apt-get install -y tilix\"]\n SUPPORTED_OS = [\"linux\"]\n\n def __init__(self):\n # Py3-4 fix: super(TerminalMultiplexer, self) → super()\n super().__init__(runnable=False)\n\n\nclass Crivo(HackingTool):\n TITLE = \"Crivo\"\n DESCRIPTION = (\n \"A tool for extracting and filtering URLs, IPs, domains, and subdomains\\n\"\n \"from web pages or text, with built-in web scraping capabilities.\\n\"\n \"See: python3 crivo_cli.py -h\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/GMDSantana/crivo.git\",\n # Bug 18 verify: this is correct — cd and pip in same string works\n \"cd crivo && pip install --user -r requirements.txt\",\n ]\n PROJECT_URL = \"https://github.com/GMDSantana/crivo\"\n\n def __init__(self):\n # Py3-4 fix: super(Crivo, self) → super()\n super().__init__(runnable=False)\n\n\nclass MixTools(HackingToolsCollection):\n TITLE = \"Mix tools\"\n TOOLS = [\n TerminalMultiplexer(),\n Crivo()\n ]\n\nif __name__ == \"__main__\":\n tools = MixTools()\n tools.show_options()\n" }, { "path": "tools/others/payload_injection.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass DebInject(HackingTool):\n TITLE = \"Debinject\"\n DESCRIPTION = \"Debinject is a tool that inject malicious code into *.debs\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/UndeadSec/Debinject.git\"]\n RUN_COMMANDS = [\"cd Debinject;python debinject.py\"]\n PROJECT_URL = \"https://github.com/UndeadSec/Debinject\"\n\n\nclass Pixload(HackingTool):\n TITLE = \"Pixload\"\n DESCRIPTION = \"Pixload -- Image Payload Creating tools \\n \" \\\n \"Pixload is Set of tools for creating/injecting payload into images.\"\n INSTALL_COMMANDS = [\n \"sudo apt install libgd-perl libimage-exiftool-perl libstring-crc32-perl\",\n \"git clone https://github.com/chinarulezzz/pixload.git\"\n ]\n PROJECT_URL = \"https://github.com/chinarulezzz/pixload\"\n\n def __init__(self):\n super().__init__(runnable = False)\n\n\nclass PayloadInjectorTools(HackingToolsCollection):\n TITLE = \"Payload Injector\"\n TOOLS = [\n DebInject(),\n Pixload()\n ]\n\nif __name__ == \"__main__\":\n tools = PayloadInjectorTools()\n tools.show_options()\n" }, { "path": "tools/others/socialmedia.py", "content": "import contextlib\nimport os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass InstaBrute(HackingTool):\n TITLE = \"Instagram Attack\"\n DESCRIPTION = \"Brute force attack against Instagram\"\n PROJECT_URL = \"https://github.com/chinoogawa/instaBrute\"\n # Py3-7: Python 2 only (pip2.7); also violates Instagram ToS\n ARCHIVED = True\n ARCHIVED_REASON = \"Python 2 only — EOL January 2020. Repo unmaintained since 2017.\"\n INSTALL_COMMANDS = []\n RUN_COMMANDS = []\n\n def __init__(self):\n super().__init__(installable=False, runnable=False)\n\n\nclass BruteForce(HackingTool):\n TITLE = \"AllinOne SocialMedia Attack\"\n DESCRIPTION = \"Brute_Force_Attack Gmail Hotmail Twitter Facebook Netflix \\n\" \\\n \"[!] python3 Brute_Force.py -g -l \"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Matrix07ksa/Brute_Force.git\",\n \"cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize\"\n ]\n RUN_COMMANDS = [\"cd Brute_Force;python3 Brute_Force.py -h\"]\n PROJECT_URL = \"https://github.com/Matrix07ksa/Brute_Force\"\n\n\nclass Faceshell(HackingTool):\n TITLE = \"Facebook Attack\"\n DESCRIPTION = \"Facebook BruteForcer\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Matrix07ksa/Brute_Force.git\",\n \"cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize\"\n ]\n PROJECT_URL = \"https://github.com/Matrix07ksa/Brute_Force\"\n\n def run(self):\n from config import get_tools_dir\n name = Prompt.ask(\"Enter Username\")\n wordlist = Prompt.ask(\"Enter Wordlist path\")\n # Bug 3 fix: os.chdir() replaced with cwd= parameter\n subprocess.run(\n [\"python3\", \"Brute_Force.py\", \"-f\", name, \"-l\", wordlist],\n cwd=str(get_tools_dir() / \"Brute_Force\"),\n )\n\n\nclass AppCheck(HackingTool):\n TITLE = \"Application Checker\"\n DESCRIPTION = \"Tool to check if an app is installed on the target device through a link.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/jakuta-tech/underhanded.git\",\n \"cd underhanded && sudo chmod +x underhanded.sh\"\n ]\n RUN_COMMANDS = [\"cd underhanded;sudo bash underhanded.sh\"]\n PROJECT_URL = \"https://github.com/jakuta-tech/underhanded\"\n\n\nclass SocialMediaBruteforceTools(HackingToolsCollection):\n TITLE = \"SocialMedia Bruteforce\"\n TOOLS = [\n InstaBrute(),\n BruteForce(),\n Faceshell(),\n AppCheck()\n ]\n\nif __name__ == \"__main__\":\n tools = SocialMediaBruteforceTools()\n tools.show_options()\n" }, { "path": "tools/others/socialmedia_finder.py", "content": "import os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass FacialFind(HackingTool):\n TITLE = \"Find SocialMedia By Facial Recognation System\"\n DESCRIPTION = \"A Social Media Mapping Tool that correlates profiles\\n \" \\\n \"via facial recognition across different sites.\"\n INSTALL_COMMANDS = [\n \"sudo apt install -y software-properties-common\",\n \"sudo add-apt-repository ppa:mozillateam/firefox-next && sudo apt update && sudo apt upgrade\",\n \"git clone https://github.com/Greenwolf/social_mapper.git\",\n \"sudo apt install -y build-essential cmake libgtk-3-dev libboost-all-dev\",\n \"cd social_mapper/setup\",\n \"sudo python3 -m pip install --no-cache-dir -r requirements.txt\",\n 'echo \"[!]Now You have To do some Manually\\n'\n '[!] Install the Geckodriver for your operating system\\n'\n '[!] Copy & Paste Link And Download File As System Configuration\\n'\n '[#] https://github.com/mozilla/geckodriver/releases\\n'\n '[!!] On Linux you can place it in /usr/bin \"| boxes | lolcat'\n ]\n PROJECT_URL = \"https://github.com/Greenwolf/social_mapper\"\n\n def run(self):\n from config import get_tools_dir\n import subprocess\n setup_dir = get_tools_dir() / \"social_mapper\" / \"setup\"\n subprocess.run([\"python3\", \"social_mapper.py\", \"-h\"], cwd=str(setup_dir))\n console.print(\n \"[bold magenta]Set username and password in social_mapper.py before running.[/]\\n\"\n \"[magenta]Usage: python social_mapper.py -f -i -m fast -fb -tw[/]\"\n )\n\n\nclass FindUser(HackingTool):\n TITLE = \"Find SocialMedia By UserName\"\n DESCRIPTION = \"Find usernames across over 75 social networks\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/xHak9x/finduser.git\",\n \"cd finduser && sudo chmod +x finduser.sh\"\n ]\n RUN_COMMANDS = [\"cd finduser && sudo bash finduser.sh\"]\n PROJECT_URL = \"https://github.com/xHak9x/finduser\"\n\n\nclass Sherlock(HackingTool):\n TITLE = \"Sherlock\"\n DESCRIPTION = \"Hunt down social media accounts by username across social networks \\n \" \\\n \"For More Usage \\n\" \\\n \"\\t >>python3 sherlock --help\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/sherlock-project/sherlock.git\",\n \"cd sherlock;sudo python3 -m pip install -r requirements.txt\"\n ]\n PROJECT_URL = \"https://github.com/sherlock-project/sherlock\"\n\n def run(self):\n from config import get_tools_dir\n from rich.prompt import Prompt\n name = Prompt.ask(\"Enter Username\")\n # Bug 3 fix: os.chdir() replaced with cwd= parameter\n subprocess.run(\n [\"python3\", \"sherlock\", name],\n cwd=str(get_tools_dir() / \"sherlock\"),\n )\n\n\nclass SocialScan(HackingTool):\n TITLE = \"SocialScan | Username or Email\"\n DESCRIPTION = \"Check email address and username availability on online \" \\\n \"platforms with 100% accuracy\"\n INSTALL_COMMANDS = [\"pip install --user socialscan\"]\n PROJECT_URL = \"https://github.com/iojw/socialscan\"\n\n def run(self):\n name = input(\n \"Enter Username or Emailid (if both then please space between email & username) >> \")\n subprocess.run([\"sudo\", \"socialscan\", f\"{name}\"])\n\n\nclass SocialMediaFinderTools(HackingToolsCollection):\n TITLE = \"SocialMedia Finder\"\n TOOLS = [\n FacialFind(),\n FindUser(),\n Sherlock(),\n SocialScan()\n ]\n\nif __name__ == \"__main__\":\n tools = SocialMediaFinderTools()\n tools.show_options()\n" }, { "path": "tools/others/web_crawling.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass GoSpider(HackingTool):\n TITLE = \"Gospider\"\n DESCRIPTION = \"Gospider - Fast web spider written in Go\"\n INSTALL_COMMANDS = [\"sudo go get -u github.com/jaeles-project/gospider\"]\n PROJECT_URL = \"https://github.com/jaeles-project/gospider\"\n\n def __init__(self):\n super().__init__(runnable = False)\n\n\nclass WebCrawlingTools(HackingToolsCollection):\n TITLE = \"Web crawling\"\n TOOLS = [GoSpider()]\n\nif __name__ == \"__main__\":\n tools = WebCrawlingTools()\n tools.show_options()\n" }, { "path": "tools/others/wifi_jamming.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich import box\n\n\nclass WifiJammerNG(HackingTool):\n TITLE = \"WifiJammer-NG\"\n DESCRIPTION = \"Continuously jam all wifi clients and access points within range.