Repository: Z4nzu/hackingtool Branch: master Commit: 01a51bbca6d0 Files: 58 Total size: 219.9 KB Directory structure: gitextract_i3uowkw6/ ├── .dockerignore ├── .github/ │ ├── FUNDING.yml │ ├── ISSUE_TEMPLATE/ │ │ ├── bug_report.md │ │ ├── feature_request.md │ │ └── tool_request.md │ ├── PULL_REQUEST_TEMPLATE.md │ └── workflows/ │ ├── lint_python.yml │ └── test_install.yml ├── .gitignore ├── Dockerfile ├── LICENSE ├── README.md ├── README_template.md ├── config.py ├── constants.py ├── core.py ├── docker-compose.yml ├── generate_readme.py ├── hackingtool.py ├── images/ │ └── demo ├── install.py ├── install.sh ├── os_detect.py ├── requirements.txt ├── tools/ │ ├── __init__.py │ ├── active_directory.py │ ├── anonsurf.py │ ├── cloud_security.py │ ├── ddos.py │ ├── exploit_frameworks.py │ ├── forensics.py │ ├── information_gathering.py │ ├── mobile_security.py │ ├── other_tools.py │ ├── others/ │ │ ├── __init__.py │ │ ├── android_attack.py │ │ ├── email_verifier.py │ │ ├── hash_crack.py │ │ ├── homograph_attacks.py │ │ ├── mix_tools.py │ │ ├── payload_injection.py │ │ ├── socialmedia.py │ │ ├── socialmedia_finder.py │ │ ├── web_crawling.py │ │ └── wifi_jamming.py │ ├── payload_creator.py │ ├── phishing_attack.py │ ├── post_exploitation.py │ ├── remote_administration.py │ ├── reverse_engineering.py │ ├── sql_injection.py │ ├── steganography.py │ ├── tool_manager.py │ ├── web_attack.py │ ├── wireless_attack.py │ ├── wordlist_generator.py │ └── xss_attack.py └── update.sh ================================================ FILE CONTENTS ================================================ ================================================ FILE: .dockerignore ================================================ # Version control .git/ .gitignore # GitHub / docs .github/ images/ *.md # Python cache __pycache__/ *.py[cod] *.pyo .mypy_cache/ .ruff_cache/ .pytest_cache/ # Tests tests/ test_*.py # Docker files themselves (don't recurse) Dockerfile docker-compose.yml .dockerignore # OS / editor noise .DS_Store *.swp *.swo ================================================ FILE: .github/FUNDING.yml ================================================ buy_me_a_coffee: hardikzinzu ================================================ FILE: .github/ISSUE_TEMPLATE/bug_report.md ================================================ --- name: Bug Report about: Report a broken install, crash, or unexpected behavior title: "[BUG] — " labels: bug assignees: '' --- ## Description ## Affected Tool - **Category:** - **Tool name:** ## Steps to Reproduce 1. 2. 3. ## Expected Behavior ## Error Output ``` ``` ## Environment | Field | Value | |---|---| | OS | | | Python | | | hackingtool | v2.0.0 | ## Additional Context ================================================ FILE: .github/ISSUE_TEMPLATE/feature_request.md ================================================ --- name: Feature Request about: Suggest an improvement to hackingtool itself (not a new tool addition — use the Tool Request template for that) title: "[FEATURE] " labels: enhancement assignees: '' --- ## Problem ## Proposed Solution ## Alternatives Considered ## Additional Context ================================================ FILE: .github/ISSUE_TEMPLATE/tool_request.md ================================================ --- name: Tool Request about: Suggest a new tool to be added to hackingtool title: "[Tool Request] — " labels: tool-request assignees: '' --- ## Tool Details | Field | Value | |---|---| | **Tool name** | | | **GitHub URL** | | | **Category** | | | **Supported OS** | | | **Language** | | | **Install method** | | ## Why should it be added? ## Install Command ```bash # paste the install command(s) here ``` ## Run Command ```bash # paste the run/usage command here ``` ## Is the tool actively maintained? ## Additional Notes ================================================ FILE: .github/PULL_REQUEST_TEMPLATE.md ================================================ ## Type of Change - [ ] New tool addition - [ ] Bug fix - [ ] Improvement / refactor - [ ] Documentation update --- ## For New Tool Additions — Required Fields | Field | Value | |---|---| | **Tool name** | | | **GitHub URL** | | | **Category** | | | **Supported OS** | Linux / macOS / Both | | **Install method** | pip / go install / apt / git clone | **Why should it be added?** **Is the tool actively maintained?** --- ## Checklist - [ ] Title follows the format above - [ ] New tool class added to the correct `tools/*.py` file - [ ] `TITLE`, `DESCRIPTION`, `INSTALL_COMMANDS`, `RUN_COMMANDS`, `PROJECT_URL` all set - [ ] `SUPPORTED_OS` set correctly (`["linux"]` / `["linux", "macos"]`) - [ ] Tool added to the `TOOLS` list in the collection class at the bottom of the file - [ ] No new dependencies added to `requirements.txt` without discussion - [ ] Tested locally — install and run commands work ================================================ FILE: .github/workflows/lint_python.yml ================================================ name: lint_python on: pull_request: branches: [master] push: branches: [master] jobs: lint_python: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 with: python-version: "3.12" - run: pip install --upgrade pip ruff setuptools wheel - name: "Ruff: Show stopper (must-fix) issues" run: ruff check . --select=E9,F63,F7,F82,PLE,YTT --output-format=full - name: "Ruff: All issues" run: ruff check --exit-zero --select=ALL --statistics --target-version=py310 . - name: "Ruff: All fixable (ruff --fix) issues" run: ruff check --exit-zero --select=ALL --ignore=ANN204,COM812,ERA001,RSE102 --statistics --target-version=py310 . | grep "\[\*\]" || true - run: pip install black codespell mypy pytest - run: black --check . || true - run: codespell - run: pip install -r requirements.txt || true - run: mkdir --parents --verbose .mypy_cache - run: mypy --ignore-missing-imports --install-types --non-interactive . || true - run: pytest . || true ================================================ FILE: .github/workflows/test_install.yml ================================================ name: test_install on: pull_request: branches: [master] push: branches: [master] jobs: test_install: runs-on: ubuntu-latest env: TERM: "linux" steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 with: python-version: "3.12" cache: 'pip' - run: pip install --upgrade pip - run: pip install -r requirements.txt - run: sudo python3 install.py 1 # Verify the hackingtool entrypoint is on PATH - run: which hackingtool # Smoke test: launch and immediately quit (99) - name: "Smoke test: launch and quit" run: echo -e "99\n" | hackingtool || true # Navigate into first category and back out - name: "Navigation test: enter category 1, quit" run: echo -e "1\n99\n99\n" | hackingtool || true ================================================ FILE: .gitignore ================================================ # Created by https://www.toptal.com/developers/gitignore/api/python,venv # Edit at https://www.toptal.com/developers/gitignore?templates=python,venv ### Python ### # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] *$py.class # C extensions *.so # Distribution / packaging .Python build/ develop-eggs/ dist/ downloads/ eggs/ .eggs/ lib/ lib64/ parts/ sdist/ var/ wheels/ share/python-wheels/ *.egg-info/ .installed.cfg *.egg MANIFEST # PyInstaller # Usually these files are written by a python script from a template # before PyInstaller builds the exe, so as to inject date/other infos into it. *.manifest *.spec # Installer logs pip-log.txt pip-delete-this-directory.txt # Unit test / coverage reports htmlcov/ .tox/ .nox/ .coverage .coverage.* .cache nosetests.xml coverage.xml *.cover *.py,cover .hypothesis/ .pytest_cache/ cover/ .idea/ # Translations *.mo *.pot # Django stuff: *.log local_settings.py db.sqlite3 db.sqlite3-journal # Flask stuff: instance/ .webassets-cache # Scrapy stuff: .scrapy # Sphinx documentation docs/_build/ # PyBuilder .pybuilder/ target/ # Jupyter Notebook .ipynb_checkpoints # IPython profile_default/ ipython_config.py # pyenv # For a library or package, you might want to ignore these files since the code is # intended to run in multiple environments; otherwise, check them in: # .python-version # pipenv # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. # However, in case of collaboration, if having platform-specific dependencies or dependencies # having no cross-platform support, pipenv may install dependencies that don't work, or not # install all needed dependencies. #Pipfile.lock # poetry # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control. # This is especially recommended for binary packages to ensure reproducibility, and is more # commonly ignored for libraries. # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control #poetry.lock # pdm # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control. #pdm.lock # pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it # in version control. # https://pdm.fming.dev/#use-with-ide .pdm.toml # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm __pypackages__/ # Celery stuff celerybeat-schedule celerybeat.pid # SageMath parsed files *.sage.py # Environments .env .venv env/ venv/ ENV/ env.bak/ venv.bak/ # Spyder project settings .spyderproject .spyproject # Rope project settings .ropeproject # mkdocs documentation /site # mypy .mypy_cache/ .dmypy.json dmypy.json # Pyre type checker .pyre/ # pytype static type analyzer .pytype/ # Cython debug symbols cython_debug/ # PyCharm # JetBrains specific template is maintained in a separate JetBrains.gitignore that can # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore # and can be added to the global gitignore or merged into this file. For a more nuclear # option (not recommended) you can uncomment the following to ignore the entire idea folder. #.idea/ ### Python Patch ### # Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration poetry.toml # ruff .ruff_cache/ ### venv ### # Virtualenv # http://iamzed.com/2009/05/07/a-primer-on-virtualenv/ [Bb]in [Ii]nclude [Ll]ib [Ll]ib64 [Ll]ocal [Ss]cripts pyvenv.cfg pip-selfcheck.json # End of https://www.toptal.com/developers/gitignore/api/python,venv ================================================ FILE: Dockerfile ================================================ # syntax=docker/dockerfile:1 # Enables BuildKit features (cache mounts, faster builds) FROM kalilinux/kali-rolling:latest LABEL org.opencontainers.image.title="hackingtool" \ org.opencontainers.image.description="All-in-One Hacking Tool for Security Researchers" \ org.opencontainers.image.source="https://github.com/Z4nzu/hackingtool" \ org.opencontainers.image.licenses="MIT" # Install system dependencies # - sudo and python3-venv are not needed (container runs as root, venv unused) # - --no-install-recommends keeps the layer lean RUN apt-get update && \ apt-get install -y --no-install-recommends \ git python3-pip python3-venv curl wget php && \ rm -rf /var/lib/apt/lists/* WORKDIR /root/hackingtool # Copy requirements first so this layer is cached unless requirements change COPY requirements.txt ./ # --mount=type=cache persists the pip cache across rebuilds (BuildKit only) # --break-system-packages required on Kali (PEP 668 externally-managed env) RUN --mount=type=cache,target=/root/.cache/pip \ pip3 install --break-system-packages -r requirements.txt # Copy the rest of the source (respects .dockerignore) COPY . . # Ensure the tools directory exists for installs performed at runtime RUN mkdir -p /root/.hackingtool/tools ENTRYPOINT ["python3", "/root/hackingtool/hackingtool.py"] ================================================ FILE: LICENSE ================================================ MIT License Copyright (c) 2020 Mr.Z4nzu Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: README.md ================================================

All-in-One Hacking Tool for Security Researchers & Pentesters

[![License](https://img.shields.io/github/license/Z4nzu/hackingtool)](LICENSE) [![Python](https://img.shields.io/badge/Python-3.10+-3776AB?style=flat-square&logo=python&logoColor=white)](https://www.python.org/) [![Version](https://img.shields.io/badge/v2.0.0-00FF88?style=flat-square)](#) [![Stars](https://img.shields.io/github/stars/Z4nzu/hackingtool?style=flat-square&color=yellow)](https://github.com/Z4nzu/hackingtool/stargazers) [![Forks](https://img.shields.io/github/forks/Z4nzu/hackingtool?style=flat-square&color=blue)](https://github.com/Z4nzu/hackingtool/network/members) [![Issues](https://img.shields.io/github/issues/Z4nzu/hackingtool?style=flat-square&color=red)](https://github.com/Z4nzu/hackingtool/issues) [![Last Commit](https://img.shields.io/github/last-commit/Z4nzu/hackingtool?style=flat-square&color=00FF88)](https://github.com/Z4nzu/hackingtool/commits/master) ![](https://img.shields.io/badge/20_Categories-7B61FF?style=for-the-badge) ![](https://img.shields.io/badge/185+_Tools-00FF88?style=for-the-badge) ![](https://img.shields.io/badge/19_Tags-FF61DC?style=for-the-badge) ![](https://img.shields.io/badge/Linux_%7C_Kali_%7C_Parrot_%7C_macOS-FFA116?style=for-the-badge&logo=linux&logoColor=white)

--- ## What's New in v2.0.0

| | Feature | Description | |:---:|---|---| | **🐍** | **Python 3.10+** | All Python 2 code removed, modern syntax throughout | | **🖥** | **OS-aware menus** | Linux-only tools hidden automatically on macOS | | **📦** | **185+ tools** | 35 new modern tools added across 6 categories | | **🔍** | **Search** | Type `/` to search all tools by name, description, or keyword | | **🏷** | **Tag filter** | Type `t` to filter by 19 tags — osint, web, c2, cloud, mobile... | | **💡** | **Recommend** | Type `r` — "I want to scan a network" → shows relevant tools | | **✅** | **Install status** | ✔/✘ shown next to every tool — know what's ready | | **⚡** | **Install all** | Option `97` in any category — batch install at once | | **🔄** | **Smart update** | Each tool has Update — auto-detects git pull / pip upgrade / go install | | **📂** | **Open folder** | Jump into any tool's directory for manual inspection | | **🐳** | **Docker** | Builds locally — no unverified external images | | **🚀** | **One-liner install** | `curl -sSL .../install.sh \| sudo bash` — zero manual steps | | **🏢** | **3 new categories** | Active Directory, Cloud Security, Mobile Security |

--- ## Quick Commands

| Command | Action | Works in | |:---:|---|:---:| | `/query` | **Search** — find tools instantly by keyword | Main menu | | `t` | **Tags** — filter by osint, scanner, c2, cloud, mobile... | Main menu | | `r` | **Recommend** — "I want to do X" → matching tools | Main menu | | `?` | **Help** — quick reference card | Everywhere | | `q` | **Quit** — exit from any depth | Everywhere | | `97` | **Install All** — batch install all tools in category | Category | | `99` | **Back** — return to previous menu | Everywhere |

--- ## Tool Categories

| # | Category | Tools | | # | Category | Tools | |:---:|---|:---:|---|:---:|---|:---:| | 1 | 🛡 [Anonymously Hiding](#anonymously-hiding-tools) | 2 | | 11 | 🧰 [Exploit Framework](#exploit-framework) | 4 | | 2 | 🔍 [Information Gathering](#information-gathering-tools) | 26 | | 12 | 🔁 [Reverse Engineering](#reverse-engineering-tools) | 5 | | 3 | 📚 [Wordlist Generator](#wordlist-generator) | 7 | | 13 | ⚡ [DDOS Attack](#ddos-attack-tools) | 5 | | 4 | 📶 [Wireless Attack](#wireless-attack-tools) | 13 | | 14 | 🖥 [RAT](#remote-administrator-tools-rat) | 1 | | 5 | 🧩 [SQL Injection](#sql-injection-tools) | 7 | | 15 | 💥 [XSS Attack](#xss-attack-tools) | 9 | | 6 | 🎣 [Phishing Attack](#phishing-attack-tools) | 17 | | 16 | 🖼 [Steganography](#steganography-tools) | 4 | | 7 | 🌐 [Web Attack](#web-attack-tools) | 20 | | 17 | 🏢 [Active Directory](#active-directory-tools) | 6 | | 8 | 🔧 [Post Exploitation](#post-exploitation-tools) | 10 | | 18 | ☁ [Cloud Security](#cloud-security-tools) | 4 | | 9 | 🕵 [Forensics](#forensic-tools) | 8 | | 19 | 📱 [Mobile Security](#mobile-security-tools) | 3 | | 10 | 📦 [Payload Creation](#payload-creation-tools) | 8 | | 20 | ✨ [Other Tools](#other-tools) | 24 |