\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n INSTALL_COMMANDS = [\n \"git clone https://github.com/MisterBianco/wifijammer-ng.git\",\n \"cd wifijammer-ng;pip install --user -r requirements.txt\"\n ]\n RUN_COMMANDS = [\n \"cd wifijammer-ng && sudo python3 wifijammer.py --help\",\n ]\n PROJECT_URL = \"https://github.com/MisterBianco/wifijammer-ng\"\n\n\nclass KawaiiDeauther(HackingTool):\n TITLE = \"KawaiiDeauther\"\n DESCRIPTION = \"Kawaii Deauther is a pentest toolkit whose goal is to perform \\n \" \\\n \"jam on WiFi clients/routers and spam many fake AP for testing purposes.\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n INSTALL_COMMANDS = [\n \"git clone https://github.com/aryanrtm/KawaiiDeauther.git\",\n \"cd KawaiiDeauther;sudo bash install.sh\"\n ]\n RUN_COMMANDS = [\"cd KawaiiDeauther;sudo bash KawaiiDeauther.sh\"]\n PROJECT_URL = \"https://github.com/aryanrtm/KawaiiDeauther\"\n\n\nclass WifiJammingTools(HackingToolsCollection):\n TITLE = \"Wifi Deauthenticate\"\n TOOLS = [\n WifiJammerNG(),\n KawaiiDeauther()\n ]\n\nif __name__ == \"__main__\":\n tools = WifiJammingTools()\n tools.show_options()\n" }, { "path": "tools/payload_creator.py", "content": "import os\nimport subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass TheFatRat(HackingTool):\n TITLE = \"The FatRat\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"TheFatRat provides an easy way to create backdoors and payloads \"\n \"which can bypass most anti-virus.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Screetsec/TheFatRat.git\",\n \"cd TheFatRat && chmod +x setup.sh\",\n ]\n RUN_COMMANDS = [\"cd TheFatRat && sudo bash setup.sh\"]\n PROJECT_URL = \"https://github.com/Screetsec/TheFatRat\"\n\n def __init__(self):\n super().__init__([\n (\"Update\", self.update),\n (\"Troubleshoot\", self.troubleshoot),\n ])\n\n def update(self):\n from config import get_tools_dir\n cwd = str(get_tools_dir() / \"TheFatRat\")\n subprocess.run([\"bash\", \"update\"], cwd=cwd)\n subprocess.run([\"chmod\", \"+x\", \"setup.sh\"], cwd=cwd)\n subprocess.run([\"bash\", \"setup.sh\"], cwd=cwd)\n\n def troubleshoot(self):\n from config import get_tools_dir\n cwd = str(get_tools_dir() / \"TheFatRat\")\n subprocess.run([\"chmod\", \"+x\", \"chk_tools\"], cwd=cwd)\n subprocess.run([\"./chk_tools\"], cwd=cwd)\n\n\nclass Brutal(HackingTool):\n TITLE = \"Brutal\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"Brutal is a toolkit to quickly create various payloads, powershell attacks, \"\n \"virus attacks and launch listener for a Human Interface Device.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Screetsec/Brutal.git\",\n \"cd Brutal && chmod +x Brutal.sh\",\n ]\n RUN_COMMANDS = [\"cd Brutal && sudo bash Brutal.sh\"]\n PROJECT_URL = \"https://github.com/Screetsec/Brutal\"\n\n def show_info(self):\n super().show_info()\n console.print(\n \"[bold cyan]Requirements:[/bold cyan]\\n\"\n \" - Arduino Software (v1.6.7+)\\n\"\n \" - TeensyDuino\\n\"\n \" - Linux udev rules\\n\"\n \" See: https://github.com/Screetsec/Brutal/wiki/Install-Requirements\"\n )\n\n\nclass Stitch(HackingTool):\n TITLE = \"Stitch\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"Stitch is a Cross Platform Python Remote Administrator Tool.\\n\"\n \"[!] Refer to the project link for Windows & macOS support.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/nathanlopez/Stitch.git\",\n \"cd Stitch && pip install --user -r lnx_requirements.txt\",\n ]\n RUN_COMMANDS = [\"cd Stitch && sudo python3 main.py\"]\n PROJECT_URL = \"https://nathanlopez.github.io/Stitch\"\n\n\nclass MSFVenom(HackingTool):\n TITLE = \"MSFvenom Payload Creator\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple \"\n \"types of payloads, based on user choice.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/g0tmi1k/msfpc.git\",\n \"cd msfpc && chmod +x msfpc.sh\",\n ]\n RUN_COMMANDS = [\"cd msfpc && sudo bash msfpc.sh -h -v\"]\n PROJECT_URL = \"https://github.com/g0tmi1k/msfpc\"\n\n\nclass Venom(HackingTool):\n TITLE = \"Venom Shellcode Generator\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Venom exploits apache2 webserver to deliver LAN payloads via fake webpages.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/r00t-3xp10it/venom.git\",\n # Removed \"sudo ./venom.sh -u\" from install — interactive, runs the tool during install\n \"sudo chmod -R 775 venom*/ && cd venom*/ && cd aux && sudo bash setup.sh\",\n ]\n RUN_COMMANDS = [\"cd venom && sudo ./venom.sh\"]\n PROJECT_URL = \"https://github.com/r00t-3xp10it/venom\"\n\n\nclass Spycam(HackingTool):\n TITLE = \"Spycam\"\n DESCRIPTION = \"Generates a Win32 payload that captures webcam images every 1 minute.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/indexnotfound404/spycam.git\",\n \"cd spycam && bash install.sh && chmod +x spycam\",\n ]\n RUN_COMMANDS = [\"cd spycam && ./spycam\"]\n PROJECT_URL = \"https://github.com/indexnotfound404/spycam\"\n\n\nclass MobDroid(HackingTool):\n TITLE = \"Mob-Droid\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Generates metasploit payloads easily without typing long commands.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/kinghacker0/mob-droid.git\"]\n RUN_COMMANDS = [\"cd mob-droid && sudo python3 mob-droid.py\"]\n PROJECT_URL = \"https://github.com/kinghacker0/Mob-Droid\"\n\n\nclass Enigma(HackingTool):\n TITLE = \"Enigma\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Enigma is a Multiplatform payload dropper.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/UndeadSec/Enigma.git\"]\n RUN_COMMANDS = [\"cd Enigma && sudo python3 enigma.py\"]\n PROJECT_URL = \"https://github.com/UndeadSec/Enigma\"\n\n\nclass PayloadCreatorTools(HackingToolsCollection):\n TITLE = \"Payload creation tools\"\n # Bug 11 fix: show_options() override was missing `parent` parameter entirely —\n # the whole override is now deleted and the base class method is used instead.\n TOOLS = [\n TheFatRat(),\n Brutal(),\n Stitch(),\n MSFVenom(),\n Venom(),\n Spycam(),\n MobDroid(),\n Enigma(),\n ]\n\n\nif __name__ == \"__main__\":\n tools = PayloadCreatorTools()\n tools.show_options()\n" }, { "path": "tools/phishing_attack.py", "content": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass Autophisher(HackingTool):\n TITLE = \"Autophisher RK\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Automated Phishing Toolkit\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/CodingRanjith/autophisher.git\",\n ]\n RUN_COMMANDS = [\"cd autophisher && sudo bash autophisher.sh\"]\n PROJECT_URL = \"https://github.com/CodingRanjith/autophisher\"\n\n\nclass Pyphisher(HackingTool):\n TITLE = \"Pyphisher\"\n DESCRIPTION = \"Easy to use phishing tool with 77 website templates\"\n # Bug 9 fix: pip must reference the full path, not rely on a no-op \"cd\" call\n INSTALL_COMMANDS = [\n \"git clone https://github.com/KasRoudra/PyPhisher\",\n \"pip3 install --user -r PyPhisher/files/requirements.txt\",\n ]\n RUN_COMMANDS = [\"cd PyPhisher && sudo python3 pyphisher.py\"]\n # Bug 8 fix: PROJECT_URL was a git clone command, not a URL\n PROJECT_URL = \"https://github.com/KasRoudra/PyPhisher\"\n\n\nclass AdvPhishing(HackingTool):\n TITLE = \"AdvPhishing\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"This is Advance Phishing Tool ! OTP PHISHING\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Ignitetch/AdvPhishing.git\",\n # Vuln 2 fix: chmod 777 → chmod +x\n \"cd AdvPhishing && chmod +x Linux-Setup.sh && bash Linux-Setup.sh\",\n ]\n RUN_COMMANDS = [\"cd AdvPhishing && sudo bash AdvPhishing.sh\"]\n PROJECT_URL = \"https://github.com/Ignitetch/AdvPhishing\"\n\n\nclass Setoolkit(HackingTool):\n TITLE = \"Setoolkit\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"The Social-Engineer Toolkit is an open-source penetration\\n\"\n \"testing framework designed for social engineering.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/trustedsec/social-engineer-toolkit/\",\n \"cd social-engineer-toolkit && pip install --user .\",\n ]\n RUN_COMMANDS = [\"sudo setoolkit\"]\n PROJECT_URL = \"https://github.com/trustedsec/social-engineer-toolkit\"\n\n\nclass SocialFish(HackingTool):\n TITLE = \"SocialFish\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Automated Phishing Tool & Information Collector NOTE: username is 'root' and password is 'pass'\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/UndeadSec/SocialFish.git && sudo apt-get install python3 python3-pip python3-dev -y\",\n \"cd SocialFish && sudo python3 -m pip install -r requirements.txt\",\n ]\n RUN_COMMANDS = [\"cd SocialFish && sudo python3 SocialFish.py root pass\"]\n PROJECT_URL = \"https://github.com/UndeadSec/SocialFish\"\n\n\nclass HiddenEye(HackingTool):\n TITLE = \"HiddenEye\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services\\n\"\n \"\\t[!] https://github.com/DarkSecDevelopers/HiddenEye\"\n )\n INSTALL_COMMANDS = [\n # Vuln 2 fix: chmod 777 → chmod 755\n \"git clone https://github.com/Morsmalleo/HiddenEye.git && chmod -R 755 HiddenEye\",\n \"cd HiddenEye && sudo pip3 install -r requirements.txt && pip3 install pyngrok\",\n ]\n RUN_COMMANDS = [\"cd HiddenEye && sudo python3 HiddenEye.py\"]\n PROJECT_URL = \"https://github.com/Morsmalleo/HiddenEye\"\n\n\nclass Evilginx3(HackingTool):\n TITLE = \"Evilginx3\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"evilginx is a man-in-the-middle attack framework used for phishing login credentials\\n\"\n \"along with session cookies, bypassing 2-factor authentication.\\n\"\n \"Requires Go >= 1.18 installed.\"\n )\n # Bug 6 fix: removed 'sudo evilginx' (interactive) from INSTALL_COMMANDS\n INSTALL_COMMANDS = [\n \"sudo apt-get install -y git make golang-go\",\n \"go install github.com/kgretzky/evilginx/v3@latest\",\n ]\n RUN_COMMANDS = [\"evilginx\"]\n PROJECT_URL = \"https://github.com/kgretzky/evilginx2\"\n REQUIRES_GO = True\n\n\nclass ISeeYou(HackingTool):\n TITLE = \"I-See_You\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = (\n \"[!] ISeeYou finds the exact location of a target via social engineering.\\n\"\n \"[!] Expose local servers to the internet and decode location from log file.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Viralmaniar/I-See-You.git\",\n \"cd I-See-You && sudo chmod u+x ISeeYou.sh\",\n ]\n RUN_COMMANDS = [\"cd I-See-You && sudo bash ISeeYou.sh\"]\n PROJECT_URL = \"https://github.com/Viralmaniar/I-See-You\"\n\n\nclass SayCheese(HackingTool):\n TITLE = \"SayCheese\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Take webcam shots from target just by sending a malicious link\"\n INSTALL_COMMANDS = [\"git clone https://github.com/hangetzzu/saycheese\"]\n RUN_COMMANDS = [\"cd saycheese && sudo bash saycheese.sh\"]\n PROJECT_URL = \"https://github.com/hangetzzu/saycheese\"\n\n\nclass QRJacking(HackingTool):\n TITLE = \"QR Code Jacking\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"QR Code Jacking (Any Website)\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/cryptedwolf/ohmyqr.git && sudo apt -y install scrot\",\n ]\n RUN_COMMANDS = [\"cd ohmyqr && sudo bash ohmyqr.sh\"]\n PROJECT_URL = \"https://github.com/cryptedwolf/ohmyqr\"\n\n\n# Bug 10 fix: WifiPhisher removed from phishing tools — it belongs in wireless_attack.py\n\n\nclass BlackEye(HackingTool):\n TITLE = \"BlackEye\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"The ultimate phishing tool with 38 websites available!\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/thelinuxchoice/blackeye\",\n ]\n RUN_COMMANDS = [\"cd blackeye && sudo bash blackeye.sh\"]\n PROJECT_URL = \"https://github.com/An0nUD4Y/blackeye\"\n\n\nclass ShellPhish(HackingTool):\n TITLE = \"ShellPhish\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Phishing Tool for 18 social media\"\n INSTALL_COMMANDS = [\"git clone https://github.com/An0nUD4Y/shellphish.git\"]\n RUN_COMMANDS = [\"cd shellphish && sudo bash shellphish.sh\"]\n PROJECT_URL = \"https://github.com/An0nUD4Y/shellphish\"\n\n\nclass Thanos(HackingTool):\n TITLE = \"Thanos\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Browser to Browser Phishing toolkit\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/TridevReddy/Thanos.git\",\n # Vuln 2 fix: chmod -R 777 → chmod +x\n \"cd Thanos && chmod +x Thanos.sh\",\n ]\n RUN_COMMANDS = [\"cd Thanos && sudo bash Thanos.sh\"]\n PROJECT_URL = \"https://github.com/TridevReddy/Thanos\"\n\n\nclass QRLJacking(HackingTool):\n TITLE = \"QRLJacking\"\n DESCRIPTION = \"QRLJacking — session hijacking attack vector targeting QR code based login\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/OWASP/QRLJacking.git\",\n # Bug fix: geckodriver must be fetched as a binary, not cloned from source\n \"GECKO_VER=$(curl -s https://api.github.com/repos/mozilla/geckodriver/releases/latest | grep tag_name | cut -d '\\\"' -f4) && \"\n \"wget -q https://github.com/mozilla/geckodriver/releases/download/$GECKO_VER/geckodriver-$GECKO_VER-linux64.tar.gz -O /tmp/geckodriver.tar.gz && \"\n \"tar -xzf /tmp/geckodriver.tar.gz -C /tmp && sudo mv /tmp/geckodriver /usr/local/bin/\",\n \"cd QRLJacking && pip3 install --user -r QRLJacker/requirements.txt\",\n ]\n RUN_COMMANDS = [\"cd QRLJacking/QRLJacker && python3 QrlJacker.py\"]\n PROJECT_URL = \"https://github.com/OWASP/QRLJacking\"\n\n\nclass Maskphish(HackingTool):\n TITLE = \"Maskphish\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Hide phishing URL under a normal looking URL (google.com or facebook.com)\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/jaykali/maskphish.git\",\n ]\n RUN_COMMANDS = [\"cd maskphish && sudo bash maskphish.sh\"]\n PROJECT_URL = \"https://github.com/jaykali/maskphish\"\n\n\nclass BlackPhish(HackingTool):\n TITLE = \"BlackPhish\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"git clone https://github.com/iinc0gnit0/BlackPhish.git\",\n \"cd BlackPhish && sudo bash install.sh\",\n ]\n RUN_COMMANDS = [\"cd BlackPhish && sudo python3 blackphish.py\"]\n PROJECT_URL = \"https://github.com/iinc0gnit0/BlackPhish\"\n\n def __init__(self):\n # Bug fix: super() Python 3 style\n super().__init__([(\"Update\", self.update)])\n\n def update(self):\n import subprocess\n from config import get_tools_dir\n subprocess.run([\"bash\", \"update.sh\"], cwd=str(get_tools_dir() / \"BlackPhish\"))\n\n\nclass Dnstwist(HackingTool):\n # Bug 2 fix: all attributes were wrong case (Title, Install_commands, etc.)\n # They are now the correct uppercase names the base class reads.\n TITLE = \"dnstwist\"\n DESCRIPTION = \"Domain name permutation engine for detecting typosquatting, phishing and brand impersonation\"\n INSTALL_COMMANDS = [\"pip3 install --user dnstwist\"]\n RUN_COMMANDS = [\"dnstwist --help\"]\n PROJECT_URL = \"https://github.com/elceef/dnstwist\"\n\n\nclass PhishingAttackTools(HackingToolsCollection):\n TITLE = \"Phishing attack tools\"\n TOOLS = [\n Autophisher(),\n Pyphisher(),\n AdvPhishing(),\n Setoolkit(),\n SocialFish(),\n HiddenEye(),\n Evilginx3(),\n ISeeYou(),\n SayCheese(),\n QRJacking(),\n BlackEye(),\n ShellPhish(),\n Thanos(),\n QRLJacking(),\n BlackPhish(),\n Maskphish(),\n Dnstwist(),\n ]\n\n\nif __name__ == \"__main__\":\n tools = PhishingAttackTools()\n tools.show_options()\n" }, { "path": "tools/post_exploitation.py", "content": "import os\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\nclass Vegile(HackingTool):\n TITLE = \"Vegile - Ghost In The Shell\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"This tool will set up your backdoor/rootkits when \" \\\n \"backdoor is already setup it will be \\n\" \\\n \"hidden your specific process,unlimited your session in \" \\\n \"metasploit and transparent.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Screetsec/Vegile.git\",\n \"cd Vegile && sudo chmod +x Vegile\"\n ]\n RUN_COMMANDS = [\"cd Vegile && sudo bash Vegile\"]\n PROJECT_URL = \"https://github.com/Screetsec/Vegile\"\n\n def before_run(self):\n console.print(\n \"[bold magenta]Vegile commands:[/]\\n\"\n \" Vegile -i / --inject [backdoor/rootkit]\\n\"\n \" Vegile -u / --unlimited [backdoor/rootkit]\\n\"\n \" Vegile -h / --help\"\n )\n\n\nclass ChromeKeyLogger(HackingTool):\n TITLE = \"Chrome Keylogger\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Hera Chrome Keylogger\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/UndeadSec/HeraKeylogger.git\",\n \"cd HeraKeylogger && sudo apt-get install python3-pip -y && sudo pip3 install -r requirements.txt\"\n ]\n RUN_COMMANDS = [\"cd HeraKeylogger && sudo python3 hera.py\"]\n PROJECT_URL = \"https://github.com/UndeadSec/HeraKeylogger\"\n\n\nclass PwncatCS(HackingTool):\n TITLE = \"pwncat-cs (Reverse Shell Handler)\"\n DESCRIPTION = (\n \"Post-exploitation platform — manages reverse/bind shells with automation.\\n\"\n \"Handles file upload/download, persistence, privilege escalation.\\n\"\n \"Usage: pwncat-cs -lp 4444\"\n )\n SUPPORTED_OS = [\"linux\", \"macos\"]\n INSTALL_COMMANDS = [\"pip install --user pwncat-cs\"]\n RUN_COMMANDS = [\"pwncat-cs --help\"]\n PROJECT_URL = \"https://github.com/calebstewart/pwncat\"\n\n\nclass Sliver(HackingTool):\n TITLE = \"Sliver (C2 Framework)\"\n DESCRIPTION = \"Cross-platform adversary emulation/red team C2 framework — mTLS, HTTP(S), DNS, WireGuard.\"\n INSTALL_COMMANDS = [\n \"curl -sSf https://sliver.sh/install -o /tmp/sliver-install.sh\",\n \"sudo bash /tmp/sliver-install.sh\",\n ]\n RUN_COMMANDS = [\"sliver --help\"]\n PROJECT_URL = \"https://github.com/BishopFox/sliver\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Havoc(HackingTool):\n TITLE = \"Havoc (C2 Framework)\"\n DESCRIPTION = \"Modern post-exploitation C2 framework with EDR evasion. Cobalt Strike alternative.