--- ## 🛡 Anonymously Hiding Tools - [Anonymously Surf](https://github.com/Und3rf10w/kali-anonsurf) - [Multitor](https://github.com/trimstray/multitor) ## 🔍 Information Gathering Tools - [Network Map (nmap)](https://github.com/nmap/nmap) - [Dracnmap](https://github.com/Screetsec/Dracnmap) - Port scanning - Host to IP - [Xerosploit](https://github.com/LionSec/xerosploit) - [RED HAWK](https://github.com/Tuhinshubhra/RED_HAWK) - [ReconSpider](https://github.com/bhavsec/reconspider) - IsItDown - [Infoga](https://github.com/m4ll0k/Infoga) - [ReconDog](https://github.com/s0md3v/ReconDog) - [Striker](https://github.com/s0md3v/Striker) - [SecretFinder](https://github.com/m4ll0k/SecretFinder) - [Shodanfy](https://github.com/m4ll0k/Shodanfy.py) - [rang3r](https://github.com/floriankunushevci/rang3r) - [Breacher](https://github.com/s0md3v/Breacher) - [theHarvester](https://github.com/laramies/theHarvester) ★ - [Amass](https://github.com/owasp-amass/amass) ★ - [Masscan](https://github.com/robertdavidgraham/masscan) ★ - [RustScan](https://github.com/RustScan/RustScan) ★ - [Holehe](https://github.com/megadose/holehe) ★ - [Maigret](https://github.com/soxoj/maigret) ★ - [httpx](https://github.com/projectdiscovery/httpx) ★ - [SpiderFoot](https://github.com/smicallef/spiderfoot) ★ - [Subfinder](https://github.com/projectdiscovery/subfinder) ★ - [TruffleHog](https://github.com/trufflesecurity/trufflehog) ★ - [Gitleaks](https://github.com/gitleaks/gitleaks) ★ ## 📚 Wordlist Generator - [Cupp](https://github.com/Mebus/cupp) - [WordlistCreator](https://github.com/Z4nzu/wlcreator) - [Goblin WordGenerator](https://github.com/UndeadSec/GoblinWordGenerator) - [Password list (1.4B)](https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got) - [Hashcat](https://github.com/hashcat/hashcat) ★ - [John the Ripper](https://github.com/openwall/john) ★ - [haiti](https://github.com/noraj/haiti) ★ ## 📶 Wireless Attack Tools - [WiFi-Pumpkin](https://github.com/P0cL4bs/wifipumpkin3) - [pixiewps](https://github.com/wiire/pixiewps) - [Bluetooth Honeypot (bluepot)](https://github.com/andrewmichaelsmith/bluepot) - [Fluxion](https://github.com/FluxionNetwork/fluxion) - [Wifiphisher](https://github.com/wifiphisher/wifiphisher) - [Wifite](https://github.com/derv82/wifite2) - [EvilTwin](https://github.com/Z4nzu/fakeap) - [Fastssh](https://github.com/Z4nzu/fastssh) - Howmanypeople - [Airgeddon](https://github.com/v1s1t0r1sh3r3/airgeddon) ★ - [hcxdumptool](https://github.com/ZerBea/hcxdumptool) ★ - [hcxtools](https://github.com/ZerBea/hcxtools) ★ - [Bettercap](https://github.com/bettercap/bettercap) ★ ## 🧩 SQL Injection Tools - [Sqlmap](https://github.com/sqlmapproject/sqlmap) - [NoSqlMap](https://github.com/codingo/NoSQLMap) - [DSSS](https://github.com/stamparm/DSSS) - [Explo](https://github.com/dtag-dev-sec/explo) - [Blisqy](https://github.com/JohnTroony/Blisqy) - [Leviathan](https://github.com/leviathan-framework/leviathan) - [SQLScan](https://github.com/Cvar1984/sqlscan) ## 🎣 Phishing Attack Tools - [Autophisher](https://github.com/CodingRanjith/autophisher) - [PyPhisher](https://github.com/KasRoudra/PyPhisher) - [AdvPhishing](https://github.com/Ignitetch/AdvPhishing) - [Setoolkit](https://github.com/trustedsec/social-engineer-toolkit) - [SocialFish](https://github.com/UndeadSec/SocialFish) - [HiddenEye](https://github.com/Morsmalleo/HiddenEye) - [Evilginx3](https://github.com/kgretzky/evilginx2) - [I-See-You](https://github.com/Viralmaniar/I-See-You) - [SayCheese](https://github.com/hangetzzu/saycheese) - [QR Code Jacking](https://github.com/cryptedwolf/ohmyqr) - [BlackEye](https://github.com/thelinuxchoice/blackeye) - [ShellPhish](https://github.com/An0nUD4Y/shellphish) - [Thanos](https://github.com/TridevReddy/Thanos) - [QRLJacking](https://github.com/OWASP/QRLJacking) - [Maskphish](https://github.com/jaykali/maskphish) - [BlackPhish](https://github.com/iinc0gnit0/BlackPhish) - [dnstwist](https://github.com/elceef/dnstwist) ## 🌐 Web Attack Tools - [Web2Attack](https://github.com/santatic/web2attack) - Skipfish - [Sublist3r](https://github.com/aboul3la/Sublist3r) - [CheckURL](https://github.com/UndeadSec/checkURL) - [Sub-Domain TakeOver](https://github.com/edoardottt/takeover) - [Dirb](https://gitlab.com/kalilinux/packages/dirb) - [Nuclei](https://github.com/projectdiscovery/nuclei) ★ - [ffuf](https://github.com/ffuf/ffuf) ★ - [Feroxbuster](https://github.com/epi052/feroxbuster) ★ - [Nikto](https://github.com/sullo/nikto) ★ - [wafw00f](https://github.com/EnableSecurity/wafw00f) ★ - [Katana](https://github.com/projectdiscovery/katana) ★ - [Gobuster](https://github.com/OJ/gobuster) ★ - [Dirsearch](https://github.com/maurosoria/dirsearch) ★ - [OWASP ZAP](https://github.com/zaproxy/zaproxy) ★ - [testssl.sh](https://github.com/drwetter/testssl.sh) ★ - [Arjun](https://github.com/s0md3v/Arjun) ★ - [Caido](https://github.com/caido/caido) ★ - [mitmproxy](https://github.com/mitmproxy/mitmproxy) ★ ## 🔧 Post Exploitation Tools - [Vegile](https://github.com/Screetsec/Vegile) - [Chrome Keylogger](https://github.com/UndeadSec/HeraKeylogger) - [pwncat-cs](https://github.com/calebstewart/pwncat) ★ - [Sliver](https://github.com/BishopFox/sliver) ★ - [Havoc](https://github.com/HavocFramework/Havoc) ★ - [PEASS-ng (LinPEAS/WinPEAS)](https://github.com/peass-ng/PEASS-ng) ★ - [Ligolo-ng](https://github.com/nicocha30/ligolo-ng) ★ - [Chisel](https://github.com/jpillora/chisel) ★ - [Evil-WinRM](https://github.com/Hackplayers/evil-winrm) ★ - [Mythic](https://github.com/its-a-feature/Mythic) ★ ## 🕵 Forensic Tools - Autopsy - Wireshark - [Bulk extractor](https://github.com/simsong/bulk_extractor) - [Guymager](https://guymager.sourceforge.io/) - [Toolsley](https://www.toolsley.com/) - [Volatility 3](https://github.com/volatilityfoundation/volatility3) ★ - [Binwalk](https://github.com/ReFirmLabs/binwalk) ★ - [pspy](https://github.com/DominicBreuker/pspy) ★ ## 📦 Payload Creation Tools - [The FatRat](https://github.com/Screetsec/TheFatRat) - [Brutal](https://github.com/Screetsec/Brutal) - [Stitch](https://nathanlopez.github.io/Stitch) - [MSFvenom Payload Creator](https://github.com/g0tmi1k/msfpc) - [Venom](https://github.com/r00t-3xp10it/venom) - [Spycam](https://github.com/indexnotfound404/spycam) - [Mob-Droid](https://github.com/kinghacker0/Mob-Droid) - [Enigma](https://github.com/UndeadSec/Enigma) ## 🧰 Exploit Framework - [RouterSploit](https://github.com/threat9/routersploit) - [WebSploit](https://github.com/The404Hacking/websploit) - [Commix](https://github.com/commixproject/commix) - [Web2Attack](https://github.com/santatic/web2attack) ## 🔁 Reverse Engineering Tools - [Androguard](https://github.com/androguard/androguard) - [Apk2Gold](https://github.com/lxdvs/apk2gold) - [JadX](https://github.com/skylot/jadx) - [Ghidra](https://github.com/NationalSecurityAgency/ghidra) ★ - [Radare2](https://github.com/radareorg/radare2) ★ ## ⚡ DDOS Attack Tools - [DDoS Script](https://github.com/the-deepnet/ddos) - [SlowLoris](https://github.com/gkbrk/slowloris) - [Asyncrone](https://github.com/fatihsnsy/aSYNcrone) - [UFOnet](https://github.com/epsylon/ufonet) - [GoldenEye](https://github.com/jseidl/GoldenEye) ## 🖥 Remote Administrator Tools (RAT) - [Pyshell](https://github.com/knassar702/pyshell) ## 💥 XSS Attack Tools - [DalFox](https://github.com/hahwul/dalfox) - [XSS Payload Generator](https://github.com/capture0x/XSS-LOADER) - [Extended XSS Searcher](https://github.com/Damian89/extended-xss-search) - [XSS-Freak](https://github.com/PR0PH3CY33/XSS-Freak) - [XSpear](https://github.com/hahwul/XSpear) - [XSSCon](https://github.com/menkrep1337/XSSCon) - [XanXSS](https://github.com/Ekultek/XanXSS) - [XSStrike](https://github.com/UltimateHackers/XSStrike) - [RVuln](https://github.com/iinc0gnit0/RVuln) ## 🖼 Steganography Tools - SteganoHide - [StegoCracker](https://github.com/W1LDN16H7/StegoCracker) - [Whitespace](https://github.com/beardog108/snow10) ## 🏢 Active Directory Tools - [BloodHound](https://github.com/BloodHoundAD/BloodHound) ★ - [NetExec (nxc)](https://github.com/Pennyw0rth/NetExec) ★ - [Impacket](https://github.com/fortra/impacket) ★ - [Responder](https://github.com/lgandx/Responder) ★ - [Certipy](https://github.com/ly4k/Certipy) ★ - [Kerbrute](https://github.com/ropnop/kerbrute) ★ ## ☁ Cloud Security Tools - [Prowler](https://github.com/prowler-cloud/prowler) ★ - [ScoutSuite](https://github.com/nccgroup/ScoutSuite) ★ - [Pacu](https://github.com/RhinoSecurityLabs/pacu) ★ - [Trivy](https://github.com/aquasecurity/trivy) ★ ## 📱 Mobile Security Tools - [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) ★ - [Frida](https://github.com/frida/frida) ★ - [Objection](https://github.com/sensepost/objection) ★ ## ✨ Other Tools #### SocialMedia Bruteforce - [AllinOne SocialMedia Attack](https://github.com/Matrix07ksa/Brute_Force) - [Facebook Attack](https://github.com/Matrix07ksa/Brute_Force) - [Application Checker](https://github.com/jakuta-tech/underhanded) #### Android Hacking Tools - [Keydroid](https://github.com/F4dl0/keydroid) - [MySMS](https://github.com/papusingh2sms/mysms) - [Lockphish](https://github.com/JasonJerry/lockphish) - [DroidCam / WishFish](https://github.com/kinghacker0/WishFish) - [EvilApp](https://github.com/crypticterminal/EvilApp) #### IDN Homograph Attack - [EvilURL](https://github.com/UndeadSec/EvilURL) #### Email Verify Tools - [Knockmail](https://github.com/4w4k3/KnockMail) #### Hash Cracking Tools - [Hash Buster](https://github.com/s0md3v/Hash-Buster) #### Wifi Deauthenticate - [WifiJammer-NG](https://github.com/MisterBianco/wifijammer-ng) - [KawaiiDeauther](https://github.com/aryanrtm/KawaiiDeauther) #### SocialMedia Finder - [Find SocialMedia By Facial Recognition](https://github.com/Greenwolf/social_mapper) - [Find SocialMedia By UserName](https://github.com/xHak9x/finduser) - [Sherlock](https://github.com/sherlock-project/sherlock) - [SocialScan](https://github.com/iojw/socialscan) #### Payload Injector - [Debinject](https://github.com/UndeadSec/Debinject) - [Pixload](https://github.com/chinarulezzz/pixload) #### Web Crawling - [Gospider](https://github.com/jaeles-project/gospider) #### Mix Tools - Terminal Multiplexer (tilix) - [Crivo](https://github.com/GMDSantana/crivo) --- ## Contributing — Add a New Tool

### Open an Issue > **Title:** `[Tool Request] ToolName — Category` Use the [Tool Request](.github/ISSUE_TEMPLATE/tool_request.md) template. Required: tool name, GitHub URL, category, OS, install command, reason.

### Open a Pull Request > **Title:** `[New Tool] ToolName — Category` Use the [PR template](.github/PULL_REQUEST_TEMPLATE.md) checklist. Required: class in `tools/*.py`, TITLE, DESCRIPTION, INSTALL/RUN commands, SUPPORTED_OS, test locally.

> Issues or PRs that don't follow the title format will be closed without review. --- ## Installation

### One-liner (recommended) ```bash curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash ``` Handles everything — prerequisites, clone, venv, launcher.

### Manual ```bash git clone https://github.com/Z4nzu/hackingtool.git cd hackingtool sudo python3 install.py ``` Then run: `hackingtool`

### Docker ```bash # Build docker build -t hackingtool . # Run (direct) docker run -it --rm hackingtool # Run (Compose — recommended) docker compose up -d docker exec -it hackingtool bash # Dev mode (live source mount) docker compose --profile dev up docker exec -it hackingtool-dev bash # Stop docker compose down # stop container docker compose down -v # also remove data volume ``` ### Requirements | Dependency | Version | Needed for | |---|---|---| | Python | 3.10+ | Core | | Go | 1.21+ | nuclei, ffuf, amass, httpx, katana, dalfox, gobuster, subfinder | | Ruby | any | haiti, evil-winrm | | Docker | any | Mythic, MobSF (optional) | ```bash pip install -r requirements.txt ``` --- ## Star History

--- ## Support If this project helps you, consider buying me a coffee:

## Social [![Twitter](https://img.shields.io/badge/Twitter-Follow-1DA1F2?style=for-the-badge&logo=twitter&logoColor=white)](https://twitter.com/_Zinzu07) [![GitHub](https://img.shields.io/badge/GitHub-Follow-181717?style=for-the-badge&logo=github&logoColor=white)](https://github.com/Z4nzu/) > **For authorized security testing only.** > Thanks to all original authors of the tools included in hackingtool. Your favourite tool is not listed? [Suggest it here](https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md) ================================================ FILE: README_template.md ================================================

# HackingTool **All-in-One Hacking Tool for Security Researchers & Pentesters** [![License](https://img.shields.io/github/license/Z4nzu/hackingtool?style=flat-square)](LICENSE) [![Python](https://img.shields.io/badge/Python-3.10+-3776AB?style=flat-square&logo=python&logoColor=white)](https://www.python.org/) [![Version](https://img.shields.io/badge/version-2.0.0-brightgreen?style=flat-square)](#) [![Platform](https://img.shields.io/badge/platform-Linux%20%7C%20Kali%20%7C%20Parrot%20%7C%20macOS-informational?style=flat-square)](#) [![Stars](https://img.shields.io/github/stars/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/stargazers) [![Forks](https://img.shields.io/github/forks/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/network/members) [![Issues](https://img.shields.io/github/issues/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/issues) [![Last Commit](https://img.shields.io/github/last-commit/Z4nzu/hackingtool?style=flat-square)](https://github.com/Z4nzu/hackingtool/commits/master)

--- ## What's New in v2.0.0 - Python 3.10+ required — all Python 2 code removed - OS-aware menus — Linux-only tools are hidden automatically on macOS - Archived tools (Python 2, unmaintained) shown in a separate sub-menu - All `os.chdir()` bugs fixed — tools install to `~/.hackingtool/tools/` - No more `sudo git clone` — tools install to user home, no root needed - 22 new modern tools added across 6 categories - Rich terminal UI with shared theme — no more 32 different console instances - Iterative menus — no more recursion stack overflow on deep navigation - Docker image builds locally — no unverified external images - `requirements.txt` cleaned — removed unused flask/boxes/lolcat/requests --- ## Menu {{toc}} --- ## Tools {{tools}} --- ## Contributing — Add a New Tool Want a tool included? **Raise an Issue or open a PR** using the templates below. ### Issue (Tool Request) > Title format: `[Tool Request] ToolName — Category` > Example: `[Tool Request] Subfinder — Information Gathering` Use the **Tool Request** issue template and fill in all required fields: tool name, GitHub URL, category, supported OS, install command, and why it should be added. ### Pull Request > Title format: `[New Tool] ToolName — Category` > Example: `[New Tool] Subfinder — Information Gathering` Use the **PR template** checklist. Key requirements: 1. Add your tool class to the correct `tools/*.py` file 2. Set `TITLE`, `DESCRIPTION`, `INSTALL_COMMANDS`, `RUN_COMMANDS`, `PROJECT_URL` 3. Set `SUPPORTED_OS = ["linux"]` or `["linux", "macos"]` appropriately 4. Add the instance to the `TOOLS` list in the collection class 5. Test install and run locally before submitting Issues or PRs that don't follow the title format may be closed without review. --- ## Installation ### One-liner (recommended) ```bash curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash ``` This handles everything — installs prerequisites, clones the repo, sets up a venv, and creates the `hackingtool` command. ### Manual install ```bash git clone https://github.com/Z4nzu/hackingtool.git cd hackingtool sudo python3 install.py # detects local source, copies instead of re-cloning ``` Then run: ```bash hackingtool ``` ## Docker ### Step 1 — Clone the repository ```bash git clone https://github.com/Z4nzu/hackingtool.git cd hackingtool ``` ### Step 2 — Build the image ```bash docker build -t hackingtool . ``` > First build takes a few minutes (Kali base + apt packages). Subsequent builds are fast thanks to BuildKit layer caching. ### Step 3 — Run **Option A — Direct (no Compose):** ```bash docker run -it --rm hackingtool ``` **Option B — With Docker Compose (recommended):** ```bash # Start in background docker compose up -d # Open an interactive shell docker exec -it hackingtool bash # Then launch the tool inside the container python3 hackingtool.py ``` **Option C — Dev mode (live source mount, changes reflected without rebuild):** ```bash docker compose --profile dev up docker exec -it hackingtool-dev bash ``` ### Stopping ```bash docker compose down # stop and remove container docker compose down -v # also remove the tools data volume ``` ## Requirements - Python 3.10+ - Linux (Kali, Parrot, Ubuntu) or macOS - Go 1.21+ (for nuclei, ffuf, amass, httpx, katana, dalfox) - Ruby (for haiti) ```bash pip install -r requirements.txt ``` --- ## Star History

--- ## Social [![Twitter](https://img.shields.io/twitter/url?color=%231DA1F2&label=follow&logo=twitter&logoColor=%231DA1F2&style=flat-square&url=https%3A%2F%2Ftwitter.com%2F_Zinzu07)](https://twitter.com/_Zinzu07) [![GitHub](https://img.shields.io/badge/-GitHub-181717?style=flat-square&logo=github&link=https://github.com/Z4nzu/)](https://github.com/Z4nzu/) > **Please don't use for illegal activity.** > Thanks to all original authors of the tools included in hackingtool. Your favourite tool is not listed? [Suggest it here](https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md) ================================================ FILE: config.py ================================================ import json import logging from pathlib import Path from typing import Any from constants import USER_CONFIG_FILE, USER_TOOLS_DIR, DEFAULT_CONFIG logger = logging.getLogger(__name__) def load() -> dict[str, Any]: """Load config from disk, merging with defaults for any missing keys.""" if USER_CONFIG_FILE.exists(): try: on_disk = json.loads(USER_CONFIG_FILE.read_text()) return {**DEFAULT_CONFIG, **on_disk} except (json.JSONDecodeError, OSError) as exc: logger.warning("Config file unreadable (%s), using defaults.", exc) return dict(DEFAULT_CONFIG) def save(cfg: dict[str, Any]) -> None: """Write config to disk, creating parent directories if needed.""" USER_CONFIG_FILE.parent.mkdir(parents=True, exist_ok=True) USER_CONFIG_FILE.write_text(json.dumps(cfg, indent=2, sort_keys=True)) def get_tools_dir() -> Path: """ Return the directory where external tools are stored. Creates it if it does not exist. Always an absolute path — never relies on process CWD. """ cfg = load() tools_dir = Path(cfg.get("tools_dir", str(USER_TOOLS_DIR))).expanduser().resolve() tools_dir.mkdir(parents=True, exist_ok=True) return tools_dir def get_sudo_cmd() -> str: """Return 'doas' if available, else 'sudo'. Never hardcode 'sudo'.""" import shutil return "doas" if shutil.which("doas") else "sudo" ================================================ FILE: constants.py ================================================ from pathlib import Path import platform import shutil as _shutil # ── Repository ──────────────────────────────────────────────────────────────── REPO_OWNER = "Z4nzu" REPO_NAME = "hackingtool" REPO_URL = f"https://github.com/{REPO_OWNER}/{REPO_NAME}.git" REPO_WEB_URL = f"https://github.com/{REPO_OWNER}/{REPO_NAME}" # ── Versioning ──────────────────────────────────────────────────────────────── VERSION = "2.0.0" VERSION_DISPLAY = f"v{VERSION}" # ── Python requirement ──────────────────────────────────────────────────────── MIN_PYTHON = (3, 10) # ── User-scoped paths (cross-platform, always computed at runtime) ───────────── # NEVER hardcode /home/username — use Path.home() so it works for any user, # including root (/root), regular users (/home/alice), macOS (/Users/alice). USER_CONFIG_DIR = Path.home() / f".{REPO_NAME}" USER_TOOLS_DIR = USER_CONFIG_DIR / "tools" USER_CONFIG_FILE = USER_CONFIG_DIR / "config.json" USER_LOG_FILE = USER_CONFIG_DIR / f"{REPO_NAME}.log" # ── System install paths (set per OS) ───────────────────────────────────────── _system = platform.system() if _system == "Darwin": # macOS — Homebrew convention APP_INSTALL_DIR = Path("/usr/local/share") / REPO_NAME APP_BIN_PATH = Path("/usr/local/bin") / REPO_NAME elif _system == "Linux": APP_INSTALL_DIR = Path("/usr/share") / REPO_NAME APP_BIN_PATH = Path("/usr/bin") / REPO_NAME else: # Fallback (Windows, FreeBSD, etc.) APP_INSTALL_DIR = USER_CONFIG_DIR / "app" APP_BIN_PATH = USER_CONFIG_DIR / "bin" / REPO_NAME # ── UI theme ────────────────────────────────────────────────────────────────── THEME_PRIMARY = "bold magenta" THEME_BORDER = "bright_magenta" THEME_SUCCESS = "bold green" THEME_ERROR = "bold red" THEME_WARNING = "bold yellow" THEME_DIM = "dim white" THEME_ARCHIVED = "dim yellow" THEME_URL = "underline bright_blue" THEME_ACCENT = "bold cyan" # ── Default config values ────────────────────────────────────────────────────── DEFAULT_CONFIG: dict = { "tools_dir": str(USER_TOOLS_DIR), "version": VERSION, "theme": "magenta", "show_archived": False, "sudo_binary": "sudo", "go_bin_dir": str(Path.home() / "go" / "bin"), "gem_bin_dir": str(Path.home() / ".gem" / "ruby"), } # ── Privilege escalation ─────────────────────────────────────────────────────── # Prefer doas if present (OpenBSD/some Linux setups), else sudo PRIV_CMD = "doas" if _shutil.which("doas") else "sudo" ================================================ FILE: core.py ================================================ import os import shutil import sys import webbrowser from collections.abc import Callable from platform import system from rich import box from rich.console import Console from rich.panel import Panel from rich.prompt import Prompt from rich.table import Table from rich.text import Text from rich.theme import Theme from rich.traceback import install from constants import ( THEME_PRIMARY, THEME_BORDER, THEME_ACCENT, THEME_SUCCESS, THEME_ERROR, THEME_WARNING, THEME_DIM, THEME_ARCHIVED, THEME_URL, ) # Enable rich tracebacks globally install() _theme = Theme({ "purple": "#7B61FF", "success": THEME_SUCCESS, "error": THEME_ERROR, "warning": THEME_WARNING, "archived": THEME_ARCHIVED, "url": THEME_URL, "dim": THEME_DIM, }) # Single shared console — all tool files do: from core import console console = Console(theme=_theme) def clear_screen(): os.system("cls" if system() == "Windows" else "clear") def validate_input(ip, val_range: list) -> int | None: """Return the integer if it is in val_range, else None.""" if not val_range: return None try: ip = int(ip) if ip in val_range: return ip except (TypeError, ValueError): pass return None def _show_inline_help(): """Quick help available from any menu level.""" console.print(Panel( Text.assemble( (" Navigation\n", "bold white"), (" ─────────────────────────────────\n", "dim"), (" 1–N ", "bold cyan"), ("select item\n", "white"), (" 97 ", "bold cyan"), ("install all (in category)\n", "white"), ("\n Tool menu: Install, Run, Update, Open Folder\n", "dim"), (" 99 ", "bold cyan"), ("go back\n", "white"), (" 98 ", "bold cyan"), ("open project page / archived\n", "white"), (" ? ", "bold cyan"), ("show this help\n", "white"), (" q ", "bold cyan"), ("quit hackingtool\n", "white"), ), title="[bold magenta] ? Quick Help [/bold magenta]", border_style="magenta", box=box.ROUNDED, padding=(0, 2), )) Prompt.ask("[dim]Press Enter to return[/dim]", default="") class HackingTool: TITLE: str = "" DESCRIPTION: str = "" INSTALL_COMMANDS: list[str] = [] UNINSTALL_COMMANDS: list[str] = [] RUN_COMMANDS: list[str] = [] OPTIONS: list[tuple[str, Callable]] = [] PROJECT_URL: str = "" # OS / capability metadata SUPPORTED_OS: list[str] = ["linux", "macos"] REQUIRES_ROOT: bool = False REQUIRES_WIFI: bool = False REQUIRES_GO: bool = False REQUIRES_RUBY: bool = False REQUIRES_JAVA: bool = False REQUIRES_DOCKER: bool = False # Tags for search/filter (e.g. ["osint", "web", "recon", "scanner"]) TAGS: list[str] = [] # Archived tool flags ARCHIVED: bool = False ARCHIVED_REASON: str = "" def __init__(self, options=None, installable=True, runnable=True): options = options or [] if not isinstance(options, list): raise TypeError("options must be a list of (option_name, option_fn) tuples") self.OPTIONS = [] if installable: self.OPTIONS.append(("Install", self.install)) if runnable: self.OPTIONS.append(("Run", self.run)) self.OPTIONS.append(("Update", self.update)) self.OPTIONS.append(("Open Folder", self.open_folder)) self.OPTIONS.extend(options) @property def is_installed(self) -> bool: """Check if the tool's binary is on PATH or its clone dir exists.""" if self.RUN_COMMANDS: cmd = self.RUN_COMMANDS[0] # Handle "cd foo && binary --help" pattern if "&&" in cmd: cmd = cmd.split("&&")[-1].strip() if cmd.startswith("sudo "): cmd = cmd[5:].strip() binary = cmd.split()[0] if cmd else "" if binary and binary not in (".", "echo", "cd"): if shutil.which(binary): return True # Check if git clone target dir exists if self.INSTALL_COMMANDS: for ic in self.INSTALL_COMMANDS: if "git clone" in ic: parts = ic.split() repo_url = [p for p in parts if p.startswith("http")] if repo_url: dirname = repo_url[0].rstrip("/").rsplit("/", 1)[-1].replace(".git", "") if os.path.isdir(dirname): return True return False def show_info(self): desc = f"[cyan]{self.DESCRIPTION}[/cyan]" if self.PROJECT_URL: desc += f"\n[url]🔗 {self.PROJECT_URL}[/url]" if self.ARCHIVED: desc += f"\n[archived]⚠ ARCHIVED: {self.ARCHIVED_REASON}[/archived]" console.print(Panel( desc, title=f"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]", border_style="purple", box=box.DOUBLE, )) def show_options(self, parent=None): """Iterative menu loop — no recursion, no stack growth.""" while True: clear_screen() self.show_info() table = Table(title="Options", box=box.SIMPLE_HEAVY) table.add_column("No.", style="bold cyan", justify="center") table.add_column("Action", style="bold yellow") for index, option in enumerate(self.OPTIONS): table.add_row(str(index + 1), option[0]) if self.PROJECT_URL: table.add_row("98", "Open Project Page") table.add_row("99", f"Back to {parent.TITLE if parent else 'Main Menu'}") console.print(table) console.print( " [dim cyan]?[/dim cyan][dim]help " "[/dim][dim cyan]q[/dim cyan][dim]uit " "[/dim][dim cyan]99[/dim cyan][dim] back[/dim]" ) raw = Prompt.ask("[bold cyan]╰─>[/bold cyan]", default="").strip().lower() if not raw: continue if raw in ("?", "help"): _show_inline_help() continue if raw in ("q", "quit", "exit"): raise SystemExit(0) try: choice = int(raw) except ValueError: console.print("[error]⚠ Enter a number, ? for help, or q to quit.[/error]") Prompt.ask("[dim]Press Enter to continue[/dim]", default="") continue if choice == 99: return elif choice == 98 and self.PROJECT_URL: self.show_project_page() elif 1 <= choice <= len(self.OPTIONS): try: self.OPTIONS[choice - 1][1]() except Exception: console.print_exception(show_locals=True) Prompt.ask("[dim]Press Enter to continue[/dim]", default="") else: console.print("[error]⚠ Invalid option.[/error]") def before_install(self): pass def install(self): self.before_install() if isinstance(self.INSTALL_COMMANDS, (list, tuple)): for cmd in self.INSTALL_COMMANDS: console.print(f"[warning]→ {cmd}[/warning]") os.system(cmd) self.after_install() def after_install(self): console.print("[success]✔ Successfully installed![/success]") def before_uninstall(self) -> bool: return True def uninstall(self): if self.before_uninstall(): if isinstance(self.UNINSTALL_COMMANDS, (list, tuple)): for cmd in self.UNINSTALL_COMMANDS: console.print(f"[error]→ {cmd}[/error]") os.system(cmd) self.after_uninstall() def after_uninstall(self): pass def update(self): """Smart update — detects install method and runs the right update command.""" if not self.is_installed: console.print("[warning]Tool is not installed yet. Install it first.[/warning]") return updated = False for ic in (self.INSTALL_COMMANDS or []): if "git clone" in ic: # Extract repo dir name from clone command parts = ic.split() repo_urls = [p for p in parts if p.startswith("http")] if repo_urls: dirname = repo_urls[0].rstrip("/").rsplit("/", 1)[-1].replace(".git", "") if os.path.isdir(dirname): console.print(f"[cyan]→ git -C {dirname} pull[/cyan]") os.system(f"git -C {dirname} pull") updated = True elif "pip install" in ic: # Re-run pip install (--upgrade) upgrade_cmd = ic.replace("pip install", "pip install --upgrade") console.print(f"[cyan]→ {upgrade_cmd}[/cyan]") os.system(upgrade_cmd) updated = True elif "go install" in ic: # Re-run go install (fetches latest) console.print(f"[cyan]→ {ic}[/cyan]") os.system(ic) updated = True elif "gem install" in ic: upgrade_cmd = ic.replace("gem install", "gem update") console.print(f"[cyan]→ {upgrade_cmd}[/cyan]") os.system(upgrade_cmd) updated = True if updated: console.print("[success]✔ Update complete![/success]") else: console.print("[dim]No automatic update method available for this tool.[/dim]") def _get_tool_dir(self) -> str | None: """Find the tool's local directory — clone target, pip location, or binary path.""" # 1. Check git clone target dir for ic in (self.INSTALL_COMMANDS or []): if "git clone" in ic: parts = ic.split() # If last arg is not a URL, it's a custom dir name repo_urls = [p for p in parts if p.startswith("http")] if repo_urls: dirname = repo_urls[0].rstrip("/").rsplit("/", 1)[-1].replace(".git", "") # Check custom target dir (arg after URL) url_idx = parts.index(repo_urls[0]) if url_idx + 1 < len(parts): dirname = parts[url_idx + 1] if os.path.isdir(dirname): return os.path.abspath(dirname) # 2. Check binary location via which if self.RUN_COMMANDS: cmd = self.RUN_COMMANDS[0] if "&&" in cmd: # "cd foo && bar" → check "foo" cd_part = cmd.split("&&")[0].strip() if cd_part.startswith("cd "): d = cd_part[3:].strip() if os.path.isdir(d): return os.path.abspath(d) binary = cmd.split()[0] if cmd else "" if binary.startswith("sudo"): binary = cmd.split()[1] if len(cmd.split()) > 1 else "" path = shutil.which(binary) if binary else None if path: return os.path.dirname(os.path.realpath(path)) return None def open_folder(self): """Open the tool's directory in a new shell so the user can work manually.""" tool_dir = self._get_tool_dir() if tool_dir: console.print(f"[success]Opening folder: {tool_dir}[/success]") console.print("[dim]Type 'exit' to return to hackingtool.[/dim]") os.system(f'cd "{tool_dir}" && $SHELL') else: console.print("[warning]Tool directory not found.[/warning]") if self.PROJECT_URL: console.print(f"[dim]You can clone it manually:[/dim]") console.print(f"[cyan] git clone {self.PROJECT_URL}.git[/cyan]") def before_run(self): pass def run(self): self.before_run() if isinstance(self.RUN_COMMANDS, (list, tuple)): for cmd in self.RUN_COMMANDS: console.print(f"[cyan]⚙ Running:[/cyan] [bold]{cmd}[/bold]") os.system(cmd) self.after_run() def after_run(self): pass def show_project_page(self): console.print(f"[url]🌐 Opening: {self.PROJECT_URL}[/url]") webbrowser.open_new_tab(self.PROJECT_URL) class HackingToolsCollection: TITLE: str = "" DESCRIPTION: str = "" TOOLS: list = [] def __init__(self): pass def show_info(self): console.rule(f"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]", style="purple") if self.DESCRIPTION: console.print(f"[italic cyan]{self.DESCRIPTION}[/italic cyan]\n") def _active_tools(self) -> list: """Return tools that are not archived and are OS-compatible.""" from os_detect import CURRENT_OS return [ t for t in self.TOOLS if not getattr(t, "ARCHIVED", False) and CURRENT_OS.system in getattr(t, "SUPPORTED_OS", ["linux", "macos"]) ] def _archived_tools(self) -> list: return [t for t in self.TOOLS if getattr(t, "ARCHIVED", False)] def _incompatible_tools(self) -> list: from os_detect import CURRENT_OS return [ t for t in self.TOOLS if not getattr(t, "ARCHIVED", False) and CURRENT_OS.system not in getattr(t, "SUPPORTED_OS", ["linux", "macos"]) ] def _show_archived_tools(self): """Show archived tools sub-menu (option 98).""" archived = self._archived_tools() if not archived: console.print("[dim]No archived tools in this category.