\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"git clone https://github.com/HavocFramework/Havoc.git\",\n \"cd Havoc && make\",\n ]\n RUN_COMMANDS = [\"cd Havoc && ./havoc --help\"]\n PROJECT_URL = \"https://github.com/HavocFramework/Havoc\"\n SUPPORTED_OS = [\"linux\"]\n\n\nclass PEASSng(HackingTool):\n TITLE = \"PEASS-ng — LinPEAS/WinPEAS (Priv Esc)\"\n DESCRIPTION = \"Privilege escalation enumeration scripts for Linux and Windows.\"\n INSTALL_COMMANDS = [\n \"curl -sSL https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh -o linpeas.sh\",\n \"chmod +x linpeas.sh\",\n ]\n RUN_COMMANDS = [\"./linpeas.sh --help\"]\n PROJECT_URL = \"https://github.com/peass-ng/PEASS-ng\"\n\n\nclass LigoloNg(HackingTool):\n TITLE = \"Ligolo-ng (Tunneling/Pivoting)\"\n DESCRIPTION = \"Advanced tunneling/pivoting tool using TUN interfaces — no SOCKS needed.\"\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install github.com/nicocha30/ligolo-ng@latest\",\n ]\n RUN_COMMANDS = [\"ligolo-ng --help\"]\n PROJECT_URL = \"https://github.com/nicocha30/ligolo-ng\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass ChiselTunnel(HackingTool):\n TITLE = \"Chisel (HTTP Tunnel)\"\n DESCRIPTION = \"Fast TCP/UDP tunnel over HTTP, secured via SSH — pivoting and port forwarding.\"\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install github.com/jpillora/chisel@latest\",\n ]\n RUN_COMMANDS = [\"chisel --help\"]\n PROJECT_URL = \"https://github.com/jpillora/chisel\"\n\n\nclass EvilWinRM(HackingTool):\n TITLE = \"Evil-WinRM (Windows Remote Shell)\"\n DESCRIPTION = \"Ultimate WinRM shell for hacking/pentesting Windows machines.\"\n REQUIRES_RUBY = True\n INSTALL_COMMANDS = [\"gem install evil-winrm\"]\n RUN_COMMANDS = [\"evil-winrm --help\"]\n PROJECT_URL = \"https://github.com/Hackplayers/evil-winrm\"\n SUPPORTED_OS = [\"linux\"]\n\n\nclass Mythic(HackingTool):\n TITLE = \"Mythic (C2 Platform)\"\n DESCRIPTION = \"Collaborative, multi-payload C2 platform designed for red team operations.\"\n REQUIRES_DOCKER = True\n INSTALL_COMMANDS = [\n \"git clone https://github.com/its-a-feature/Mythic.git\",\n \"cd Mythic && sudo make\",\n ]\n RUN_COMMANDS = [\"cd Mythic && sudo ./mythic-cli start\"]\n PROJECT_URL = \"https://github.com/its-a-feature/Mythic\"\n SUPPORTED_OS = [\"linux\"]\n\n\nclass PostExploitationTools(HackingToolsCollection):\n TITLE = \"Post exploitation tools\"\n TOOLS = [\n Vegile(),\n ChromeKeyLogger(),\n PwncatCS(),\n Sliver(),\n Havoc(),\n PEASSng(),\n LigoloNg(),\n ChiselTunnel(),\n EvilWinRM(),\n Mythic(),\n ]\n\nif __name__ == \"__main__\":\n tools = PostExploitationTools()\n tools.show_options()\n" }, { "path": "tools/remote_administration.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\n# Bug 17 fix: Stitch was defined in both payload_creator.py and remote_administration.py.\n# It is kept in payload_creator.py (its correct category) and removed from here.\n\n\nclass Pyshell(HackingTool):\n TITLE = \"Pyshell\"\n DESCRIPTION = \"Pyshell is a Rat Tool that can be able to download & upload \" \\\n \"files,\\n Execute OS Command and more..\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/knassar702/Pyshell.git;\"\n \"pip install --user pyscreenshot python-nmap requests\"\n ]\n RUN_COMMANDS = [\"cd Pyshell;./Pyshell\"]\n PROJECT_URL = \"https://github.com/knassar702/pyshell\"\n\n\nclass RemoteAdministrationTools(HackingToolsCollection):\n TITLE = \"Remote Administrator Tools (RAT)\"\n TOOLS = [\n Pyshell()\n ]\n\nif __name__ == \"__main__\":\n tools = RemoteAdministrationTools()\n tools.show_options()\n" }, { "path": "tools/reverse_engineering.py", "content": "import subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\nclass AndroGuard(HackingTool):\n TITLE = \"Androguard\"\n DESCRIPTION = \"Androguard is a Reverse engineering, Malware and goodware \" \\\n \"analysis of Android applications and more\"\n INSTALL_COMMANDS = [\"sudo pip3 install -U androguard\"]\n PROJECT_URL = \"https://github.com/androguard/androguard \"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass Apk2Gold(HackingTool):\n TITLE = \"Apk2Gold\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Apk2Gold is a CLI tool for decompiling Android apps to Java\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/lxdvs/apk2gold.git\",\n \"cd apk2gold;sudo bash make.sh\"\n ]\n PROJECT_URL = \"https://github.com/lxdvs/apk2gold \"\n\n def run(self):\n uinput = input(\"Enter (.apk) File >> \")\n subprocess.run([\"sudo\", \"apk2gold\", uinput])\n\n\nclass Jadx(HackingTool):\n TITLE = \"JadX\"\n DESCRIPTION = \"Jadx is Dex to Java decompiler.\\n\" \\\n \"[*] decompile Dalvik bytecode to java classes from APK, dex,\" \\\n \" aar and zip files\\n\" \\\n \"[*] decode AndroidManifest.xml and other resources from \" \\\n \"resources.arsc\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/skylot/jadx.git\",\n # Bug 30 fix: gradlew dist requires Java — check first\n \"java -version 2>&1 | grep -q 'version' && cd jadx && ./gradlew dist || echo '[ERROR] Java not found. Install: sudo apt install default-jdk'\",\n ]\n PROJECT_URL = \"https://github.com/skylot/jadx\"\n REQUIRES_JAVA = True\n\n def __init__(self):\n # Py3-4 fix: super(Jadx, self) → super()\n super().__init__(runnable=False)\n\n\nclass Ghidra(HackingTool):\n TITLE = \"Ghidra (NSA Reverse Engineering)\"\n DESCRIPTION = \"NSA's software reverse engineering framework — disassembly, decompilation, scripting.\"\n REQUIRES_JAVA = True\n INSTALL_COMMANDS = [\n \"sudo apt-get install -y ghidra || echo 'Download from https://ghidra-sre.org/'\",\n ]\n RUN_COMMANDS = [\"ghidra --help || echo 'Run: ghidraRun'\"]\n PROJECT_URL = \"https://github.com/NationalSecurityAgency/ghidra\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Radare2(HackingTool):\n TITLE = \"Radare2 (RE Framework)\"\n DESCRIPTION = \"Portable UNIX-like reverse engineering framework and command-line toolset.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/radareorg/radare2.git\",\n \"cd radare2 && sys/install.sh\",\n ]\n RUN_COMMANDS = [\"r2 -h\"]\n PROJECT_URL = \"https://github.com/radareorg/radare2\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass ReverseEngineeringTools(HackingToolsCollection):\n TITLE = \"Reverse engineering tools\"\n TOOLS = [\n AndroGuard(),\n Apk2Gold(),\n Jadx(),\n Ghidra(),\n Radare2(),\n ]\n\nif __name__ == \"__main__\":\n tools = ReverseEngineeringTools()\n tools.show_options()\n" }, { "path": "tools/sql_injection.py", "content": "from core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\nclass Sqlmap(HackingTool):\n TITLE = \"Sqlmap tool\"\n DESCRIPTION = \"sqlmap is an open source penetration testing tool that \" \\\n \"automates the process of detecting and exploiting SQL injection flaws \" \\\n \"and taking over database servers. [!] python3 sqlmap.py -u [http://example.com] --batch --banner. More usage: https://github.com/sqlmapproject/sqlmap/wiki/Usage\"\n INSTALL_COMMANDS = [\"git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev\"]\n RUN_COMMANDS = [\"cd sqlmap-dev;python3 sqlmap.py --wizard\"]\n PROJECT_URL = \"https://github.com/sqlmapproject/sqlmap\"\n\n\nclass NoSqlMap(HackingTool):\n TITLE = \"NoSqlMap\"\n DESCRIPTION = \"NoSQLMap is an open source Python tool designed to audit and automate injection attacks. [*] Please install MongoDB.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/codingo/NoSQLMap.git\",\n # Bug 25 fix: was \"python setup.py install\" (Python 2) and \"python NoSQLMap\"\n \"cd NoSQLMap && pip install --user .\",\n ]\n # Bug 25 fix: \"python\" → \"python3\"\n RUN_COMMANDS = [\"python3 -m nosqlmap\"]\n PROJECT_URL = \"https://github.com/codingo/NoSQLMap\"\n\n\nclass SQLiScanner(HackingTool):\n TITLE = \"Damn Small SQLi Scanner\"\n DESCRIPTION = \"DSSS is a fully functional SQL injection vulnerability scanner also supporting GET and POST parameters. Usage: python3 dsss.py -h | -u [URL]\"\n INSTALL_COMMANDS = [\"git clone https://github.com/stamparm/DSSS.git\"]\n PROJECT_URL = \"https://github.com/stamparm/DSSS\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass Explo(HackingTool):\n TITLE = \"Explo\"\n DESCRIPTION = \"Explo is a simple tool to describe web security issues in human and machine readable format. Usage: explo [--verbose|-v] testcase.yaml | explo [--verbose|-v] examples/*.yaml\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/dtag-dev-sec/explo.git\",\n \"cd explo && pip install --user .\",\n ]\n PROJECT_URL = \"https://github.com/dtag-dev-sec/explo\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass Blisqy(HackingTool):\n TITLE = \"Blisqy - Exploit Time-based blind-SQL injection\"\n DESCRIPTION = \"Blisqy helps web security researchers find time-based blind SQL injections on HTTP headers and exploit them.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/JohnTroony/Blisqy.git\"]\n PROJECT_URL = \"https://github.com/JohnTroony/Blisqy\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass Leviathan(HackingTool):\n TITLE = \"Leviathan - Wide Range Mass Audit Toolkit\"\n DESCRIPTION = \"Leviathan is a mass audit toolkit with service discovery, brute force, SQL injection detection, and custom exploit capabilities. Requires API keys.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/leviathan-framework/leviathan.git\",\n \"cd leviathan;pip install --user -r requirements.txt\"]\n RUN_COMMANDS = [\"cd leviathan;python leviathan.py\"]\n PROJECT_URL = \"https://github.com/leviathan-framework/leviathan\"\n\n\nclass SQLScan(HackingTool):\n TITLE = \"SQLScan\"\n DESCRIPTION = \"SQLScan is a quick web scanner to find SQL injection points. Not for educational purposes.\"\n INSTALL_COMMANDS = [\"sudo apt install php php-bz2 php-curl php-mbstring curl\",\n \"sudo curl https://raw.githubusercontent.com/Cvar1984/sqlscan/dev/build/main.phar --output /usr/local/bin/sqlscan\",\n \"chmod +x /usr/local/bin/sqlscan\"]\n RUN_COMMANDS = [\"sudo sqlscan\"]\n PROJECT_URL = \"https://github.com/Cvar1984/sqlscan\"\n\n\nclass SqlInjectionTools(HackingToolsCollection):\n TITLE = \"SQL Injection Tools\"\n TOOLS = [Sqlmap(), NoSqlMap(), SQLiScanner(), Explo(), Blisqy(), Leviathan(), SQLScan()]\n\nif __name__ == \"__main__\":\n tools = SqlInjectionTools()\n tools.show_options()\n" }, { "path": "tools/steganography.py", "content": "import subprocess\n\nfrom core import HackingTool, HackingToolsCollection, console\nfrom core import validate_input\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\nclass SteganoHide(HackingTool):\n TITLE = \"SteganoHide\"\n INSTALL_COMMANDS = [\"sudo apt-get install steghide -y\"]\n\n def run(self):\n choice_run = input(\n \"[1] Hide\\n\"\n \"[2] Extract\\n\"\n \"[99]Cancel\\n\"\n \">> \"\n )\n choice_run = validate_input(choice_run, [1, 2, 99])\n if choice_run is None:\n console.print(\"[bold red]Please choose a valid input[/bold red]\")\n return self.run()\n\n if choice_run == 99:\n return\n\n if choice_run == 1:\n file_hide = input(\"Enter Filename to Embed (1.txt) >> \")\n file_to_be_hide = input(\"Enter Cover Filename (test.jpeg) >> \")\n subprocess.run([\"steghide\", \"embed\", \"-cf\", file_to_be_hide, \"-ef\", file_hide])\n\n elif choice_run == 2:\n from_file = input(\"Enter Filename to Extract Data From >> \")\n subprocess.run([\"steghide\", \"extract\", \"-sf\", from_file])\n\n\nclass StegnoCracker(HackingTool):\n TITLE = \"StegnoCracker\"\n DESCRIPTION = \"SteganoCracker uncovers hidden data inside files using brute-force utility\"\n INSTALL_COMMANDS = [\"pip3 install stegcracker && pip3 install stegcracker -U --force-reinstall\"]\n\n def run(self):\n filename = input(\"Enter Filename >> \")\n passfile = input(\"Enter Wordlist Filename >> \")\n subprocess.run([\"stegcracker\", filename, passfile])\n\n\nclass StegoCracker(HackingTool):\n TITLE = \"StegoCracker\"\n DESCRIPTION = \"StegoCracker lets you hide and retrieve data in image or audio files\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/W1LDN16H7/StegoCracker.git\",\n \"sudo chmod -R 755 StegoCracker\"\n ]\n RUN_COMMANDS = [\n \"cd StegoCracker && python3 -m pip install -r requirements.txt\",\n \"./install.sh\"\n ]\n PROJECT_URL = \"https://github.com/W1LDN16H7/StegoCracker\"\n\n\nclass Whitespace(HackingTool):\n TITLE = \"Whitespace\"\n DESCRIPTION = \"Use whitespace and unicode characters for steganography\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/beardog108/snow10.git\",\n \"sudo chmod -R 755 snow10\"\n ]\n RUN_COMMANDS = [\"cd snow10 && ./install.sh\"]\n PROJECT_URL = \"https://github.com/beardog108/snow10\"\n\n\nclass SteganographyTools(HackingToolsCollection):\n TITLE = \"Steganography Tools\"\n TOOLS = [SteganoHide(), StegnoCracker(), StegoCracker(), Whitespace()]\n\nif __name__ == \"__main__\":\n tools = SteganographyTools()\n tools.show_options()\n" }, { "path": "tools/tool_manager.py", "content": "import os\nimport sys\nimport subprocess\nfrom time import sleep\n\nfrom rich.prompt import Confirm\n\nfrom core import HackingTool, HackingToolsCollection, console\nfrom constants import APP_INSTALL_DIR, APP_BIN_PATH, USER_CONFIG_DIR, REPO_URL\n\n\nclass UpdateTool(HackingTool):\n TITLE = \"Update Tool or System\"\n DESCRIPTION = \"Update system packages or pull the latest hackingtool code\"\n\n def __init__(self):\n super().__init__([\n (\"Update System\", self.update_sys),\n (\"Update Hackingtool\", self.update_ht),\n ], installable=False, runnable=False)\n\n def update_sys(self):\n from os_detect import CURRENT_OS, PACKAGE_UPDATE_CMDS\n mgr = CURRENT_OS.pkg_manager\n cmd = PACKAGE_UPDATE_CMDS.get(mgr)\n if cmd:\n priv = \"\" if (CURRENT_OS.system == \"macos\" or os.geteuid() == 0) else \"sudo \"\n # shell=True needed — cmd contains && chains; strings are hardcoded, not user input\n subprocess.run(f\"{priv}{cmd}\", shell=True, check=False)\n else:\n console.print(\"[warning]Unknown package manager — update manually.[/warning]\")\n\n def update_ht(self):\n if not APP_INSTALL_DIR.exists():\n console.print(f\"[error]Install directory not found: {APP_INSTALL_DIR}[/error]\")\n console.print(\"[dim]Run install.py first.[/dim]\")\n return\n console.print(f\"[bold cyan]Pulling latest code from {REPO_URL}...[/bold cyan]\")\n result = subprocess.run(\n [\"git\", \"pull\", \"--rebase\"],\n cwd=str(APP_INSTALL_DIR),\n capture_output=True, text=True,\n )\n if result.returncode != 0:\n console.print(f\"[error]git pull failed:\\n{result.stderr}[/error]\")\n return\n pip = str(APP_INSTALL_DIR / \"venv\" / \"bin\" / \"pip\")\n if (APP_INSTALL_DIR / \"venv\" / \"bin\" / \"pip\").exists():\n subprocess.run([pip, \"install\", \"-q\", \"-r\",\n str(APP_INSTALL_DIR / \"requirements.txt\")])\n console.print(\"[success]✔ Hackingtool updated.[/success]\")\n\n\nclass UninstallTool(HackingTool):\n TITLE = \"Uninstall HackingTool\"\n DESCRIPTION = \"Remove hackingtool from system\"\n\n def __init__(self):\n super().__init__([\n (\"Uninstall\", self.uninstall),\n ], installable=False, runnable=False)\n\n def uninstall(self):\n import shutil\n console.print(\"[warning]This will remove hackingtool from your system.[/warning]\")\n if not Confirm.ask(\"Continue?\", default=False):\n return\n\n if APP_INSTALL_DIR.exists():\n shutil.rmtree(str(APP_INSTALL_DIR))\n console.print(f\"[success]✔ Removed {APP_INSTALL_DIR}[/success]\")\n else:\n console.print(f\"[dim]{APP_INSTALL_DIR} not found — already removed?[/dim]\")\n\n if APP_BIN_PATH.exists():\n APP_BIN_PATH.unlink()\n console.print(f\"[success]✔ Removed launcher {APP_BIN_PATH}[/success]\")\n\n if Confirm.ask(f\"Also remove user data at {USER_CONFIG_DIR}?\", default=False):\n shutil.rmtree(str(USER_CONFIG_DIR), ignore_errors=True)\n console.print(f\"[success]✔ Removed {USER_CONFIG_DIR}[/success]\")\n\n console.print(\"[bold green]Hackingtool uninstalled. Goodbye.[/bold green]\")\n sleep(1)\n sys.exit(0)\n\n\nclass ToolManager(HackingToolsCollection):\n TITLE = \"Update or Uninstall | Hackingtool\"\n TOOLS = [\n UpdateTool(),\n UninstallTool(),\n ]\n\n\nif __name__ == \"__main__\":\n manager = ToolManager()\n manager.show_options()\n" }, { "path": "tools/web_attack.py", "content": "import subprocess\nfrom core import HackingTool, HackingToolsCollection, console\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\n\nclass Web2Attack(HackingTool):\n TITLE = \"Web2Attack\"\n DESCRIPTION = \"Web hacking framework with tools, exploits by python\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/santatic/web2attack.git\"\n ]\n RUN_COMMANDS = [\"cd web2attack && sudo python3 w2aconsole\"]\n PROJECT_URL = \"https://github.com/santatic/web2attack\"\n\n\nclass Skipfish(HackingTool):\n TITLE = \"Skipfish\"\n DESCRIPTION = (\n \"Skipfish – Fully automated, active web application \"\n \"security reconnaissance tool \\n \"\n \"Usage: skipfish -o [FolderName] targetip/site\"\n )\n RUN_COMMANDS = [\n \"sudo skipfish -h\",\n 'echo \"skipfish -o [FolderName] targetip/site\"|boxes -d headline | lolcat'\n ]\n\n def __init__(self):\n super().__init__(installable=False)\n\n\nclass SubDomainFinder(HackingTool):\n TITLE = \"SubDomain Finder\"\n DESCRIPTION = (\n \"Sublist3r is a python tool designed to enumerate \"\n \"subdomains of websites using OSINT \\n \"\n \"Usage:\\n\\t[1] python3 sublist3r.py -d example.com \\n\"\n \"[2] python3 sublist3r.py -d example.com -p 80,443\"\n )\n INSTALL_COMMANDS = [\n \"sudo pip3 install requests argparse dnspython\",\n \"git clone https://github.com/aboul3la/Sublist3r.git\",\n \"cd Sublist3r && sudo pip3 install -r requirements.txt\"\n ]\n RUN_COMMANDS = [\"cd Sublist3r && python3 sublist3r.py -h\"]\n PROJECT_URL = \"https://github.com/aboul3la/Sublist3r\"\n\n\nclass CheckURL(HackingTool):\n TITLE = \"CheckURL\"\n DESCRIPTION = (\n \"Detect evil urls that uses IDN Homograph Attack.