[/dim]") Prompt.ask("[dim]Press Enter to return[/dim]", default="") return while True: clear_screen() console.rule(f"[archived]Archived Tools — {self.TITLE}[/archived]", style="yellow") table = Table(box=box.MINIMAL_DOUBLE_HEAD, show_lines=True) table.add_column("No.", justify="center", style="bold yellow") table.add_column("Tool", style="dim yellow") table.add_column("Reason", style="dim white") for i, tool in enumerate(archived): reason = getattr(tool, "ARCHIVED_REASON", "No reason given") table.add_row(str(i + 1), tool.TITLE, reason) table.add_row("99", "Back", "") console.print(table) raw = Prompt.ask("[bold yellow][?] Select[/bold yellow]", default="99") try: choice = int(raw) except ValueError: continue if choice == 99: return elif 1 <= choice <= len(archived): archived[choice - 1].show_options(parent=self) def show_options(self, parent=None): """Iterative menu loop — no recursion, no stack growth.""" while True: clear_screen() self.show_info() active = self._active_tools() incompatible = self._incompatible_tools() archived = self._archived_tools() table = Table(title="Available Tools", box=box.SIMPLE_HEAD, show_lines=True) table.add_column("No.", justify="center", style="bold cyan", width=6) table.add_column("", width=2) # installed indicator table.add_column("Tool", style="bold yellow", min_width=24) table.add_column("Description", style="white", overflow="fold") for index, tool in enumerate(active, start=1): desc = getattr(tool, "DESCRIPTION", "") or "—" desc = desc.splitlines()[0] if desc != "—" else "—" has_status = hasattr(tool, "is_installed") status = ("[green]✔[/green]" if tool.is_installed else "[dim]✘[/dim]") if has_status else "" table.add_row(str(index), status, tool.TITLE, desc) # Count not-installed tools for "Install All" label (skip sub-collections) not_installed = [t for t in active if hasattr(t, "is_installed") and not t.is_installed] if not_installed: table.add_row( "[bold green]97[/bold green]", "", f"[bold green]Install all ({len(not_installed)} not installed)[/bold green]", "", ) if archived: table.add_row("[dim]98[/dim]", "", f"[archived]Archived tools ({len(archived)})[/archived]", "") if incompatible: console.print(f"[dim]({len(incompatible)} tools hidden — not supported on current OS)[/dim]") table.add_row("99", "", f"Back to {parent.TITLE if parent else 'Main Menu'}", "") console.print(table) console.print( " [dim cyan]?[/dim cyan][dim]help " "[/dim][dim cyan]q[/dim cyan][dim]uit " "[/dim][dim cyan]99[/dim cyan][dim] back[/dim]" ) raw = Prompt.ask("[bold cyan]╰─>[/bold cyan]", default="").strip().lower() if not raw: continue if raw in ("?", "help"): _show_inline_help() continue if raw in ("q", "quit", "exit"): raise SystemExit(0) try: choice = int(raw) except ValueError: console.print("[error]⚠ Enter a number, ? for help, or q to quit.[/error]") continue if choice == 99: return elif choice == 97 and not_installed: console.print(Panel( f"[bold]Installing {len(not_installed)} tools...[/bold]", border_style="green", box=box.ROUNDED, )) for i, tool in enumerate(not_installed, start=1): console.print(f"\n[bold cyan]({i}/{len(not_installed)})[/bold cyan] {tool.TITLE}") try: tool.install() except Exception: console.print(f"[error]✘ Failed: {tool.TITLE}[/error]") Prompt.ask("\n[dim]Press Enter to continue[/dim]", default="") elif choice == 98 and archived: self._show_archived_tools() elif 1 <= choice <= len(active): try: active[choice - 1].show_options(parent=self) except Exception: console.print_exception(show_locals=True) Prompt.ask("[dim]Press Enter to continue[/dim]", default="") else: console.print("[error]⚠ Invalid option.[/error]") ================================================ FILE: docker-compose.yml ================================================ # docker-compose.yml # Use: docker compose up -d then docker exec -it hackingtool bash # # Profiles: # (default) — runs the built image; code is embedded at build time # dev — mounts source directory for live editing without rebuilding # docker compose --profile dev up services: hackingtool: build: context: . dockerfile: Dockerfile image: hackingtool:latest container_name: hackingtool stdin_open: true tty: true # Persist tools installed at runtime across container restarts volumes: - hackingtool_data:/root/.hackingtool restart: unless-stopped hackingtool-dev: build: context: . dockerfile: Dockerfile image: hackingtool:latest container_name: hackingtool-dev stdin_open: true tty: true profiles: - dev volumes: # Live source mount — code changes are visible without rebuilding - .:/root/hackingtool - hackingtool_data:/root/.hackingtool restart: "no" volumes: hackingtool_data: ================================================ FILE: generate_readme.py ================================================ # coding=utf-8 import re from rich.console import Console from rich.theme import Theme from core import HackingTool from core import HackingToolsCollection from hackingtool import all_tools _theme = Theme({"purple": "#7B61FF"}) console = Console(theme=_theme) def sanitize_anchor(s): return re.sub(r"\W", "-", s.lower()) def get_toc(tools, indentation = ""): md = "" for tool in tools: if isinstance(tool, HackingToolsCollection): md += (indentation + "- [{}](#{})\n".format( tool.TITLE, sanitize_anchor(tool.TITLE))) md += get_toc(tool.TOOLS, indentation = indentation + ' ') return md def get_tools_toc(tools, indentation = "##"): md = "" for tool in tools: if isinstance(tool, HackingToolsCollection): md += (indentation + "# {}\n".format(tool.TITLE)) md += get_tools_toc(tool.TOOLS, indentation = indentation + '#') elif isinstance(tool, HackingTool): if tool.PROJECT_URL: md += ("- [{}]({})\n".format(tool.TITLE, tool.PROJECT_URL)) else: md += ("- {}\n".format(tool.TITLE)) return md def generate_readme(): toc = get_toc(all_tools[:-1]) tools_desc = get_tools_toc(all_tools[:-1]) with open("README_template.md") as fh: readme_template = fh.read() readme_template = readme_template.replace("{{toc}}", toc) readme_template = readme_template.replace("{{tools}}", tools_desc) with open("README.md", "w") as fh: fh.write(readme_template) if __name__ == '__main__': generate_readme() ================================================ FILE: hackingtool.py ================================================ #!/usr/bin/env python3 import sys # ── Python version guard (must be before any other local import) ─────────────── if sys.version_info < (3, 10): print( f"[ERROR] Python 3.10 or newer is required.\n" f"You are running Python {sys.version_info.major}.{sys.version_info.minor}.\n" f"Upgrade with: sudo apt install python3.10" ) sys.exit(1) import os import platform import socket import datetime import random import webbrowser from itertools import zip_longest from rich.console import Console from rich.panel import Panel from rich.table import Table from rich.prompt import Prompt, Confirm from rich.align import Align from rich.text import Text from rich import box from rich.rule import Rule from rich.columns import Columns from core import HackingToolsCollection, clear_screen, console from constants import VERSION_DISPLAY, REPO_WEB_URL from config import get_tools_dir from tools.anonsurf import AnonSurfTools from tools.ddos import DDOSTools from tools.exploit_frameworks import ExploitFrameworkTools from tools.forensics import ForensicTools from tools.information_gathering import InformationGatheringTools from tools.other_tools import OtherTools from tools.payload_creator import PayloadCreatorTools from tools.phishing_attack import PhishingAttackTools from tools.post_exploitation import PostExploitationTools from tools.remote_administration import RemoteAdministrationTools from tools.reverse_engineering import ReverseEngineeringTools from tools.sql_injection import SqlInjectionTools from tools.steganography import SteganographyTools from tools.tool_manager import ToolManager from tools.web_attack import WebAttackTools from tools.wireless_attack import WirelessAttackTools from tools.wordlist_generator import WordlistGeneratorTools from tools.xss_attack import XSSAttackTools from tools.active_directory import ActiveDirectoryTools from tools.cloud_security import CloudSecurityTools from tools.mobile_security import MobileSecurityTools # ── Tool registry ────────────────────────────────────────────────────────────── # (full_title, icon, menu_label) # menu_label is the concise name shown in the 2-column main menu grid. # full_title is shown when entering the category. tool_definitions = [ ("Anonymously Hiding Tools", "🛡 ", "Anonymously Hiding"), ("Information gathering tools", "🔍", "Information Gathering"), ("Wordlist Generator", "📚", "Wordlist Generator"), ("Wireless attack tools", "📶", "Wireless Attack"), ("SQL Injection Tools", "🧩", "SQL Injection"), ("Phishing attack tools", "🎣", "Phishing Attack"), ("Web Attack tools", "🌐", "Web Attack"), ("Post exploitation tools", "🔧", "Post Exploitation"), ("Forensic tools", "🕵 ", "Forensics"), ("Payload creation tools", "📦", "Payload Creation"), ("Exploit framework", "🧰", "Exploit Framework"), ("Reverse engineering tools", "🔁", "Reverse Engineering"), ("DDOS Attack Tools", "⚡", "DDOS Attack"), ("Remote Administrator Tools (RAT)", "🖥 ", "Remote Admin (RAT)"), ("XSS Attack Tools", "💥", "XSS Attack"), ("Steganography tools", "🖼 ", "Steganography"), ("Active Directory Tools", "🏢", "Active Directory"), ("Cloud Security Tools", "☁ ", "Cloud Security"), ("Mobile Security Tools", "📱", "Mobile Security"), ("Other tools", "✨", "Other Tools"), ("Update or Uninstall | Hackingtool", "♻ ", "Update / Uninstall"), ] all_tools = [ AnonSurfTools(), InformationGatheringTools(), WordlistGeneratorTools(), WirelessAttackTools(), SqlInjectionTools(), PhishingAttackTools(), WebAttackTools(), PostExploitationTools(), ForensicTools(), PayloadCreatorTools(), ExploitFrameworkTools(), ReverseEngineeringTools(), DDOSTools(), RemoteAdministrationTools(), XSSAttackTools(), SteganographyTools(), ActiveDirectoryTools(), CloudSecurityTools(), MobileSecurityTools(), OtherTools(), ToolManager(), ] # Used by generate_readme.py class AllTools(HackingToolsCollection): TITLE = "All tools" TOOLS = all_tools # ── Help overlay ─────────────────────────────────────────────────────────────── def show_help(): console.print(Panel( Text.assemble( (" Main menu\n", "bold white"), (" ─────────────────────────────────────\n", "dim"), (" 1–20 ", "bold cyan"), ("open a category\n", "white"), (" 21 ", "bold cyan"), ("Update / Uninstall hackingtool\n", "white"), (" / or s ", "bold cyan"), ("search tools by name or keyword\n", "white"), (" t ", "bold cyan"), ("filter tools by tag (osint, web, c2, ...)\n", "white"), (" r ", "bold cyan"), ("recommend tools for a task\n", "white"), (" ? ", "bold cyan"), ("show this help\n", "white"), (" q ", "bold cyan"), ("quit hackingtool\n\n", "white"), (" Inside a category\n", "bold white"), (" ─────────────────────────────────────\n", "dim"), (" 1–N ", "bold cyan"), ("select a tool\n", "white"), (" 99 ", "bold cyan"), ("back to main menu\n", "white"), (" 98 ", "bold cyan"), ("open project page (if available)\n\n", "white"), (" Inside a tool\n", "bold white"), (" ─────────────────────────────────────\n", "dim"), (" 1 ", "bold cyan"), ("install tool\n", "white"), (" 2 ", "bold cyan"), ("run tool\n", "white"), (" 99 ", "bold cyan"), ("back to category\n", "white"), ), title="[bold magenta] ? Quick Help [/bold magenta]", border_style="magenta", box=box.ROUNDED, padding=(0, 2), )) Prompt.ask("[dim]Press Enter to return[/dim]", default="") # ── Header: ASCII art + live system info ────────────────────────────────────── # Full "HACKING TOOL" block-letter art — 12 lines, split layout with stats _BANNER_ART = [ " ██╗ ██╗ █████╗ ██████╗██╗ ██╗██╗███╗ ██╗ ██████╗ ", " ██║ ██║██╔══██╗██╔════╝██║ ██╔╝██║████╗ ██║██╔════╝ ", " ███████║███████║██║ █████╔╝ ██║██╔██╗ ██║██║ ███╗", " ██╔══██║██╔══██║██║ ██╔═██╗ ██║██║╚██╗██║██║ ██║", " ██║ ██║██║ ██║╚██████╗██║ ██╗██║██║ ╚████║╚██████╔╝", " ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚═╝╚═╝ ╚═══╝ ╚═════╝ ", " ████████╗ ██████╗ ██████╗ ██╗", " ╚══██╔══╝██╔═══██╗██╔═══██╗██║", " ██║ ██║ ██║██║ ██║██║", " ██║ ██║ ██║██║ ██║██║", " ██║ ╚██████╔╝╚██████╔╝███████╗", " ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝", ] _QUOTES = [ '"The quieter you become, the more you can hear."', '"Offense informs defense."', '"There is no patch for human stupidity."', '"In God we trust. All others we monitor."', '"Hackers are the immune system of the internet."', '"Every system is hackable — know yours before others do."', '"Enumerate before you exploit."', '"A scope defines your playground."', '"The more you sweat in training, the less you bleed in battle."', '"Security is a process, not a product."', ] def _sys_info() -> dict: """Collect live system info for the header panel.""" info: dict = {} # OS pretty name try: info["os"] = platform.freedesktop_os_release().get("PRETTY_NAME", "") except Exception: info["os"] = "" if not info["os"]: info["os"] = f"{platform.system()} {platform.release()}" info["kernel"] = platform.release() # Current user try: info["user"] = os.getlogin() except Exception: info["user"] = os.environ.get("USER", os.environ.get("LOGNAME", "root")) info["host"] = socket.gethostname() # Local IP — connect to a routable address without sending data try: s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.settimeout(0) s.connect(("10.254.254.254", 1)) info["ip"] = s.getsockname()[0] s.close() except Exception: info["ip"] = "127.0.0.1" info["time"] = datetime.datetime.now().strftime("%Y-%m-%d %H:%M") return info def _build_header() -> Panel: info = _sys_info() # 12 stat lines paired with the 12 art lines stat_lines = [ (" os › ", info["os"][:34]), (" kernel › ", info["kernel"][:34]), (" user › ", f"{info['user']} @ {info['host'][:20]}"), (" ip › ", info["ip"]), (" tools › ", f"{len(all_tools)} categories · 185+ modules"), (" session › ", info["time"]), ("", ""), (" python › ", f"{sys.version_info.major}.{sys.version_info.minor}.{sys.version_info.micro}"), (" arch › ", platform.machine()), (" status › ", "✔ READY"), ("", ""), ("", ""), ] grid = Table.grid(padding=0) grid.add_column("art", no_wrap=True) grid.add_column("sep", no_wrap=True) grid.add_column("lbl", no_wrap=True) grid.add_column("val", no_wrap=True) for art_line, (lbl_text, val_text) in zip(_BANNER_ART, stat_lines): grid.add_row( Text(art_line, style="bold bright_green"), Text(" │ ", style="dim green"), Text(lbl_text, style="dim green"), Text(val_text, style="bright_green"), ) # Quote + warning below the split row quote = random.choice(_QUOTES) body = Table.grid(padding=(0, 0)) body.add_column() body.add_row(grid) body.add_row(Text("")) body.add_row(Text(f" {quote}", style="italic dim")) body.add_row(Text(" ⚠ For authorized security testing only", style="bold dim red")) return Panel( body, title=f"[bold bright_magenta][ HackingTool {VERSION_DISPLAY} ][/bold bright_magenta]", title_align="left", subtitle=f"[dim][ {info['time']} ][/dim]", subtitle_align="right", border_style="bright_magenta", box=box.HEAVY, padding=(0, 1), ) # ── Main menu renderer ───────────────────────────────────────────────────────── def build_menu(): clear_screen() console.print(_build_header()) # ── 2-column category grid ── # Items 1-17 in two columns, item 18 (ToolManager) shown separately categories = tool_definitions[:-1] # 17 items update_def = tool_definitions[-1] # ToolManager mid = (len(categories) + 1) // 2 # 9 (left), 8 (right) left = list(enumerate(categories[:mid], start=1)) right = list(enumerate(categories[mid:], start=mid + 1)) grid = Table.grid(padding=(0, 1), expand=True) grid.add_column("ln", justify="right", style="bold magenta", width=5) grid.add_column("li", width=3) grid.add_column("lt", style="magenta", ratio=1, no_wrap=True) grid.add_column("gap", width=3) grid.add_column("rn", justify="right", style="bold magenta", width=5) grid.add_column("ri", width=3) grid.add_column("rt", style="magenta", ratio=1, no_wrap=True) for (li, (_, lic, ll)), r in zip_longest(left, right, fillvalue=None): if r: ri, (_, ric, rl) = r grid.add_row(str(li), lic, ll, "", str(ri), ric, rl) else: grid.add_row(str(li), lic, ll, "", "", "", "") console.print(Panel( grid, title="[bold magenta] Select a Category [/bold magenta]", border_style="bright_magenta", box=box.ROUNDED, padding=(0, 1), )) # ── ToolManager row ── tm_num = len(categories) + 1 console.print( f" [bold magenta] {tm_num}[/bold magenta] {update_def[1]} " f"[magenta]{update_def[2]}[/magenta]" ) # ── Claude-style dual-line prompt area ── console.print(Rule(style="dim magenta")) console.print( " [dim cyan]/[/dim cyan][dim]search[/dim] " "[dim cyan]t[/dim cyan] [dim]tags[/dim] " "[dim cyan]r[/dim cyan] [dim]recommend[/dim] " "[dim cyan]?