\\n\\t\"\n \"[!] python3 checkURL.py --url google.com\"\n )\n INSTALL_COMMANDS = [\"git clone https://github.com/UndeadSec/checkURL.git\"]\n RUN_COMMANDS = [\"cd checkURL && python3 checkURL.py --help\"]\n PROJECT_URL = \"https://github.com/UndeadSec/checkURL\"\n\n\nclass Blazy(HackingTool):\n TITLE = \"Blazy(Also Find ClickJacking)\"\n DESCRIPTION = \"Blazy is a modern login page bruteforcer\"\n INSTALL_COMMANDS = []\n RUN_COMMANDS = []\n PROJECT_URL = \"https://github.com/UltimateHackers/Blazy\"\n ARCHIVED = True\n ARCHIVED_REASON = \"Python 2 only (pip2.7/python2.7). Repo archived/unmaintained.\"\n\n def __init__(self):\n super().__init__(installable=False, runnable=False)\n\n\nclass SubDomainTakeOver(HackingTool):\n TITLE = \"Sub-Domain TakeOver\"\n DESCRIPTION = (\n \"Sub-domain takeover vulnerability occur when a sub-domain \"\n \"\\n (subdomain.example.com) is pointing to a service \"\n \"(e.g: GitHub, AWS/S3,..)\\nthat has been removed or deleted.\\n\"\n \"Usage:python3 takeover.py -d www.domain.com -v\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/edoardottt/takeover.git\",\n \"cd takeover && pip install --user .\"\n ]\n PROJECT_URL = \"https://github.com/edoardottt/takeover\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass Dirb(HackingTool):\n TITLE = \"Dirb\"\n DESCRIPTION = (\n \"DIRB is a Web Content Scanner. It looks for existing \"\n \"(and/or hidden) Web Objects.\\n\"\n \"It basically works by launching a dictionary based \"\n \"attack against \\n a web server and analyzing the response.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://gitlab.com/kalilinux/packages/dirb.git\",\n \"cd dirb;sudo bash configure;make\"\n ]\n PROJECT_URL = \"https://gitlab.com/kalilinux/packages/dirb\"\n\n def run(self):\n uinput = input(\"Enter Url >> \")\n subprocess.run([\"sudo\", \"dirb\", uinput])\n\n\nclass Nuclei(HackingTool):\n TITLE = \"Nuclei (Vulnerability Scanner)\"\n DESCRIPTION = (\n \"Fast, template-based vulnerability scanner used by 50k+ security teams.\\n\"\n \"Usage: nuclei -u https://example.com\"\n )\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest\",\n \"nuclei -update-templates\",\n ]\n RUN_COMMANDS = [\"nuclei -h\"]\n PROJECT_URL = \"https://github.com/projectdiscovery/nuclei\"\n\n\nclass Ffuf(HackingTool):\n TITLE = \"ffuf (Web Fuzzer)\"\n DESCRIPTION = (\n \"Fast web fuzzer — content discovery, parameter fuzzing, vhost discovery.\\n\"\n \"Usage: ffuf -w wordlist.txt -u https://example.com/FUZZ\"\n )\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install -v github.com/ffuf/ffuf/v2@latest\",\n ]\n RUN_COMMANDS = [\"ffuf -h\"]\n PROJECT_URL = \"https://github.com/ffuf/ffuf\"\n\n\nclass Feroxbuster(HackingTool):\n TITLE = \"Feroxbuster (Directory Brute Force)\"\n DESCRIPTION = (\n \"Fast, recursive content discovery tool written in Rust.\\n\"\n \"Usage: feroxbuster -u https://example.com -w wordlist.txt\"\n )\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/main/install-nix.sh \"\n \"| sudo bash -s /usr/local/bin\",\n ]\n RUN_COMMANDS = [\"feroxbuster -h\"]\n PROJECT_URL = \"https://github.com/epi052/feroxbuster\"\n\n\nclass Nikto(HackingTool):\n TITLE = \"Nikto (Web Server Scanner)\"\n DESCRIPTION = (\n \"Scan web servers for dangerous files, outdated software, misconfigurations.\\n\"\n \"Usage: nikto -h https://example.com\"\n )\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"sudo apt-get install -y nikto\"]\n RUN_COMMANDS = [\"nikto -Help\"]\n PROJECT_URL = \"https://github.com/sullo/nikto\"\n\n\nclass Wafw00f(HackingTool):\n TITLE = \"wafw00f (WAF Detector)\"\n DESCRIPTION = (\n \"Fingerprint and identify Web Application Firewalls (WAF).\\n\"\n \"Usage: wafw00f https://example.com\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/EnableSecurity/wafw00f.git\",\n \"cd wafw00f && pip install --user .\",\n ]\n RUN_COMMANDS = [\"wafw00f --help\"]\n PROJECT_URL = \"https://github.com/EnableSecurity/wafw00f\"\n\n\nclass Katana(HackingTool):\n TITLE = \"Katana (Web Crawler)\"\n DESCRIPTION = (\n \"Next-generation crawling and spidering framework from ProjectDiscovery.\\n\"\n \"Usage: katana -u https://example.com\"\n )\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\n \"go install -v github.com/projectdiscovery/katana/cmd/katana@latest\",\n ]\n RUN_COMMANDS = [\"katana -h\"]\n PROJECT_URL = \"https://github.com/projectdiscovery/katana\"\n\n\nclass Gobuster(HackingTool):\n TITLE = \"Gobuster (Dir/DNS/Vhost Brute Force)\"\n DESCRIPTION = \"Directory/file, DNS, and vhost brute-forcing tool written in Go.\"\n REQUIRES_GO = True\n INSTALL_COMMANDS = [\"go install github.com/OJ/gobuster/v3@latest\"]\n RUN_COMMANDS = [\"gobuster --help\"]\n PROJECT_URL = \"https://github.com/OJ/gobuster\"\n\n\nclass Dirsearch(HackingTool):\n TITLE = \"Dirsearch (Web Path Discovery)\"\n DESCRIPTION = \"Web path brute-forcing tool for discovering directories and files on web servers.\"\n INSTALL_COMMANDS = [\"pip install --user dirsearch\"]\n RUN_COMMANDS = [\"dirsearch --help\"]\n PROJECT_URL = \"https://github.com/maurosoria/dirsearch\"\n\n\nclass OwaspZap(HackingTool):\n TITLE = \"OWASP ZAP (Web App Scanner)\"\n DESCRIPTION = \"Full-featured web application security scanner — proxy, spider, fuzzer, scanner.\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"sudo apt-get install -y zaproxy\"]\n RUN_COMMANDS = [\"zaproxy --help\"]\n PROJECT_URL = \"https://github.com/zaproxy/zaproxy\"\n\n\nclass TestSSL(HackingTool):\n TITLE = \"testssl.sh (TLS/SSL Checker)\"\n DESCRIPTION = \"Check TLS/SSL ciphers, protocols, and cryptographic flaws on any port.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/drwetter/testssl.sh.git\"]\n RUN_COMMANDS = [\"cd testssl.sh && ./testssl.sh --help\"]\n PROJECT_URL = \"https://github.com/drwetter/testssl.sh\"\n\n\nclass Arjun(HackingTool):\n TITLE = \"Arjun (HTTP Parameter Discovery)\"\n DESCRIPTION = \"HTTP parameter discovery suite that finds hidden GET/POST parameters.\"\n INSTALL_COMMANDS = [\"pip install --user arjun\"]\n RUN_COMMANDS = [\"arjun --help\"]\n PROJECT_URL = \"https://github.com/s0md3v/Arjun\"\n\n\nclass Caido(HackingTool):\n TITLE = \"Caido (Web Security Auditing)\"\n DESCRIPTION = \"Lightweight, modern web security auditing toolkit — Burp Suite alternative written in Rust.\"\n INSTALL_COMMANDS = [\n \"curl -sSL https://caido.download/releases/latest/caido-cli-linux-x86_64.tar.gz | sudo tar xz -C /usr/local/bin\",\n ]\n RUN_COMMANDS = [\"caido --help\"]\n PROJECT_URL = \"https://github.com/caido/caido\"\n SUPPORTED_OS = [\"linux\", \"macos\"]\n\n\nclass Mitmproxy(HackingTool):\n TITLE = \"mitmproxy (Intercepting Proxy)\"\n DESCRIPTION = \"Interactive TLS-capable intercepting HTTP proxy for pentesters and developers.\"\n INSTALL_COMMANDS = [\"pip install --user mitmproxy\"]\n RUN_COMMANDS = [\"mitmproxy --version\"]\n PROJECT_URL = \"https://github.com/mitmproxy/mitmproxy\"\n\n\nclass WebAttackTools(HackingToolsCollection):\n TITLE = \"Web Attack tools\"\n DESCRIPTION = \"\"\n TOOLS = [\n Web2Attack(),\n Skipfish(),\n SubDomainFinder(),\n CheckURL(),\n Blazy(),\n SubDomainTakeOver(),\n Dirb(),\n Nuclei(),\n Ffuf(),\n Feroxbuster(),\n Nikto(),\n Wafw00f(),\n Katana(),\n Gobuster(),\n Dirsearch(),\n OwaspZap(),\n TestSSL(),\n Arjun(),\n Caido(),\n Mitmproxy(),\n ]\n\nif __name__ == \"__main__\":\n tools = WebAttackTools()\n tools.show_options()\n" }, { "path": "tools/wireless_attack.py", "content": "from rich.prompt import Prompt\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass WIFIPumpkin(HackingTool):\n TITLE = \"WiFi-Pumpkin\"\n DESCRIPTION = (\n \"The WiFi-Pumpkin is a rogue AP framework to easily create fake networks\\n\"\n \"while forwarding legitimate traffic to and from the unsuspecting target.\"\n )\n INSTALL_COMMANDS = [\n \"sudo apt install -y libssl-dev libffi-dev build-essential python3-pyqt5\",\n \"git clone https://github.com/P0cL4bs/wifipumpkin3.git\",\n \"chmod -R 755 wifipumpkin3\",\n \"cd wifipumpkin3 && pip install --user .\",\n ]\n RUN_COMMANDS = [\"sudo wifipumpkin3\"]\n PROJECT_URL = \"https://github.com/P0cL4bs/wifipumpkin3\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n\n\nclass pixiewps(HackingTool):\n TITLE = \"pixiewps\"\n DESCRIPTION = (\n \"Pixiewps is a tool written in C used to bruteforce offline the WPS pin\\n\"\n \"exploiting the low or non-existing entropy of some Access Points \"\n \"(pixie dust attack).\"\n )\n INSTALL_COMMANDS = [\n # Bug 29 fix: removed wget https://pastebin.com/... (insecure download from pastebin)\n \"git clone https://github.com/wiire/pixiewps.git && apt-get -y install build-essential\",\n \"cd pixiewps && make\",\n \"cd pixiewps && sudo make install\",\n ]\n PROJECT_URL = \"https://github.com/wiire/pixiewps\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n\n def run(self):\n console.print(\n \"[bold cyan]Usage:[/bold cyan]\\n\"\n \" 1. Put interface into monitor mode: [yellow]airmon-ng start [/yellow]\\n\"\n \" 2. Scan: [yellow]wash -i [/yellow]\\n\"\n \" 3. Attack: [yellow]reaver -i -b -c -vvv -K 1 -f[/yellow]\\n\"\n \" 4. Run: [yellow]pixiewps -h[/yellow]\"\n )\n\n\nclass BluePot(HackingTool):\n TITLE = \"Bluetooth Honeypot GUI Framework\"\n DESCRIPTION = (\n \"You need at least 1 bluetooth receiver.