[/dim cyan] [dim]help[/dim] " "[dim cyan]q[/dim cyan] [dim]quit[/dim]" ) # ── Search ───────────────────────────────────────────────────────────────────── def _collect_all_tools() -> list[tuple]: """Walk all collections and return (tool_instance, category_name) pairs.""" from core import HackingTool, HackingToolsCollection results = [] def _walk(items, parent_title=""): for item in items: if isinstance(item, HackingToolsCollection): _walk(item.TOOLS, item.TITLE) elif isinstance(item, HackingTool): results.append((item, parent_title)) _walk(all_tools) return results def _get_all_tags() -> dict[str, list[tuple]]: """Build tag → [(tool, category)] index from all tools.""" import re _rules = { r'(osint|harvester|maigret|holehe|spiderfoot|sherlock|recon)': 'osint', r'(subdomain|subfinder|amass|sublist|subdomainfinder)': 'recon', r'(scanner|scan|nmap|masscan|rustscan|nikto|nuclei|trivy)': 'scanner', r'(brute|gobuster|ffuf|dirb|dirsearch|ferox|hashcat|john|kerbrute)': 'bruteforce', r'(web|http|proxy|zap|xss|sql|wafw00f|arjun|caido|mitmproxy)': 'web', r'(wireless|wifi|wlan|airgeddon|bettercap|wifite|fluxion|deauth)': 'wireless', r'(phish|social.media|evilginx|setoolkit|social.fish|social.engineer)': 'social-engineering', r'(c2|sliver|havoc|mythic|pwncat|reverse.shell|pyshell)': 'c2', r'(privesc|peass|linpeas|winpeas)': 'privesc', r'(tunnel|pivot|ligolo|chisel|proxy|anon)': 'network', r'(password|credential|hash|crack|secret|trufflehog|gitleaks)': 'credentials', r'(forensic|memory|volatility|binwalk|autopsy|wireshark|pspy)': 'forensics', r'(reverse.eng|ghidra|radare|jadx|androguard|apk)': 'reversing', r'(cloud|aws|azure|gcp|kubernetes|prowler|scout|pacu)': 'cloud', r'(mobile|android|ios|frida|mobsf|objection|droid)': 'mobile', r'(active.directory|bloodhound|netexec|impacket|responder|certipy|kerberos|winrm|smb|ldap)': 'active-directory', r'(ddos|dos|slowloris|goldeneye|ufonet)': 'ddos', r'(payload|msfvenom|fatrat|venom|stitch|enigma)': 'payload', r'(crawler|spider|katana|gospider)': 'crawler', } tag_index: dict[str, list[tuple]] = {} for tool, cat in _collect_all_tools(): combined = f"{tool.TITLE} {tool.DESCRIPTION}".lower() # Manual tags first tool_tags = set(getattr(tool, "TAGS", []) or []) # Auto-derive tags from title/description for pattern, tag in _rules.items(): if re.search(pattern, combined, re.IGNORECASE): tool_tags.add(tag) for t in tool_tags: tag_index.setdefault(t, []).append((tool, cat)) return tag_index def filter_by_tag(): """Show available tags, user picks one, show matching tools.""" tag_index = _get_all_tags() sorted_tags = sorted(tag_index.keys()) # Show tags in a compact grid console.print(Panel( " ".join(f"[bold cyan]{t}[/bold cyan]([dim]{len(tag_index[t])}[/dim])" for t in sorted_tags), title="[bold magenta] Available Tags [/bold magenta]", border_style="magenta", box=box.ROUNDED, padding=(0, 2), )) tag = Prompt.ask("[bold cyan]Enter tag[/bold cyan]", default="").strip().lower() if not tag or tag not in tag_index: if tag: console.print(f"[dim]Tag '{tag}' not found.[/dim]") Prompt.ask("[dim]Press Enter to return[/dim]", default="") return matches = tag_index[tag] table = Table( title=f"Tools tagged '{tag}'", box=box.SIMPLE_HEAD, show_lines=True, ) table.add_column("No.", justify="center", style="bold cyan", width=5) table.add_column("", width=2) table.add_column("Tool", style="bold yellow", min_width=20) table.add_column("Category", style="magenta", min_width=15) for i, (tool, cat) in enumerate(matches, start=1): status = "[green]✔[/green]" if tool.is_installed else "[dim]✘[/dim]" table.add_row(str(i), status, tool.TITLE, cat) table.add_row("99", "", "Back to main menu", "") console.print(table) raw = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip() if not raw or raw == "99": return try: idx = int(raw) except ValueError: return if 1 <= idx <= len(matches): tool, cat = matches[idx - 1] tool.show_options() _RECOMMENDATIONS = { "scan a network": ["scanner", "port-scanner"], "find subdomains": ["recon"], "scan for vulnerabilities": ["scanner", "web"], "crack passwords": ["bruteforce", "credentials"], "find leaked secrets": ["credentials"], "phishing campaign": ["social-engineering"], "post exploitation": ["c2", "privesc"], "pivot through network": ["network"], "pentest active directory": ["active-directory"], "pentest web application": ["web", "scanner"], "pentest cloud": ["cloud"], "pentest mobile app": ["mobile"], "reverse engineer binary": ["reversing"], "capture wifi handshake": ["wireless"], "intercept http traffic": ["web", "network"], "forensic analysis": ["forensics"], "ddos testing": ["ddos"], "create payloads": ["payload"], "find xss vulnerabilities": ["web"], "brute force directories": ["bruteforce", "web"], "osint / recon a target": ["osint", "recon"], "hide my identity": ["network"], } def recommend_tools(): """Show common tasks, user picks one, show matching tools.""" table = Table( title="What do you want to do?", box=box.SIMPLE_HEAD, ) table.add_column("No.", justify="center", style="bold cyan", width=5) table.add_column("Task", style="bold yellow") tasks = list(_RECOMMENDATIONS.keys()) for i, task in enumerate(tasks, start=1): table.add_row(str(i), task.title()) table.add_row("99", "Back to main menu") console.print(table) raw = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip() if not raw or raw == "99": return try: idx = int(raw) except ValueError: return if 1 <= idx <= len(tasks): task = tasks[idx - 1] tag_names = _RECOMMENDATIONS[task] tag_index = _get_all_tags() # Collect unique tools across all matching tags seen = set() matches = [] for tag in tag_names: for tool, cat in tag_index.get(tag, []): if id(tool) not in seen: seen.add(id(tool)) matches.append((tool, cat)) if not matches: console.print("[dim]No tools found for this task.[/dim]") Prompt.ask("[dim]Press Enter to return[/dim]", default="") return console.print(Panel( f"[bold]Recommended tools for: {task.title()}[/bold]", border_style="green", box=box.ROUNDED, )) rtable = Table(box=box.SIMPLE_HEAD, show_lines=True) rtable.add_column("No.", justify="center", style="bold cyan", width=5) rtable.add_column("", width=2) rtable.add_column("Tool", style="bold yellow", min_width=20) rtable.add_column("Category", style="magenta") for i, (tool, cat) in enumerate(matches, start=1): status = "[green]✔[/green]" if tool.is_installed else "[dim]✘[/dim]" rtable.add_row(str(i), status, tool.TITLE, cat) rtable.add_row("99", "", "Back", "") console.print(rtable) raw2 = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip() if raw2 and raw2 != "99": try: ridx = int(raw2) if 1 <= ridx <= len(matches): matches[ridx - 1][0].show_options() except ValueError: pass def search_tools(query: str | None = None): """Search tools — accepts inline query or prompts for one.""" if query is None: query = Prompt.ask("[bold cyan]/ Search[/bold cyan]", default="").strip().lower() else: query = query.lower() if not query: return all_tool_list = _collect_all_tools() # Match against title + description + tags matches = [] for tool, category in all_tool_list: title = (tool.TITLE or "").lower() desc = (tool.DESCRIPTION or "").lower() tags = " ".join(getattr(tool, "TAGS", []) or []).lower() if query in title or query in desc or query in tags: matches.append((tool, category)) if not matches: console.print(f"[dim]No tools found matching '{query}'[/dim]") Prompt.ask("[dim]Press Enter to return[/dim]", default="") return # Display results table = Table( title=f"Search results for '{query}'", box=box.SIMPLE_HEAD, show_lines=True, ) table.add_column("No.", justify="center", style="bold cyan", width=5) table.add_column("Tool", style="bold yellow", min_width=20) table.add_column("Category", style="magenta", min_width=15) table.add_column("Description", style="white", overflow="fold") for i, (tool, cat) in enumerate(matches, start=1): desc = (tool.DESCRIPTION or "—").splitlines()[0] table.add_row(str(i), tool.TITLE, cat, desc) table.add_row("99", "Back to main menu", "", "") console.print(table) raw = Prompt.ask("[bold cyan]>[/bold cyan]", default="").strip().lower() if not raw or raw == "99": return try: idx = int(raw) except ValueError: return if 1 <= idx <= len(matches): tool, cat = matches[idx - 1] console.print(Panel( f"[bold magenta]{tool.TITLE}[/bold magenta] [dim]({cat})[/dim]", border_style="magenta", box=box.ROUNDED, )) tool.show_options() # ── Main interaction loop ────────────────────────────────────────────────────── def interact_menu(): while True: try: build_menu() raw = Prompt.ask( "[bold magenta]╰─>[/bold magenta]", default="" ).strip() if not raw: continue raw_lower = raw.lower() if raw_lower in ("?", "help"): show_help() continue if raw.startswith("/"): # Inline search: /subdomain → search immediately query = raw[1:].strip() search_tools(query=query if query else None) continue if raw_lower in ("s", "search"): search_tools() continue if raw_lower in ("t", "tag", "tags", "filter"): filter_by_tag() continue if raw_lower in ("r", "rec", "recommend"): recommend_tools() continue if raw_lower in ("q", "quit", "exit"): console.print(Panel( "[bold white on magenta] Goodbye — Come Back Safely [/bold white on magenta]", box=box.HEAVY, border_style="magenta", )) break try: choice = int(raw_lower) except ValueError: console.print("[red]⚠ Invalid input — enter a number, /query to search, or q to quit.[/red]") Prompt.ask("[dim]Press Enter to continue[/dim]", default="") continue if 1 <= choice <= len(all_tools): title, icon, _ = tool_definitions[choice - 1] console.print(Panel( f"[bold magenta]{icon} {title}[/bold magenta]", border_style="magenta", box=box.ROUNDED, )) try: all_tools[choice - 1].show_options() except Exception as e: console.print(Panel( f"[red]Error while opening {title}[/red]\n{e}", border_style="red", )) Prompt.ask("[dim]Press Enter to return to main menu[/dim]", default="") else: console.print(f"[red]⚠ Choose 1–{len(all_tools)}, ? for help, or q to quit.[/red]") Prompt.ask("[dim]Press Enter to continue[/dim]", default="") except KeyboardInterrupt: console.print("\n[bold red]Interrupted — exiting[/bold red]") break # ── Entry point ──────────────────────────────────────────────────────────────── def main(): try: from os_detect import CURRENT_OS if CURRENT_OS.system == "windows": console.print(Panel("[bold red]Please run this tool on Linux or macOS.[/bold red]")) if Confirm.ask("Open guidance link in your browser?", default=True): webbrowser.open_new_tab(f"{REPO_WEB_URL}#windows") return if CURRENT_OS.system not in ("linux", "macos"): console.print(f"[yellow]Unsupported OS: {CURRENT_OS.system}. Proceeding anyway...[/yellow]") get_tools_dir() # ensures ~/.hackingtool/tools/ exists interact_menu() except KeyboardInterrupt: console.print("\n[bold red]Exiting...[/bold red]") if __name__ == "__main__": main() ================================================ FILE: images/demo ================================================ ================================================ FILE: install.py ================================================ #!/usr/bin/env python3 import os import sys import shutil import subprocess from pathlib import Path # ── Python version check (must be before any other local import) ────────────── if sys.version_info < (3, 10): print( f"[ERROR] Python 3.10 or newer is required.\n" f"You are running Python {sys.version_info.major}.{sys.version_info.minor}.\n" f"Install with: sudo apt install python3.10" ) sys.exit(1) from rich.console import Console from rich.panel import Panel from rich.prompt import Confirm from rich.progress import Progress, SpinnerColumn, TextColumn from rich.text import Text from rich import box from constants import ( REPO_URL, APP_INSTALL_DIR, APP_BIN_PATH, VERSION, VERSION_DISPLAY, USER_CONFIG_DIR, USER_TOOLS_DIR, USER_CONFIG_FILE, DEFAULT_CONFIG, ) from os_detect import CURRENT_OS, REQUIRED_PACKAGES, PACKAGE_UPDATE_CMDS, PACKAGE_INSTALL_CMDS console = Console() VENV_DIR_NAME = "venv" REQUIREMENTS = "requirements.txt" # ── Privilege check ──────────────────────────────────────────────────────────── def check_root(): if os.geteuid() != 0: console.print(Panel( "[error]This installer must be run as root.\n" "Use: [bold]sudo python3 install.py[/bold][/error]", border_style="red", )) sys.exit(1) # ── OS compatibility check ───────────────────────────────────────────────────── def check_os_compatibility(): """Print detected OS info and exit on unsupported systems.""" info = CURRENT_OS console.print( f"[dim]Detected: OS={info.system} | distro={info.distro_id or 'n/a'} | " f"pkg_mgr={info.pkg_manager or 'none'} | arch={info.arch}[/dim]" ) if info.system == "windows": console.print(Panel( "[error]Windows is not supported natively.[/error]\n" "Use WSL2 with a Kali or Ubuntu image.", border_style="red", )) sys.exit(1) if info.is_wsl: console.print("[warning]WSL detected. Wireless tools will NOT work in WSL.[/warning]") if info.system == "macos": console.print(Panel( "[warning]macOS support is partial.[/warning]\n" "Network/wireless tools require Linux. OSINT and web tools work.", border_style="yellow", )) if not shutil.which("brew"): console.print("[error]Homebrew not found. Install it first: https://brew.sh[/error]") sys.exit(1) if not info.pkg_manager: console.print("[warning]No supported package manager found.[/warning]") console.print("[dim]Supported: apt-get, pacman, dnf, zypper, apk, brew[/dim]") # ── Internet check ───────────────────────────────────────────────────────────── def check_internet() -> bool: console.print("[dim]Checking internet...[/dim]") for host in ("https://github.com", "https://www.google.com"): r = subprocess.run( ["curl", "-sSf", "--max-time", "8", host], capture_output=True, ) if r.returncode == 0: console.print("[success]✔ Internet connection OK[/success]") return True console.print("[error]✘ No internet connection[/error]") return False # ── System packages ──────────────────────────────────────────────────────────── def install_system_packages(): mgr = CURRENT_OS.pkg_manager if not mgr: console.print("[warning]Skipping system packages — no package manager found.[/warning]") return # Use sudo only when not already root (uid != 0). # Inside Docker we run as root and sudo is not installed. priv = "" if os.geteuid() == 0 else "sudo " # Update index first (skip for brew — not needed) if mgr != "brew": update_cmd = PACKAGE_UPDATE_CMDS.get(mgr, "") if update_cmd: console.print(f"[dim]Updating package index ({mgr})...[/dim]") subprocess.run(f"{priv}{update_cmd}", shell=True, check=False) packages = REQUIRED_PACKAGES.get(mgr, []) if not packages: return install_tpl = PACKAGE_INSTALL_CMDS[mgr] cmd = install_tpl.format(packages=" ".join(packages)) console.print(f"[dim]Installing system dependencies ({mgr})...[/dim]") result = subprocess.run(f"{priv}{cmd}", shell=True, check=False) if result.returncode != 0: console.print("[warning]Some packages failed — you may need to install them manually.[/warning]") # ── App directory ────────────────────────────────────────────────────────────── def _is_source_dir() -> bool: """Check if install.py is being run from a local clone (hackingtool.py exists alongside it).""" return (Path(__file__).resolve().parent / "hackingtool.py").exists() def prepare_install_dir(): if APP_INSTALL_DIR.exists(): console.print(f"[warning]{APP_INSTALL_DIR} already exists.[/warning]") if not Confirm.ask("Replace it? This removes the existing installation.", default=False): console.print("[error]Installation aborted.[/error]") sys.exit(1) subprocess.run(["rm", "-rf", str(APP_INSTALL_DIR)], check=True) APP_INSTALL_DIR.mkdir(parents=True, exist_ok=True) def install_source() -> bool: """Clone the repo or copy from local source if already in a clone.""" source_dir = Path(__file__).resolve().parent if _is_source_dir() and source_dir != APP_INSTALL_DIR: # Already in a local clone — copy instead of re-cloning console.print(f"[dim]Copying source from {source_dir}...[/dim]") # Remove first to ensure clean copy (prepare_install_dir may have created it) if APP_INSTALL_DIR.exists(): subprocess.run(["rm", "-rf", str(APP_INSTALL_DIR)], check=True) subprocess.run(["cp", "-a", str(source_dir), str(APP_INSTALL_DIR)], check=True) # Fix ownership so git doesn't complain about "dubious ownership" subprocess.run(["chown", "-R", "root:root", str(APP_INSTALL_DIR)], check=False) console.print("[success]✔ Source copied (no re-clone needed)[/success]") return True # Not running from source — clone from GitHub console.print(f"[dim]Cloning {REPO_URL}...