\\n\"\n \"Install libbluetooth-dev (Ubuntu) / bluez-libs-devel (Fedora) / bluez-devel (openSUSE).\"\n )\n INSTALL_COMMANDS = [\n # Bug 15 fix: missing comma caused implicit string concatenation — two strings joined\n \"sudo wget https://raw.githubusercontent.com/andrewmichaelsmith/bluepot/master/bin/bluepot-0.2.tar.gz\",\n \"sudo tar xfz bluepot-0.2.tar.gz && sudo rm bluepot-0.2.tar.gz\",\n ]\n RUN_COMMANDS = [\"cd bluepot && sudo java -jar bluepot.jar\"]\n PROJECT_URL = \"https://github.com/andrewmichaelsmith/bluepot\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_JAVA = True\n\n\nclass Fluxion(HackingTool):\n TITLE = \"Fluxion\"\n DESCRIPTION = \"Fluxion is a remake of linset by vk496 with enhanced functionality.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/FluxionNetwork/fluxion.git\",\n \"cd fluxion && chmod +x fluxion.sh\",\n ]\n RUN_COMMANDS = [\"cd fluxion && sudo bash fluxion.sh -i\"]\n PROJECT_URL = \"https://github.com/FluxionNetwork/fluxion\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n\n\nclass Wifiphisher(HackingTool):\n TITLE = \"Wifiphisher\"\n DESCRIPTION = (\n \"Wifiphisher is a rogue Access Point framework for conducting red team engagements\\n\"\n \"or Wi-Fi security testing. Easily achieve man-in-the-middle position against\\n\"\n \"wireless clients by performing targeted Wi-Fi association attacks.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/wifiphisher/wifiphisher.git\",\n \"cd wifiphisher && pip install --user .\",\n ]\n RUN_COMMANDS = [\"cd wifiphisher && sudo wifiphisher\"]\n PROJECT_URL = \"https://github.com/wifiphisher/wifiphisher\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n\n\nclass Wifite(HackingTool):\n TITLE = \"Wifite\"\n DESCRIPTION = \"Wifite is an automated wireless attack tool.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/derv82/wifite2.git\",\n \"cd wifite2 && pip install --user .\",\n ]\n RUN_COMMANDS = [\"sudo wifite\"]\n PROJECT_URL = \"https://github.com/derv82/wifite2\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n\n\nclass EvilTwin(HackingTool):\n TITLE = \"EvilTwin\"\n DESCRIPTION = (\n \"Fakeap — perform Evil Twin Attack by getting credentials \"\n \"using a Fake page and Fake Access Point.\"\n )\n INSTALL_COMMANDS = [\"git clone https://github.com/Z4nzu/fakeap.git\"]\n RUN_COMMANDS = [\"cd fakeap && sudo bash fakeap.sh\"]\n PROJECT_URL = \"https://github.com/Z4nzu/fakeap\"\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n\n\nclass Fastssh(HackingTool):\n TITLE = \"Fastssh\"\n DESCRIPTION = (\n \"Fastssh — multi-threaded scan and brute force attack against SSH protocol\\n\"\n \"using the most commonly used credentials.\"\n )\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Z4nzu/fastssh.git && cd fastssh && chmod +x fastssh.sh\",\n \"sudo apt-get install -y sshpass netcat\",\n ]\n RUN_COMMANDS = [\"cd fastssh && sudo bash fastssh.sh --scan\"]\n PROJECT_URL = \"https://github.com/Z4nzu/fastssh\"\n SUPPORTED_OS = [\"linux\"]\n\n\nclass Howmanypeople(HackingTool):\n TITLE = \"Howmanypeople\"\n DESCRIPTION = (\n \"Count the number of people around you by monitoring wifi signals.\\n\"\n \"[@] WIFI ADAPTER REQUIRED\\n\"\n \"[*] It may be illegal to monitor networks for MAC addresses on networks you do not own.\"\n )\n INSTALL_COMMANDS = [\n # Bug 14 fix: missing comma caused \"sudo apt-get install tshark;sudo python3...\"\n # to be one implicitly concatenated string — only first command ran\n \"sudo apt-get install -y tshark\",\n \"sudo python3 -m pip install howmanypeoplearearound\",\n ]\n RUN_COMMANDS = [\"howmanypeoplearearound\"]\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n\n\nclass Airgeddon(HackingTool):\n TITLE = \"Airgeddon (Wireless Attack Suite)\"\n DESCRIPTION = (\n \"Multi-use bash script for auditing wireless networks.\\n\"\n \"Covers WPA/WPA2, WEP, WPS, PMKID, evil twin, handshake capture and more.\"\n )\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n INSTALL_COMMANDS = [\n \"git clone https://github.com/v1s1t0r1sh3r3/airgeddon.git\",\n ]\n RUN_COMMANDS = [\"cd airgeddon && sudo bash airgeddon.sh\"]\n PROJECT_URL = \"https://github.com/v1s1t0r1sh3r3/airgeddon\"\n\n\nclass Hcxdumptool(HackingTool):\n TITLE = \"hcxdumptool (PMKID Capture)\"\n DESCRIPTION = (\n \"Capture packets and PMKID hashes from WLAN devices.\\n\"\n \"Usage: hcxdumptool -i -o capture.pcapng --enable_status=1\"\n )\n SUPPORTED_OS = [\"linux\"]\n REQUIRES_WIFI = True\n INSTALL_COMMANDS = [\n \"git clone https://github.com/ZerBea/hcxdumptool.git\",\n \"cd hcxdumptool && make && sudo make install\",\n ]\n RUN_COMMANDS = [\"hcxdumptool --help\"]\n PROJECT_URL = \"https://github.com/ZerBea/hcxdumptool\"\n\n\nclass Hcxtools(HackingTool):\n TITLE = \"hcxtools (PMKID/Hash Conversion)\"\n DESCRIPTION = (\n \"Convert captured WLAN packets to hashcat/JtR-compatible format.\\n\"\n \"Usage: hcxpcapngtool -o hashes.txt capture.pcapng\"\n )\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\n \"git clone https://github.com/ZerBea/hcxtools.git\",\n \"cd hcxtools && make && sudo make install\",\n ]\n RUN_COMMANDS = [\"hcxpcapngtool --help\"]\n PROJECT_URL = \"https://github.com/ZerBea/hcxtools\"\n\n\nclass Bettercap(HackingTool):\n TITLE = \"Bettercap (Network/WiFi/BLE MITM)\"\n DESCRIPTION = \"Swiss army knife for WiFi, BLE, HID, and Ethernet network recon and MITM attacks.\"\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"sudo apt-get install -y bettercap\"]\n RUN_COMMANDS = [\"sudo bettercap --help\"]\n PROJECT_URL = \"https://github.com/bettercap/bettercap\"\n\n\nclass WirelessAttackTools(HackingToolsCollection):\n TITLE = \"Wireless attack tools\"\n TOOLS = [\n WIFIPumpkin(),\n pixiewps(),\n BluePot(),\n Fluxion(),\n Wifiphisher(),\n Wifite(),\n EvilTwin(),\n Fastssh(),\n Howmanypeople(),\n Airgeddon(),\n Hcxdumptool(),\n Hcxtools(),\n Bettercap(),\n ]\n\n\nif __name__ == \"__main__\":\n tools = WirelessAttackTools()\n tools.show_options()\n" }, { "path": "tools/wordlist_generator.py", "content": "import os\nimport subprocess\n\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\nfrom rich.table import Table\nfrom rich import box\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass Cupp(HackingTool):\n TITLE = \"Cupp\"\n # Bug 24 fix: DESCRIPTION was copy-pasted from WlCreator — completely wrong\n DESCRIPTION = \"Common User Passwords Profiler — generates personalized wordlists based on target info.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/Mebus/cupp.git\"]\n RUN_COMMANDS = [\"cd cupp && python3 cupp.py -i\"]\n PROJECT_URL = \"https://github.com/Mebus/cupp\"\n\n def show_info(self):\n panel = Panel(\n f\"[bold purple]{self.TITLE}[/bold purple]\\n\\n\"\n f\"[cyan]{self.DESCRIPTION}[/cyan]\\n\\n\"\n f\"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]\",\n border_style=\"purple\",\n box=box.ROUNDED,\n )\n console.print(panel)\n\n\nclass WlCreator(HackingTool):\n TITLE = \"WordlistCreator\"\n DESCRIPTION = \"WlCreator is a C program that can create all possibilities\" \\\n \" of passwords,\\n and you can choose Length, Lowercase, \" \\\n \"Capital, Numbers and Special Chars\"\n INSTALL_COMMANDS = [\"git clone https://github.com/Z4nzu/wlcreator.git\"]\n RUN_COMMANDS = [\n \"cd wlcreator && sudo gcc -o wlcreator wlcreator.c && ./wlcreator 5\"]\n PROJECT_URL = \"https://github.com/Z4nzu/wlcreator\"\n\n def show_info(self):\n panel = Panel(\n f\"[bold purple]{self.TITLE}[/bold purple]\\n\\n\"\n f\"[cyan]{self.DESCRIPTION}[/cyan]\\n\\n\"\n f\"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]\",\n border_style=\"purple\",\n box=box.ROUNDED,\n )\n console.print(panel)\n\n\nclass GoblinWordGenerator(HackingTool):\n TITLE = \"Goblin WordGenerator\"\n DESCRIPTION = \"Goblin WordGenerator\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/UndeadSec/GoblinWordGenerator.git\"]\n RUN_COMMANDS = [\"cd GoblinWordGenerator && python3 goblin.py\"]\n PROJECT_URL = \"https://github.com/UndeadSec/GoblinWordGenerator.git\"\n\n def show_info(self):\n panel = Panel(\n f\"[bold purple]{self.TITLE}[/bold purple]\\n\\n\"\n f\"[cyan]{self.DESCRIPTION}[/cyan]\\n\\n\"\n f\"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]\",\n border_style=\"purple\",\n box=box.ROUNDED,\n )\n console.print(panel)\n\n\nclass showme(HackingTool):\n TITLE = \"Password list (1.4 Billion Clear Text Password)\"\n DESCRIPTION = \"This tool allows you to perform OSINT and reconnaissance on \" \\\n \"an organisation or an individual. It allows one to search \" \\\n \"1.4 Billion clear text credentials which was dumped as \" \\\n \"part of BreachCompilation leak. This database makes \" \\\n \"finding passwords faster and easier than ever before.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got.git\",\n \"cd SMWYG-Show-Me-What-You-Got && pip3 install -r requirements.txt\"\n ]\n RUN_COMMANDS = [\"cd SMWYG-Show-Me-What-You-Got && python SMWYG.py\"]\n PROJECT_URL = \"https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got\"\n\n def show_info(self):\n panel = Panel(\n f\"[bold purple]{self.TITLE}[/bold purple]\\n\\n\"\n f\"[cyan]{self.DESCRIPTION}[/cyan]\\n\\n\"\n f\"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]\",\n border_style=\"purple\",\n box=box.ROUNDED,\n )\n console.print(panel)\n\n\nclass Hashcat(HackingTool):\n TITLE = \"Hashcat (Password Cracker)\"\n DESCRIPTION = (\n \"World's fastest GPU/CPU password recovery tool — supports 300+ hash types.\\n\"\n \"Usage: hashcat -m 0 -a 0 hashes.txt wordlist.txt\"\n )\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"sudo apt-get install -y hashcat\"]\n RUN_COMMANDS = [\"hashcat --help\"]\n PROJECT_URL = \"https://github.com/hashcat/hashcat\"\n\n\nclass JohnTheRipper(HackingTool):\n TITLE = \"John the Ripper\"\n DESCRIPTION = (\n \"Open-source password security auditing and recovery tool.\\n\"\n \"Usage: john --wordlist=wordlist.txt hashfile\"\n )\n SUPPORTED_OS = [\"linux\"]\n INSTALL_COMMANDS = [\"sudo apt-get install -y john\"]\n RUN_COMMANDS = [\"john --help\"]\n PROJECT_URL = \"https://github.com/openwall/john\"\n\n\nclass Haiti(HackingTool):\n TITLE = \"haiti (Hash Type Identifier)\"\n DESCRIPTION = (\n \"Identify hash types — supports 300+ algorithms.\\n\"\n \"Usage: haiti \"\n )\n REQUIRES_RUBY = True\n INSTALL_COMMANDS = [\"gem install haiti-hash\"]\n RUN_COMMANDS = [\"haiti --help\"]\n PROJECT_URL = \"https://github.com/noraj/haiti\"\n\n\nclass WordlistGeneratorTools(HackingToolsCollection):\n TITLE = \"Wordlist Generator\"\n TOOLS = [\n Cupp(),\n WlCreator(),\n GoblinWordGenerator(),\n showme(),\n Hashcat(),\n JohnTheRipper(),\n Haiti(),\n ]\n\n def show_info(self):\n header = Panel(f\"[bold white on purple] {self.TITLE} [/bold white on purple]\",\n border_style=\"purple\", box=box.DOUBLE)\n console.print(header)\n table = Table(box=box.SIMPLE, show_header=True, header_style=\"bold purple\")\n table.add_column(\"#\", justify=\"center\", style=\"cyan\", width=4)\n table.add_column(\"Tool\", style=\"bold\")\n table.add_column(\"Description\", style=\"dim\", overflow=\"fold\")\n\n for idx, t in enumerate(self.TOOLS, start=1):\n desc = getattr(t, \"DESCRIPTION\", \"\") or \"\"\n table.add_row(str(idx), t.TITLE, desc)\n\n table.add_row(\"[red]99[/red]\", \"[bold red]Exit[/bold red]\", \"Return to previous menu\")\n console.print(table)\n\nif __name__ == \"__main__\":\n tools = WordlistGeneratorTools()\n tools.show_info()\n tools.show_options()\n" }, { "path": "tools/xss_attack.py", "content": "import os\nimport subprocess\nfrom rich.panel import Panel\nfrom rich.prompt import Prompt\n\nfrom core import HackingTool, HackingToolsCollection, console\n\n\nclass Dalfox(HackingTool):\n TITLE = \"DalFox (Finder of XSS)\"\n DESCRIPTION = \"XSS Scanning and Parameter Analysis tool.\"\n INSTALL_COMMANDS = [\n \"sudo apt-get install -y golang\",\n \"go install github.com/hahwul/dalfox/v2@latest\",\n ]\n RUN_COMMANDS = [\n \"~/go/bin/dalfox --help\",\n ]\n PROJECT_URL = \"https://github.com/hahwul/dalfox\"\n\n\nclass XSSPayloadGenerator(HackingTool):\n TITLE = \"XSS Payload Generator\"\n DESCRIPTION = \"XSS PAYLOAD GENERATOR - XSS SCANNER - XSS DORK FINDER\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/capture0x/XSS-LOADER.git\",\n \"cd XSS-LOADER;sudo pip3 install -r requirements.txt\"\n ]\n RUN_COMMANDS = [\"cd XSS-LOADER;sudo python3 payloader.py\"]\n PROJECT_URL = \"https://github.com/capture0x/XSS-LOADER.git\"\n\n\nclass XSSFinder(HackingTool):\n TITLE = \"Extended XSS Searcher and Finder\"\n DESCRIPTION = \"Extended XSS Searcher and Finder\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/Damian89/extended-xss-search.git\"]\n PROJECT_URL = \"https://github.com/Damian89/extended-xss-search\"\n\n def after_install(self):\n console.print(Panel.fit(\n \"[bold cyan]Follow These Steps After Installation:[/bold cyan]\\n\"\n \"[red]*[/red] Go to [yellow]extended-xss-search[/yellow] directory\\n\"\n \"[green]*[/green] Rename [bold]example.app-settings.conf[/bold] → [bold]app-settings.conf[/bold]\",\n title=\"[ Install Notes ]\",\n border_style=\"magenta\"\n ))\n input(\"Press ENTER to continue\")\n\n def run(self):\n console.print(Panel.fit(\n \"[bold cyan]You need to add links to scan[/bold cyan]\\n\"\n \"[red]*[/red] Go to [yellow]extended-xss-search/config/urls-to-test.txt[/yellow]\\n\"\n \"[green]*[/green] Run: [bold]python3 extended-xss-search.py[/bold]\",\n title=\"[ Run Instructions ]\",\n border_style=\"blue\"\n ))\n\n\nclass XSSFreak(HackingTool):\n TITLE = \"XSS-Freak\"\n DESCRIPTION = \"An XSS scanner fully written in Python 3 from scratch.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/PR0PH3CY33/XSS-Freak.git\",\n \"cd XSS-Freak;sudo pip3 install -r requirements.txt\"\n ]\n RUN_COMMANDS = [\"cd XSS-Freak;sudo python3 XSS-Freak.py\"]\n PROJECT_URL = \"https://github.com/PR0PH3CY33/XSS-Freak\"\n\n\nclass XSpear(HackingTool):\n TITLE = \"XSpear\"\n DESCRIPTION = \"XSpear is an XSS Scanner built on Ruby Gems.\"\n INSTALL_COMMANDS = [\"gem install XSpear\"]\n RUN_COMMANDS = [\"XSpear -h\"]\n PROJECT_URL = \"https://github.com/hahwul/XSpear\"\n\n\nclass XSSCon(HackingTool):\n TITLE = \"XSSCon\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/menkrep1337/XSSCon.git\",\n \"sudo chmod 755 -R XSSCon\"\n ]\n PROJECT_URL = \"https://github.com/menkrep1337/XSSCon\"\n\n def run(self):\n console.print(Panel.fit(\n \"Enter target website to scan with XSSCon:\",\n title=\"[bold yellow]XSSCon[/bold yellow]\",\n border_style=\"bright_yellow\"\n ))\n website = Prompt.ask(\"[bold cyan]Enter Website[/bold cyan]\")\n from config import get_tools_dir\n subprocess.run([\"python3\", \"xsscon.py\", \"-u\", website],\n cwd=str(get_tools_dir() / \"XSSCon\"))\n\n\nclass XanXSS(HackingTool):\n TITLE = \"XanXSS\"\n DESCRIPTION = \"Reflected XSS searching tool that creates payloads from templates.\"\n INSTALL_COMMANDS = [\"git clone https://github.com/Ekultek/XanXSS.git\"]\n PROJECT_URL = \"https://github.com/Ekultek/XanXSS\"\n\n def run(self):\n from config import get_tools_dir\n subprocess.run([\"python3\", \"xanxss.py\", \"-h\"],\n cwd=str(get_tools_dir() / \"XanXSS\"))\n\n\nclass XSSStrike(HackingTool):\n TITLE = \"Advanced XSS Detection Suite\"\n DESCRIPTION = \"XSStrike is a Python-based tool designed to detect and exploit XSS vulnerabilities.\"\n INSTALL_COMMANDS = [\n \"sudo rm -rf XSStrike\",\n \"git clone https://github.com/UltimateHackers/XSStrike.git \"\n \"&& cd XSStrike && pip install -r requirements.txt\"\n ]\n PROJECT_URL = \"https://github.com/UltimateHackers/XSStrike\"\n\n def __init__(self):\n super().__init__(runnable=False)\n\n\nclass RVuln(HackingTool):\n TITLE = \"RVuln\"\n SUPPORTED_OS = [\"linux\"]\n DESCRIPTION = \"Multi-threaded and Automated Web Vulnerability Scanner written in Rust.\"\n INSTALL_COMMANDS = [\n \"git clone https://github.com/iinc0gnit0/RVuln.git;\"\n \"curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh;\"\n \"source $HOME/.cargo/env;\"\n \"sudo apt install librust-openssl-dev;\"\n \"cd RVuln;sudo su;cargo build --release;mv target/release/RVuln\"\n ]\n RUN_COMMANDS = [\"RVuln\"]\n PROJECT_URL = \"https://github.com/iinc0gnit0/RVuln\"\n\n\nclass XSSAttackTools(HackingToolsCollection):\n TITLE = \"XSS Attack Tools\"\n TOOLS = [\n Dalfox(),\n XSSPayloadGenerator(),\n XSSFinder(),\n XSSFreak(),\n XSpear(),\n XSSCon(),\n XanXSS(),\n XSSStrike(),\n RVuln()\n ]\n\n def show_info(self):\n console.print(Panel.fit(\n \"[bold magenta]XSS Attack Tools Collection[/bold magenta]\\n\"\n \"A curated set of tools for XSS vulnerability analysis and exploitation.\",\n border_style=\"bright_magenta\"\n ))\n" }, { "path": "update.sh", "content": "#!/bin/bash\nset -euo pipefail\n\nINSTALL_DIR=\"/usr/share/hackingtool\"\n\nif [[ $EUID -ne 0 ]]; then\n echo \"[ERROR] Run as root: sudo bash update.sh\"\n exit 1\nfi\n\nif [[ ! -d \"$INSTALL_DIR\" ]]; then\n echo \"[ERROR] Installation not found at $INSTALL_DIR. Run install.py first.\"\n exit 1\nfi\n\necho \"[*] Checking internet connection...\"\nif ! curl -sSf --max-time 10 https://github.com > /dev/null; then\n echo \"[ERROR] No internet connection.\"\n exit 1\nfi\necho \"[✔] Internet OK\"\n\necho \"[*] Pulling latest changes...\"\ngit -C \"$INSTALL_DIR\" config --local safe.directory \"$INSTALL_DIR\"\ngit -C \"$INSTALL_DIR\" pull --rebase\n\necho \"[*] Updating Python dependencies...\"\nif [[ -f \"$INSTALL_DIR/venv/bin/pip\" ]]; then\n \"$INSTALL_DIR/venv/bin/pip\" install -q --upgrade -r \"$INSTALL_DIR/requirements.txt\"\nelse\n echo \"[WARN] venv not found — skipping pip update. Run install.py to create it.\"\nfi\n\necho \"[✔] Hackingtool updated. Run 'hackingtool' to start.\"\n" } ]