[/dim]") r = subprocess.run(["git", "clone", "--depth", "1", REPO_URL, str(APP_INSTALL_DIR)], check=False) if r.returncode == 0: console.print("[success]✔ Repository cloned[/success]") return True console.print("[error]✘ Failed to clone repository[/error]") return False # ── Python venv ──────────────────────────────────────────────────────────────── def create_venv_and_install(): venv_path = APP_INSTALL_DIR / VENV_DIR_NAME console.print("[dim]Creating virtual environment...[/dim]") subprocess.run([sys.executable, "-m", "venv", str(venv_path)], check=True) pip = str(venv_path / "bin" / "pip") req = APP_INSTALL_DIR / REQUIREMENTS if req.exists(): console.print("[dim]Installing Python requirements...[/dim]") subprocess.run([pip, "install", "--quiet", "-r", str(req)], check=False) else: console.print("[warning]requirements.txt not found — skipping pip install.[/warning]") # ── Launcher script ──────────────────────────────────────────────────────────── def create_launcher(): launcher = APP_INSTALL_DIR / "hackingtool.sh" launcher.write_text( "#!/bin/bash\n" f'source "{APP_INSTALL_DIR / VENV_DIR_NAME}/bin/activate"\n' f'python3 "{APP_INSTALL_DIR / "hackingtool.py"}" "$@"\n' ) launcher.chmod(0o755) if APP_BIN_PATH.exists(): APP_BIN_PATH.unlink() shutil.move(str(launcher), str(APP_BIN_PATH)) console.print(f"[success]✔ Launcher installed at {APP_BIN_PATH}[/success]") # ── User directories ─────────────────────────────────────────────────────────── def create_user_directories(): """ Create ~/.hackingtool/ and write initial config.json. Uses Path.home() — always correct regardless of username or OS. Safe to run as root (creates /root/.hackingtool/) or as a normal user. """ import json USER_CONFIG_DIR.mkdir(parents=True, exist_ok=True) USER_TOOLS_DIR.mkdir(parents=True, exist_ok=True) if not USER_CONFIG_FILE.exists(): USER_CONFIG_FILE.write_text(json.dumps(DEFAULT_CONFIG, indent=2, sort_keys=True)) console.print(f"[success]✔ Config created at {USER_CONFIG_FILE}[/success]") console.print(f"[success]✔ Tools directory: {USER_TOOLS_DIR}[/success]") # ── Entry point ──────────────────────────────────────────────────────────────── def main(): check_root() console.clear() console.print(Panel( Text(f"HackingTool Installer {VERSION_DISPLAY}", style="bold magenta"), box=box.DOUBLE, border_style="bright_magenta", )) check_os_compatibility() if not check_internet(): sys.exit(1) with Progress(SpinnerColumn(), TextColumn("[progress.description]{task.description}")) as p: p.add_task("Installing system packages...", total=None) install_system_packages() prepare_install_dir() if not install_source(): sys.exit(1) with Progress(SpinnerColumn(), TextColumn("[progress.description]{task.description}")) as p: p.add_task("Setting up virtualenv & requirements...", total=None) create_venv_and_install() create_launcher() create_user_directories() console.print(Panel( "[bold magenta]Installation complete![/bold magenta]\n\n" "Type [bold cyan]hackingtool[/bold cyan] in a terminal to start.", border_style="magenta", )) if __name__ == "__main__": try: main() except KeyboardInterrupt: console.print("\n[error]Installation interrupted.[/error]") sys.exit(1) except subprocess.CalledProcessError as e: console.print(f"[error]Command failed: {e}[/error]") sys.exit(1) ================================================ FILE: install.sh ================================================ #!/usr/bin/env bash # ────────────────────────────────────────────────────────────────────────────── # HackingTool — One-liner installer # # Usage: # curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash # # What it does: # 1. Checks prerequisites (Python 3.10+, git, pip, venv) # 2. Clones the repository to /usr/share/hackingtool # 3. Creates a Python venv and installs requirements # 4. Creates a launcher at /usr/bin/hackingtool # 5. Creates user directories at ~/.hackingtool/ # ────────────────────────────────────────────────────────────────────────────── set -euo pipefail REPO_URL="https://github.com/Z4nzu/hackingtool.git" INSTALL_DIR="/usr/share/hackingtool" BIN_PATH="/usr/bin/hackingtool" CONFIG_DIR="${SUDO_USER:+$(eval echo ~"$SUDO_USER")}/.hackingtool" # Fallback if not run via sudo : "${CONFIG_DIR:=$HOME/.hackingtool}" RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' CYAN='\033[0;36m' BOLD='\033[1m' RESET='\033[0m' info() { echo -e "${CYAN}[*]${RESET} $1"; } ok() { echo -e "${GREEN}[✔]${RESET} $1"; } warn() { echo -e "${YELLOW}[!]${RESET} $1"; } fail() { echo -e "${RED}[✘]${RESET} $1"; exit 1; } # ── Root check ──────────────────────────────────────────────────────────────── if [ "$(id -u)" -ne 0 ]; then fail "This installer must be run as root.\n Usage: curl -sSL | ${BOLD}sudo${RESET} bash" fi echo "" echo -e "${BOLD}${CYAN} ⚔ HackingTool Installer${RESET}" echo -e " ─────────────────────────────────────" echo "" # ── Detect package manager ──────────────────────────────────────────────────── if command -v apt-get &>/dev/null; then PKG_MGR="apt-get" PKG_UPDATE="apt-get update -qq" PKG_INSTALL="apt-get install -y -qq" elif command -v pacman &>/dev/null; then PKG_MGR="pacman" PKG_UPDATE="pacman -Sy --noconfirm" PKG_INSTALL="pacman -S --noconfirm --needed" elif command -v dnf &>/dev/null; then PKG_MGR="dnf" PKG_UPDATE="true" PKG_INSTALL="dnf install -y -q" elif command -v brew &>/dev/null; then PKG_MGR="brew" PKG_UPDATE="true" PKG_INSTALL="brew install" else fail "No supported package manager found (need apt-get, pacman, dnf, or brew)." fi info "Package manager: ${BOLD}$PKG_MGR${RESET}" # ── Install system prerequisites ────────────────────────────────────────────── info "Installing prerequisites..." $PKG_UPDATE 2>/dev/null || true for pkg in git curl python3 python3-pip python3-venv; do if [ "$PKG_MGR" = "pacman" ]; then case "$pkg" in python3) pkg="python" ;; python3-pip) pkg="python-pip" ;; python3-venv) continue ;; # included in python on Arch esac elif [ "$PKG_MGR" = "brew" ]; then case "$pkg" in python3-pip|python3-venv) continue ;; # included in python3 on macOS esac elif [ "$PKG_MGR" = "dnf" ]; then case "$pkg" in python3-venv) continue ;; # included in python3 on Fedora esac fi $PKG_INSTALL "$pkg" 2>/dev/null || warn "Could not install $pkg — may already be present" done # ── Python version check ───────────────────────────────────────────────────── PYTHON_VERSION=$(python3 -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")' 2>/dev/null || echo "0.0") PYTHON_MAJOR=$(echo "$PYTHON_VERSION" | cut -d. -f1) PYTHON_MINOR=$(echo "$PYTHON_VERSION" | cut -d. -f2) if [ "$PYTHON_MAJOR" -lt 3 ] || { [ "$PYTHON_MAJOR" -eq 3 ] && [ "$PYTHON_MINOR" -lt 10 ]; }; then fail "Python 3.10+ required. Found: Python $PYTHON_VERSION" fi ok "Python $PYTHON_VERSION" # ── Clone repository ────────────────────────────────────────────────────────── if [ -d "$INSTALL_DIR" ]; then warn "$INSTALL_DIR already exists." read -rp " Replace it? [y/N] " answer if [[ "$answer" =~ ^[Yy] ]]; then rm -rf "$INSTALL_DIR" else fail "Installation aborted." fi fi info "Cloning repository..." git clone --depth 1 "$REPO_URL" "$INSTALL_DIR" 2>/dev/null ok "Cloned to $INSTALL_DIR" # ── Python venv + requirements ──────────────────────────────────────────────── info "Creating virtual environment..." python3 -m venv "$INSTALL_DIR/venv" info "Installing Python dependencies..." "$INSTALL_DIR/venv/bin/pip" install --quiet -r "$INSTALL_DIR/requirements.txt" 2>/dev/null ok "Dependencies installed" # ── Create launcher ────────────────────────────────────────────────────────── cat > "$BIN_PATH" << 'LAUNCHER' #!/bin/bash source "/usr/share/hackingtool/venv/bin/activate" python3 "/usr/share/hackingtool/hackingtool.py" "$@" LAUNCHER chmod 755 "$BIN_PATH" ok "Launcher installed at $BIN_PATH" # ── User directories ───────────────────────────────────────────────────────── mkdir -p "$CONFIG_DIR/tools" if [ ! -f "$CONFIG_DIR/config.json" ]; then cat > "$CONFIG_DIR/config.json" << CONF { "tools_dir": "$CONFIG_DIR/tools", "version": "2.0.0" } CONF fi # Fix ownership if run via sudo if [ -n "${SUDO_USER:-}" ]; then chown -R "$SUDO_USER:$SUDO_USER" "$CONFIG_DIR" fi ok "User config: $CONFIG_DIR" # ── Done ────────────────────────────────────────────────────────────────────── echo "" echo -e "${GREEN}${BOLD} ✔ Installation complete!${RESET}" echo -e " Type ${BOLD}${CYAN}hackingtool${RESET} to start." echo "" ================================================ FILE: os_detect.py ================================================ import platform import shutil from dataclasses import dataclass, field from pathlib import Path @dataclass class OSInfo: system: str # "linux", "macos", "windows", "unknown" distro_id: str = "" # "kali", "ubuntu", "arch", "fedora", etc. distro_like: str = "" # "debian", "rhel", etc. (from ID_LIKE) distro_version: str = "" # "2024.1", "22.04", etc. pkg_manager: str = "" # "apt-get", "pacman", "dnf", "brew", etc. is_root: bool = False home_dir: Path = field(default_factory=Path.home) is_wsl: bool = False # Windows Subsystem for Linux arch: str = "" # "x86_64", "aarch64", "arm64" def detect() -> OSInfo: """ Fully detect the current OS, distro, and available package manager. Never asks the user — entirely automatic. """ import os system_raw = platform.system() system = system_raw.lower() if system == "darwin": system = "macos" info = OSInfo( system = system, is_root = (os.geteuid() == 0) if hasattr(os, "geteuid") else False, home_dir = Path.home(), arch = platform.machine(), ) # ── Linux-specific ───────────────────────────────────────────────────────── if system == "linux": # Detect WSL try: info.is_wsl = "microsoft" in Path("/proc/version").read_text().lower() except (FileNotFoundError, PermissionError): pass # Read /etc/os-release (standard on all modern distros) os_release: dict[str, str] = {} for path in ("/etc/os-release", "/usr/lib/os-release"): try: for line in Path(path).read_text().splitlines(): k, _, v = line.partition("=") os_release[k.strip()] = v.strip().strip('"') break except FileNotFoundError: continue info.distro_id = os_release.get("ID", "").lower() info.distro_like = os_release.get("ID_LIKE", "").lower() info.distro_version = os_release.get("VERSION_ID", "") # ── Package manager detection (in priority order) ────────────────────────── for mgr in ("apt-get", "pacman", "dnf", "zypper", "apk", "brew", "pkg"): if shutil.which(mgr): info.pkg_manager = mgr break return info # Module-level singleton — computed once on import CURRENT_OS: OSInfo = detect() # ── Per-OS package manager commands ──────────────────────────────────────────── PACKAGE_INSTALL_CMDS: dict[str, str] = { "apt-get": "apt-get install -y {packages}", "pacman": "pacman -S --noconfirm {packages}", "dnf": "dnf install -y {packages}", "zypper": "zypper install -y {packages}", "apk": "apk add {packages}", "brew": "brew install {packages}", "pkg": "pkg install -y {packages}", } PACKAGE_UPDATE_CMDS: dict[str, str] = { "apt-get": "apt-get update -qq && apt-get upgrade -y", "pacman": "pacman -Syu --noconfirm", "dnf": "dnf upgrade -y", "zypper": "zypper update -y", "apk": "apk update && apk upgrade", "brew": "brew update && brew upgrade", "pkg": "pkg update && pkg upgrade -y", } # Core system packages needed per package manager REQUIRED_PACKAGES: dict[str, list[str]] = { "apt-get": ["git", "python3-pip", "python3-venv", "curl", "wget", "ruby", "ruby-dev", "golang-go", "php", "default-jre-headless"], "pacman": ["git", "python-pip", "curl", "wget", "ruby", "go", "php", "jre-openjdk-headless"], "dnf": ["git", "python3-pip", "curl", "wget", "ruby", "golang", "php", "java-17-openjdk-headless"], "zypper": ["git", "python3-pip", "curl", "wget", "ruby", "go", "php"], "brew": ["git", "python3", "curl", "wget", "ruby", "go", "php"], "pkg": ["git", "python3", "py39-pip", "curl", "wget", "ruby", "go", "php83"], } def install_packages(packages: list[str], os_info: OSInfo | None = None) -> bool: """Install system packages using the detected package manager.""" import subprocess if os_info is None: os_info = CURRENT_OS mgr = os_info.pkg_manager if mgr not in PACKAGE_INSTALL_CMDS: print(f"[warning] Unknown package manager. Install manually: {packages}") return False cmd_template = PACKAGE_INSTALL_CMDS[mgr] pkg_str = " ".join(packages) cmd = cmd_template.format(packages=pkg_str) # Prepend privilege escalation only on Linux (brew on macOS doesn't need sudo) if os_info.system == "linux" and not os_info.is_root: from constants import PRIV_CMD cmd = f"{PRIV_CMD} {cmd}" result = subprocess.run(cmd, shell=True, check=False) return result.returncode == 0 ================================================ FILE: requirements.txt ================================================ # Python dependencies for hackingtool # boxes and lolcat are system CLI tools, not pip packages — install via apt/brew # flask is unused — removed # requests is unused at runtime — removed rich>=13.0.0 ================================================ FILE: tools/__init__.py ================================================ ================================================ FILE: tools/active_directory.py ================================================ from core import HackingTool from core import HackingToolsCollection class BloodHound(HackingTool): TITLE = "BloodHound (AD Attack Paths)" DESCRIPTION = "Uses graph theory to reveal hidden attack paths in Active Directory/Azure environments." INSTALL_COMMANDS = [ "pip install --user bloodhound", "sudo apt-get install -y neo4j", ] RUN_COMMANDS = ["bloodhound-python --help"] PROJECT_URL = "https://github.com/BloodHoundAD/BloodHound" SUPPORTED_OS = ["linux", "macos"] class NetExec(HackingTool): TITLE = "NetExec — nxc (Network Pentesting)" DESCRIPTION = "Swiss army knife for pentesting Windows/AD networks. Successor to CrackMapExec." INSTALL_COMMANDS = ["pip install --user netexec"] RUN_COMMANDS = ["nxc --help"] PROJECT_URL = "https://github.com/Pennyw0rth/NetExec" SUPPORTED_OS = ["linux", "macos"] class Impacket(HackingTool): TITLE = "Impacket (Network Protocol Tools)" DESCRIPTION = "Python classes for working with SMB, MSRPC, Kerberos, LDAP, and more." INSTALL_COMMANDS = ["pip install --user impacket"] RUN_COMMANDS = ["impacket-smbclient --help"] PROJECT_URL = "https://github.com/fortra/impacket" SUPPORTED_OS = ["linux", "macos"] class Responder(HackingTool): TITLE = "Responder (LLMNR/NBT-NS Poisoner)" DESCRIPTION = "LLMNR/NBT-NS/MDNS poisoner with rogue authentication servers for credential capture." INSTALL_COMMANDS = ["git clone https://github.com/lgandx/Responder.git"] RUN_COMMANDS = ["cd Responder && sudo python3 Responder.py --help"] PROJECT_URL = "https://github.com/lgandx/Responder" SUPPORTED_OS = ["linux"] class Certipy(HackingTool): TITLE = "Certipy (AD Certificate Abuse)" DESCRIPTION = "Active Directory Certificate Services enumeration and abuse tool." INSTALL_COMMANDS = ["pip install --user certipy-ad"] RUN_COMMANDS = ["certipy --help"] PROJECT_URL = "https://github.com/ly4k/Certipy" SUPPORTED_OS = ["linux", "macos"] class Kerbrute(HackingTool): TITLE = "Kerbrute (Kerberos Brute Force)" DESCRIPTION = "Kerberos pre-auth brute-forcer for username enumeration and password spraying." REQUIRES_GO = True INSTALL_COMMANDS = [ "go install github.com/ropnop/kerbrute@latest", ] RUN_COMMANDS = ["kerbrute --help"] PROJECT_URL = "https://github.com/ropnop/kerbrute" SUPPORTED_OS = ["linux", "macos"] class ActiveDirectoryTools(HackingToolsCollection): TITLE = "Active Directory Tools" DESCRIPTION = "Tools for AD enumeration, attack path discovery, and credential attacks." TOOLS = [ BloodHound(), NetExec(), Impacket(), Responder(), Certipy(), Kerbrute(), ] ================================================ FILE: tools/anonsurf.py ================================================ import os from core import HackingTool, HackingToolsCollection, console class AnonymouslySurf(HackingTool): TITLE = "Anonymously Surf" DESCRIPTION = ( "It automatically overwrites the RAM when the system shuts down\n" "and also changes your IP address." ) # Bug 28 fix: was "cd kali-anonsurf && ./installer.sh && cd .. && sudo rm -r kali-anonsurf" # Deleting the source on install means there is no retry if install fails. # Now kept in a separate step so failure does not destroy the source. INSTALL_COMMANDS = [ "git clone https://github.com/Und3rf10w/kali-anonsurf.git", "cd kali-anonsurf && sudo ./installer.sh", ] RUN_COMMANDS = ["sudo anonsurf start"] PROJECT_URL = "https://github.com/Und3rf10w/kali-anonsurf" SUPPORTED_OS = ["linux"] def __init__(self): super().__init__([("Stop", self.stop)]) def stop(self): import subprocess console.print("[bold magenta]Stopping Anonsurf...[/bold magenta]") subprocess.run(["sudo", "anonsurf", "stop"]) class Multitor(HackingTool): TITLE = "Multitor" DESCRIPTION = "How to stay in multi places at the same time." INSTALL_COMMANDS = [ "git clone https://github.com/trimstray/multitor.git", "cd multitor && sudo bash setup.sh install", ] RUN_COMMANDS = [ "multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy" ] PROJECT_URL = "https://github.com/trimstray/multitor" SUPPORTED_OS = ["linux"] def __init__(self): super().__init__(runnable=False) class AnonSurfTools(HackingToolsCollection): TITLE = "Anonymously Hiding Tools" TOOLS = [ AnonymouslySurf(), Multitor(), ] if __name__ == "__main__": tools = AnonSurfTools() tools.show_options() ================================================ FILE: tools/cloud_security.py ================================================ from core import HackingTool from core import HackingToolsCollection class Prowler(HackingTool): TITLE = "Prowler (Cloud Security Scanner)" DESCRIPTION = "Open-source security tool for AWS, Azure, GCP, and Kubernetes assessments." INSTALL_COMMANDS = ["pip install --user prowler"] RUN_COMMANDS = ["prowler --help"] PROJECT_URL = "https://github.com/prowler-cloud/prowler" SUPPORTED_OS = ["linux", "macos"] class ScoutSuite(HackingTool): TITLE = "ScoutSuite (Multi-Cloud Auditing)" DESCRIPTION = "Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba, and Oracle." INSTALL_COMMANDS = ["pip install --user scoutsuite"] RUN_COMMANDS = ["scout --help"] PROJECT_URL = "https://github.com/nccgroup/ScoutSuite" SUPPORTED_OS = ["linux", "macos"] class Pacu(HackingTool): TITLE = "Pacu (AWS Exploitation Framework)" DESCRIPTION = "AWS exploitation framework for offensive security testing of AWS environments." INSTALL_COMMANDS = ["pip install --user pacu"] RUN_COMMANDS = ["pacu --help"] PROJECT_URL = "https://github.com/RhinoSecurityLabs/pacu" SUPPORTED_OS = ["linux", "macos"] class Trivy(HackingTool): TITLE = "Trivy (Container/K8s Scanner)" DESCRIPTION = "Comprehensive vulnerability scanner for containers, Kubernetes, IaC, and code." INSTALL_COMMANDS = [ "curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin", ] RUN_COMMANDS = ["trivy --help"] PROJECT_URL = "https://github.com/aquasecurity/trivy" SUPPORTED_OS = ["linux", "macos"] class CloudSecurityTools(HackingToolsCollection): TITLE = "Cloud Security Tools" DESCRIPTION = "Tools for cloud infrastructure security assessment and exploitation." TOOLS = [ Prowler(), ScoutSuite(), Pacu(), Trivy(), ] ================================================ FILE: tools/ddos.py ================================================ import subprocess from rich.prompt import Prompt from core import HackingTool, HackingToolsCollection, console class DDoSTool(HackingTool): TITLE = "DDoS" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "Best DDoS Attack Script With 36 Plus Methods. " "DDoS attacks for SECURITY TESTING PURPOSES ONLY!" ) INSTALL_COMMANDS = [ "git clone https://github.com/the-deepnet/ddos.git", "cd ddos && sudo pip3 install -r requirements.txt", ] PROJECT_URL = "https://github.com/the-deepnet/ddos" def run(self): from config import get_tools_dir method = Prompt.ask("Enter Method") url = Prompt.ask("Enter URL") threads = Prompt.ask("Enter Threads") proxylist = Prompt.ask("Enter ProxyList") multiple = Prompt.ask("Enter Multiple") timer = Prompt.ask("Enter Timer") # Bug 4 fix: removed os.system("cd ddos;") — use cwd= instead subprocess.run( ["sudo", "python3", "ddos.py", method, url, "socks_type5.4.1", threads, proxylist, multiple, timer], cwd=str(get_tools_dir() / "ddos"), ) class SlowLoris(HackingTool): TITLE = "SlowLoris" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "Slowloris is basically an HTTP Denial of Service attack. " "It sends lots of HTTP requests." ) INSTALL_COMMANDS = ["sudo pip3 install slowloris"] def run(self): target_site = Prompt.ask("Enter Target Site") subprocess.run(["slowloris", target_site]) class Asyncrone(HackingTool): TITLE = "Asyncrone | Multifunction SYN Flood DDoS Weapon" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "aSYNcrone is a C language based, multifunction SYN Flood DDoS Weapon.\n" "Disable the destination system by sending SYN packets intensively." ) INSTALL_COMMANDS = [ "git clone https://github.com/fatih4842/aSYNcrone.git", "cd aSYNcrone && sudo gcc aSYNcrone.c -o aSYNcrone -lpthread", ] PROJECT_URL = "https://github.com/fatihsnsy/aSYNcrone" def run(self): from config import get_tools_dir source_port = Prompt.ask("Enter Source Port") target_ip = Prompt.ask("Enter Target IP") target_port = Prompt.ask("Enter Target Port") # Bug 5 fix: 1000 was int — subprocess requires all args str # Bug 4 fix: removed os.system("cd aSYNcrone;") — use cwd= instead subprocess.run( ["sudo", "./aSYNcrone", str(source_port), str(target_ip), str(target_port), "1000"], cwd=str(get_tools_dir() / "aSYNcrone"), ) class UFONet(HackingTool): TITLE = "UFOnet" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "UFONet is a free software, P2P and cryptographic disruptive toolkit " "that allows performing DoS and DDoS attacks." ) INSTALL_COMMANDS = [ "git clone https://github.com/epsylon/ufonet.git", "cd ufonet && pip install --user .", ] RUN_COMMANDS = ["python3 ufonet --gui"] PROJECT_URL = "https://github.com/epsylon/ufonet" class GoldenEye(HackingTool): TITLE = "GoldenEye" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "GoldenEye is a python3 app for SECURITY TESTING PURPOSES ONLY!\n" "GoldenEye is a HTTP DoS Test Tool.\n" "Usage: ./goldeneye.py [OPTIONS]" ) INSTALL_COMMANDS = [ "git clone https://github.com/jseidl/GoldenEye.git", "chmod -R 755 GoldenEye", ] PROJECT_URL = "https://github.com/jseidl/GoldenEye" def run(self): from config import get_tools_dir # Bug 4 fix: removed os.system("cd GoldenEye; ...") — no-op cd subshell url = Prompt.ask("Enter target URL") subprocess.run(["sudo", "./goldeneye.py", url], cwd=str(get_tools_dir() / "GoldenEye")) class Saphyra(HackingTool): TITLE = "SaphyraDDoS" SUPPORTED_OS = ["linux"] DESCRIPTION = "A Python DDoS script for SECURITY TESTING PURPOSES ONLY." INSTALL_COMMANDS = [ # Bug 7 fix: removed "sudo su" (first step was dropping into interactive root shell) "git clone https://github.com/anonymous24x7/Saphyra-DDoS.git", "chmod +x Saphyra-DDoS/saphyra.py", ] PROJECT_URL = "https://github.com/anonymous24x7/Saphyra-DDoS" def run(self): from config import get_tools_dir url = Prompt.ask("Enter URL") # Vuln 1 fix: was os.system("python saphyra.py " + url) — command injection # Now uses subprocess list form — url is never interpolated into a shell string subprocess.run( ["python3", "saphyra.py", url], cwd=str(get_tools_dir() / "Saphyra-DDoS"), ) class DDOSTools(HackingToolsCollection): TITLE = "DDOS Attack Tools" TOOLS = [DDoSTool(), SlowLoris(), Asyncrone(), UFONet(), GoldenEye(), Saphyra()] if __name__ == "__main__": tools = DDOSTools() tools.show_options() ================================================ FILE: tools/exploit_frameworks.py ================================================ from core import HackingTool, HackingToolsCollection, console from tools.web_attack import Web2Attack from rich.panel import Panel from rich.text import Text from rich.prompt import Prompt class RouterSploit(HackingTool): TITLE = "RouterSploit" DESCRIPTION = "The RouterSploit Framework is an open-source exploitation " \ "framework dedicated to embedded devices" INSTALL_COMMANDS = [ "git clone https://github.com/threat9/routersploit.git", "cd routersploit && sudo python3 -m pip install -r requirements.txt" ] RUN_COMMANDS = ["cd routersploit && sudo python3 rsf.py"] PROJECT_URL = "https://github.com/threat9/routersploit" class WebSploit(HackingTool): TITLE = "WebSploit" SUPPORTED_OS = ["linux"] DESCRIPTION = "Websploit is an advanced MITM framework." INSTALL_COMMANDS = [ "git clone https://github.com/The404Hacking/websploit.git;cd websploit/Setup;sudo chmod +x install.sh && sudo bash install.sh" ] RUN_COMMANDS = ["sudo websploit"] PROJECT_URL = "https://github.com/The404Hacking/websploit " class Commix(HackingTool): TITLE = "Commix" DESCRIPTION = "Automated All-in-One OS command injection and exploitation " \ "tool.\nCommix can be used from web developers, penetration " \ "testers or even security researchers\n in order to test " \ "web-based applications with the view to find bugs,\n " \ "errors or vulnerabilities related to command injection " \ "attacks.\n Usage: python commix.py [option(s)]" INSTALL_COMMANDS = [ "git clone https://github.com/commixproject/commix.git commix", # Bug 26 fix: was "sudo python setup.py install" (Python 2) "cd commix && pip install --user .", ] # Bug 26 fix: was "sudo python commix.py --wizard" (Python 2) RUN_COMMANDS = ["cd commix && sudo python3 commix.py --wizard"] PROJECT_URL = "https://github.com/commixproject/commix" def __init__(self): # Py3-4 fix: super(Commix, self) → super() super().__init__(runnable=False) class ExploitFrameworkTools(HackingToolsCollection): TITLE = "Exploit framework" TOOLS = [ RouterSploit(), WebSploit(), Commix(), Web2Attack() ] if __name__ == "__main__": tools = ExploitFrameworkTools() tools.show_options() ================================================ FILE: tools/forensics.py ================================================ import os from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.text import Text from rich.prompt import Prompt class Autopsy(HackingTool): TITLE = "Autopsy" DESCRIPTION = "Autopsy is a platform that is used by Cyber Investigators.\n" \ "[!] Works in any OS\n" \ "[!] Recover Deleted Files from any OS & Media \n" \ "[!] Extract Image Metadata" RUN_COMMANDS = ["sudo autopsy"] def __init__(self): super().__init__(installable=False) class Wireshark(HackingTool): TITLE = "Wireshark" DESCRIPTION = "Wireshark is a network capture and analyzer \n" \ "tool to see what’s happening in your network.\n " \ "And also investigate Network related incident" RUN_COMMANDS = ["sudo wireshark"] def __init__(self): super().__init__(installable=False) class BulkExtractor(HackingTool): TITLE = "Bulk extractor" DESCRIPTION = "Extract useful information without parsing the file system" PROJECT_URL = "https://github.com/simsong/bulk_extractor" SUPPORTED_OS = ["linux"] def __init__(self): super().__init__([ ('GUI Mode (Download required)', self.gui_mode), ('CLI Mode', self.cli_mode) ], installable=False, runnable=False) def gui_mode(self): import subprocess from config import get_tools_dir console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta")) console.print("[bold magenta]Cloning repository and attempting to run GUI...[/]") tools_dir = get_tools_dir() subprocess.run(["git", "clone", "https://github.com/simsong/bulk_extractor.git"], cwd=str(tools_dir)) be_dir = tools_dir / "bulk_extractor" subprocess.run(["./BEViewer"], cwd=str(be_dir / "java_gui")) console.print( "[magenta]If you get an error after clone go to /java_gui/src/ and compile the .jar file && run ./BEViewer[/]") console.print( "[magenta]Please visit for more details about installation: https://github.com/simsong/bulk_extractor[/]") def cli_mode(self): import subprocess console.print(Panel(Text(self.TITLE + " - CLI Mode", justify="center"), style="bold magenta")) subprocess.run(["sudo", "apt", "install", "-y", "bulk-extractor"]) console.print("[magenta]bulk_extractor [options] imagefile[/]") subprocess.run(["bulk_extractor", "-h"]) class Guymager(HackingTool): TITLE = "Disk Clone and ISO Image Acquire" DESCRIPTION = "Guymager is a free forensic imager for media acquisition." SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["sudo apt install guymager"] RUN_COMMANDS = ["sudo guymager"] PROJECT_URL = "https://guymager.sourceforge.io/" class Toolsley(HackingTool): TITLE = "Toolsley" DESCRIPTION = "Toolsley got more than ten useful tools for investigation.\n" \ "[+]File signature verifier\n" \ "[+]File identifier \n" \ "[+]Hash & Validate \n" \ "[+]Binary inspector \n " \ "[+]Encode text \n" \ "[+]Data URI generator \n" \ "[+]Password generator" PROJECT_URL = "https://www.toolsley.com/" def __init__(self): super().__init__(installable=False, runnable=False) class Volatility3(HackingTool): TITLE = "Volatility 3 (Memory Forensics)" DESCRIPTION = ( "The world's most widely used memory forensics framework.\n" "Usage: python3 vol.py -f memory.dmp windows.pslist" ) INSTALL_COMMANDS = [ "git clone https://github.com/volatilityfoundation/volatility3.git", "cd volatility3 && pip install --user -r requirements.txt", ] PROJECT_URL = "https://github.com/volatilityfoundation/volatility3" def run(self): from config import get_tools_dir import subprocess from rich.prompt import Prompt dump = Prompt.ask("Enter path to memory dump") plugin = Prompt.ask("Enter plugin", default="windows.pslist") subprocess.run( ["python3", "vol.py", "-f", dump, plugin], cwd=str(get_tools_dir() / "volatility3"), ) class Binwalk(HackingTool): TITLE = "Binwalk (Firmware Analysis)" DESCRIPTION = ( "Analyze, reverse engineer, and extract firmware images.\n" "Usage: binwalk -e firmware.bin" ) INSTALL_COMMANDS = ["pip install --user binwalk"] RUN_COMMANDS = ["binwalk --help"] PROJECT_URL = "https://github.com/ReFirmLabs/binwalk" class Pspy(HackingTool): TITLE = "pspy (Process Monitor — No Root)" DESCRIPTION = "Monitor Linux processes without root — detects cron jobs, scheduled tasks, other users' commands." INSTALL_COMMANDS = [ "curl -sSL https://github.com/DominicBreuker/pspy/releases/latest/download/pspy64 -o pspy", "chmod +x pspy", ] RUN_COMMANDS = ["./pspy --help"] PROJECT_URL = "https://github.com/DominicBreuker/pspy" SUPPORTED_OS = ["linux"] class ForensicTools(HackingToolsCollection): TITLE = "Forensic tools" TOOLS = [ Autopsy(), Wireshark(), BulkExtractor(), Guymager(), Toolsley(), Volatility3(), Binwalk(), Pspy(), ] if __name__ == "__main__": tools = ForensicTools() tools.show_options() ================================================ FILE: tools/information_gathering.py ================================================ import os import socket import subprocess import webbrowser import sys from core import HackingTool, HackingToolsCollection, console from core import clear_screen from rich.panel import Panel from rich.text import Text from rich.prompt import Prompt class NMAP(HackingTool): TITLE = "Network Map (nmap)" DESCRIPTION = "Free and open source utility for network discovery and security auditing" INSTALL_COMMANDS = [ "git clone https://github.com/nmap/nmap.git", "sudo chmod -R 755 nmap && cd nmap && sudo ./configure && make && sudo make install" ] PROJECT_URL = "https://github.com/nmap/nmap" def __init__(self): super().__init__(runnable=False) class Dracnmap(HackingTool): TITLE = "Dracnmap" DESCRIPTION = "Dracnmap is an open source program which is using to \n" \ "exploit the network and gathering information with nmap help." INSTALL_COMMANDS = [ "git clone https://github.com/Screetsec/Dracnmap.git", "cd Dracnmap && chmod +x dracnmap-v2.2-dracOs.sh dracnmap-v2.2.sh" ] RUN_COMMANDS = ["cd Dracnmap;sudo ./dracnmap-v2.2.sh"] PROJECT_URL = "https://github.com/Screetsec/Dracnmap" class PortScan(HackingTool): TITLE = "Port scanning" def __init__(self): super().__init__(installable=False) def run(self): clear_screen() console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta")) target = Prompt.ask("[bold]Select a Target IP[/bold magenta]", default="", show_default=False) subprocess.run(["sudo", "nmap", "-O", "-Pn", target]) class Host2IP(HackingTool): TITLE = "Host to IP " def __init__(self): super().__init__(installable=False) def run(self): clear_screen() console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta")) host = Prompt.ask("Enter host name (e.g. www.google.com):- ") ips = socket.gethostbyname(host) console.print("[bold magenta]{host} -> {ips}[/bold magenta]") class XeroSploit(HackingTool): TITLE = "Xerosploit" DESCRIPTION = "Xerosploit is a penetration testing toolkit whose goal is to perform\n" \ "man-in-the-middle attacks for testing purposes" INSTALL_COMMANDS = [ "git clone https://github.com/LionSec/xerosploit.git", "cd xerosploit && sudo python install.py" ] RUN_COMMANDS = ["sudo xerosploit"] PROJECT_URL = "https://github.com/LionSec/xerosploit" class RedHawk(HackingTool): TITLE = "RED HAWK (All In One Scanning)" DESCRIPTION = "All in one tool for Information Gathering and Vulnerability Scanning." INSTALL_COMMANDS = [ "git clone https://github.com/Tuhinshubhra/RED_HAWK.git"] RUN_COMMANDS = ["cd RED_HAWK;php rhawk.php"] PROJECT_URL = "https://github.com/Tuhinshubhra/RED_HAWK" class ReconSpider(HackingTool): TITLE = "ReconSpider(For All Scanning)" DESCRIPTION = "ReconSpider is most Advanced Open Source Intelligence (OSINT)" \ " Framework for scanning IP Address, Emails, \n" \ "Websites, Organizations and find out information from" \ " different sources.\n" INSTALL_COMMANDS = [ "git clone https://github.com/bhavsec/reconspider.git", "sudo apt install -y python3 python3-pip && cd reconspider && pip install --user ." ] RUN_COMMANDS = ["cd reconspider;python3 reconspider.py"] PROJECT_URL = "https://github.com/bhavsec/reconspider" class IsItDown(HackingTool): TITLE = "IsItDown (Check Website Down/Up)" DESCRIPTION = "Check Website Is Online or Not" def __init__(self): super().__init__( [('Open', self.open)], installable=False, runnable=False) def open(self): console.print(Panel("Opening isitdownrightnow.com", style="bold magenta")) webbrowser.open_new_tab("https://www.isitdownrightnow.com/") class Infoga(HackingTool): TITLE = "Infoga - Email OSINT" DESCRIPTION = "Infoga is a tool gathering email accounts information\n" \ "(ip, hostname, country,...) from different public source" INSTALL_COMMANDS = [ "git clone https://github.com/m4ll0k/Infoga.git", "cd Infoga && pip install --user ." ] RUN_COMMANDS = ["cd Infoga;python3 infoga.py"] PROJECT_URL = "https://github.com/m4ll0k/Infoga" class ReconDog(HackingTool): TITLE = "ReconDog" DESCRIPTION = "ReconDog Information Gathering Suite" INSTALL_COMMANDS = ["git clone https://github.com/s0md3v/ReconDog.git"] RUN_COMMANDS = ["cd ReconDog;sudo python dog"] PROJECT_URL = "https://github.com/s0md3v/ReconDog" class Striker(HackingTool): TITLE = "Striker" DESCRIPTION = "Recon & Vulnerability Scanning Suite" INSTALL_COMMANDS = [ "git clone https://github.com/s0md3v/Striker.git", "cd Striker && pip3 install -r requirements.txt" ] PROJECT_URL = "https://github.com/s0md3v/Striker" def run(self): from config import get_tools_dir site = Prompt.ask("Enter Site Name (example.com)") # Bug 3 fix: os.chdir() corrupts the process CWD permanently — use cwd= instead subprocess.run( ["sudo", "python3", "striker.py", site], cwd=str(get_tools_dir() / "Striker"), ) class SecretFinder(HackingTool): TITLE = "SecretFinder (like API & etc)" DESCRIPTION = "SecretFinder - A python script for find sensitive data \n" \ "like apikeys, accesstoken, authorizations, jwt,..etc \n " \ "and search anything on javascript files.\n\n " \ "Usage: python SecretFinder.py -h" INSTALL_COMMANDS = [ "git clone https://github.com/m4ll0k/SecretFinder.git secretfinder", "cd secretfinder; sudo pip3 install -r requirements.txt" ] PROJECT_URL = "https://github.com/m4ll0k/SecretFinder" def __init__(self): super().__init__(runnable=False) class Shodan(HackingTool): TITLE = "Find Info Using Shodan" DESCRIPTION = "Get ports, vulnerabilities, information, banners,..etc \n " \ "for any IP with Shodan (no apikey! no rate limit!)\n" \ "[X] Don't use this tool because your ip will be blocked by Shodan!" INSTALL_COMMANDS = ["git clone https://github.com/m4ll0k/Shodanfy.py.git"] PROJECT_URL = "https://github.com/m4ll0k/Shodanfy.py" def __init__(self): super().__init__(runnable=False) class PortScannerRanger(HackingTool): TITLE = "Port Scanner - rang3r" DESCRIPTION = "rang3r is a python script which scans in multi thread\n " \ "all alive hosts within your range that you specify." INSTALL_COMMANDS = [ "git clone https://github.com/floriankunushevci/rang3r.git;" "pip install --user termcolor"] PROJECT_URL = "https://github.com/floriankunushevci/rang3r" def run(self): from config import get_tools_dir ip = Prompt.ask("Enter IP") # Bug 3 fix: os.chdir() replaced with cwd= parameter subprocess.run( ["sudo", "python3", "rang3r.py", "--ip", ip], cwd=str(get_tools_dir() / "rang3r"), ) class Breacher(HackingTool): TITLE = "Breacher" DESCRIPTION = "An advanced multithreaded admin panel finder written in python." INSTALL_COMMANDS = ["git clone https://github.com/s0md3v/Breacher.git"] PROJECT_URL = "https://github.com/s0md3v/Breacher" def run(self): from config import get_tools_dir domain = Prompt.ask("Enter domain (example.com)") # Bug 3 fix: os.chdir() replaced with cwd= parameter subprocess.run( ["python3", "breacher.py", "-u", domain], cwd=str(get_tools_dir() / "Breacher"), ) class TheHarvester(HackingTool): TITLE = "theHarvester (OSINT)" DESCRIPTION = ( "Gather emails, names, subdomains, IPs and URLs from public sources.\n" "Usage: theHarvester -d example.com -b all" ) INSTALL_COMMANDS = [ "git clone https://github.com/laramies/theHarvester.git", "cd theHarvester && pip install --user -r requirements/base.txt", ] RUN_COMMANDS = ["cd theHarvester && python3 theHarvester.py -h"] PROJECT_URL = "https://github.com/laramies/theHarvester" class Amass(HackingTool): TITLE = "Amass (Attack Surface Mapping)" DESCRIPTION = ( "In-depth subdomain enumeration and attack surface mapping.\n" "Usage: amass enum -d example.com" ) SUPPORTED_OS = ["linux"] REQUIRES_GO = True INSTALL_COMMANDS = [ "go install -v github.com/owasp-amass/amass/v4/...@master", ] RUN_COMMANDS = ["amass -h"] PROJECT_URL = "https://github.com/owasp-amass/amass" class Masscan(HackingTool): TITLE = "Masscan (Fast Port Scanner)" DESCRIPTION = ( "Fastest internet port scanner — 10 million packets/sec.\n" "Usage: masscan -p1-65535 --rate=1000" ) SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["sudo apt-get install -y masscan"] RUN_COMMANDS = ["masscan --help"] PROJECT_URL = "https://github.com/robertdavidgraham/masscan" class RustScan(HackingTool): TITLE = "RustScan (Modern Port Scanner)" DESCRIPTION = ( "Scans all 65k ports in 3 seconds, passes results to nmap automatically.\n" "Usage: rustscan -a -- -sV" ) SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "curl -sLO https://github.com/RustScan/RustScan/releases/latest/download/rustscan_2.3.0_amd64.deb", "sudo dpkg -i rustscan_2.3.0_amd64.deb", ] RUN_COMMANDS = ["rustscan --help"] PROJECT_URL = "https://github.com/RustScan/RustScan" class Holehe(HackingTool): TITLE = "Holehe (Email → Social Accounts)" DESCRIPTION = ( "Check if an email address is registered on 120+ websites.\n" "Usage: holehe user@example.com" ) INSTALL_COMMANDS = ["pip install --user holehe"] RUN_COMMANDS = ["holehe --help"] PROJECT_URL = "https://github.com/megadose/holehe" class Maigret(HackingTool): TITLE = "Maigret (Username OSINT)" DESCRIPTION = ( "Collect a dossier on a person by username across 3000+ sites.\n" "Usage: maigret " ) INSTALL_COMMANDS = ["pip install --user maigret"] RUN_COMMANDS = ["maigret --help"] PROJECT_URL = "https://github.com/soxoj/maigret" class Httpx(HackingTool): TITLE = "httpx (HTTP Toolkit)" DESCRIPTION = ( "Fast multi-purpose HTTP probing tool.\n" "Usage: httpx -l urls.txt -status-code -title -tech-detect" ) REQUIRES_GO = True INSTALL_COMMANDS = [ "go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest", ] RUN_COMMANDS = ["httpx -h"] PROJECT_URL = "https://github.com/projectdiscovery/httpx" class SpiderFoot(HackingTool): TITLE = "SpiderFoot (OSINT Automation)" DESCRIPTION = "Automates OSINT collection for threat intelligence and attack surface mapping." INSTALL_COMMANDS = ["pip install --user spiderfoot"] RUN_COMMANDS = ["spiderfoot -h"] PROJECT_URL = "https://github.com/smicallef/spiderfoot" class Subfinder(HackingTool): TITLE = "Subfinder (Subdomain Enumeration)" DESCRIPTION = "Fast passive subdomain enumeration using multiple sources." REQUIRES_GO = True INSTALL_COMMANDS = [ "go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest", ] RUN_COMMANDS = ["subfinder -h"] PROJECT_URL = "https://github.com/projectdiscovery/subfinder" class TruffleHog(HackingTool): TITLE = "TruffleHog (Secret Scanner)" DESCRIPTION = "Find, verify, and analyze leaked credentials across git repos, S3 buckets, filesystems." INSTALL_COMMANDS = ["pip install --user trufflehog"] RUN_COMMANDS = ["trufflehog --help"] PROJECT_URL = "https://github.com/trufflesecurity/trufflehog" class Gitleaks(HackingTool): TITLE = "Gitleaks (Git Secret Scanner)" DESCRIPTION = "Fast secret scanner for git repos — detects hardcoded passwords, API keys, tokens." REQUIRES_GO = True INSTALL_COMMANDS = [ "go install github.com/gitleaks/gitleaks/v8@latest", ] RUN_COMMANDS = ["gitleaks --help"] PROJECT_URL = "https://github.com/gitleaks/gitleaks" class InformationGatheringTools(HackingToolsCollection): TITLE = "Information gathering tools" TOOLS = [ NMAP(), Dracnmap(), PortScan(), Host2IP(), XeroSploit(), RedHawk(), ReconSpider(), IsItDown(), Infoga(), ReconDog(), Striker(), SecretFinder(), Shodan(), PortScannerRanger(), Breacher(), TheHarvester(), Amass(), Masscan(), RustScan(), Holehe(), Maigret(), Httpx(), SpiderFoot(), Subfinder(), TruffleHog(), Gitleaks(), ] if __name__ == "__main__": tools = InformationGatheringTools() tools.show_options() ================================================ FILE: tools/mobile_security.py ================================================ from core import HackingTool from core import HackingToolsCollection class MobSF(HackingTool): TITLE = "MobSF (Mobile Security Framework)" DESCRIPTION = "All-in-one mobile app pentesting, malware analysis, and security assessment." INSTALL_COMMANDS = [ "git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git", "cd Mobile-Security-Framework-MobSF && ./setup.sh", ] RUN_COMMANDS = ["cd Mobile-Security-Framework-MobSF && ./run.sh"] PROJECT_URL = "https://github.com/MobSF/Mobile-Security-Framework-MobSF" SUPPORTED_OS = ["linux", "macos"] class Frida(HackingTool): TITLE = "Frida (Dynamic Instrumentation)" DESCRIPTION = "Dynamic instrumentation toolkit for runtime hooking on Android, iOS, Windows, macOS, Linux." INSTALL_COMMANDS = ["pip install --user frida-tools"] RUN_COMMANDS = ["frida --help"] PROJECT_URL = "https://github.com/frida/frida" SUPPORTED_OS = ["linux", "macos"] class Objection(HackingTool): TITLE = "Objection (Mobile Runtime Exploration)" DESCRIPTION = "Runtime mobile exploration toolkit powered by Frida — no jailbreak/root required." INSTALL_COMMANDS = ["pip install --user objection"] RUN_COMMANDS = ["objection --help"] PROJECT_URL = "https://github.com/sensepost/objection" SUPPORTED_OS = ["linux", "macos"] class MobileSecurityTools(HackingToolsCollection): TITLE = "Mobile Security Tools" DESCRIPTION = "Tools for Android/iOS application security testing and analysis." TOOLS = [ MobSF(), Frida(), Objection(), ] ================================================ FILE: tools/other_tools.py ================================================ import os import subprocess from core import HackingTool, HackingToolsCollection, console from tools.others.android_attack import AndroidAttackTools from tools.others.email_verifier import EmailVerifyTools from tools.others.hash_crack import HashCrackingTools from tools.others.homograph_attacks import IDNHomographAttackTools from tools.others.mix_tools import MixTools from tools.others.payload_injection import PayloadInjectorTools from tools.others.socialmedia import SocialMediaBruteforceTools from tools.others.socialmedia_finder import SocialMediaFinderTools from tools.others.web_crawling import WebCrawlingTools from tools.others.wifi_jamming import WifiJammingTools from rich.panel import Panel from rich.prompt import Prompt class HatCloud(HackingTool): TITLE = "HatCloud(Bypass CloudFlare for IP)" DESCRIPTION = "HatCloud build in Ruby. It makes bypass in CloudFlare for " \ "discover real IP." INSTALL_COMMANDS = ["git clone https://github.com/HatBashBR/HatCloud.git"] PROJECT_URL = "https://github.com/HatBashBR/HatCloud" def run(self): from config import get_tools_dir from rich.prompt import Prompt site = Prompt.ask("Enter Site") # Bug 3 fix: os.chdir() replaced with cwd= parameter subprocess.run( ["sudo", "ruby", "hatcloud.rb", "-b", site], cwd=str(get_tools_dir() / "HatCloud"), ) class OtherTools(HackingToolsCollection): TITLE = "Other tools" TOOLS = [ SocialMediaBruteforceTools(), AndroidAttackTools(), HatCloud(), IDNHomographAttackTools(), EmailVerifyTools(), HashCrackingTools(), WifiJammingTools(), SocialMediaFinderTools(), PayloadInjectorTools(), WebCrawlingTools(), MixTools() ] if __name__ == "__main__": tools = OtherTools() tools.show_options() ================================================ FILE: tools/others/__init__.py ================================================ ================================================ FILE: tools/others/android_attack.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class Keydroid(HackingTool): TITLE = "Keydroid" DESCRIPTION = "Android Keylogger + Reverse Shell\n" \ "[!] You have to install Some Manually Refer Below Link:\n " \ "[+] https://github.com/F4dl0/keydroid" SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["git clone https://github.com/F4dl0/keydroid.git"] RUN_COMMANDS = ["cd keydroid && bash keydroid.sh"] PROJECT_URL = "https://github.com/F4dl0/keydroid" class MySMS(HackingTool): TITLE = "MySMS" DESCRIPTION = "Script that generates an Android App to hack SMS through WAN \n" \ "[!] You have to install Some Manually Refer Below Link:\n\t " \ "[+] https://github.com/papusingh2sms/mysms" SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "git clone https://github.com/papusingh2sms/mysms.git"] RUN_COMMANDS = ["cd mysms && bash mysms.sh"] PROJECT_URL = "https://github.com/papusingh2sms/mysms" class LockPhish(HackingTool): TITLE = "Lockphish (Grab target LOCK PIN)" DESCRIPTION = "Lockphish it's the first tool for phishing attacks on the " \ "lock screen, designed to\n Grab Windows credentials,Android" \ " PIN and iPhone Passcode using a https link." SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "git clone https://github.com/JasonJerry/lockphish.git"] RUN_COMMANDS = ["cd lockphish && bash lockphish.sh"] PROJECT_URL = "https://github.com/JasonJerry/lockphish" class Droidcam(HackingTool): TITLE = "DroidCam (Capture Image)" DESCRIPTION = "Powerful Tool For Grab Front Camera Snap Using A Link" SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ # Bug 16 fix: missing comma caused two strings to be implicitly concatenated into one "git clone https://github.com/kinghacker0/WishFish.git", "sudo apt install -y php wget openssh-client", ] RUN_COMMANDS = ["cd WishFish && sudo bash wishfish.sh"] PROJECT_URL = "https://github.com/kinghacker0/WishFish" class EvilApp(HackingTool): TITLE = "EvilApp (Hijack Session)" DESCRIPTION = "EvilApp is a script to generate Android App that can " \ "hijack authenticated sessions in cookies." SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "git clone https://github.com/crypticterminal/EvilApp.git"] RUN_COMMANDS = ["cd EvilApp && bash evilapp.sh"] PROJECT_URL = "https://github.com/crypticterminal/EvilApp" class AndroidAttackTools(HackingToolsCollection): TITLE = "Android Hacking tools" TOOLS = [ Keydroid(), MySMS(), LockPhish(), Droidcam(), EvilApp() ] if __name__ == "__main__": tools = AndroidAttackTools() tools.show_options() ================================================ FILE: tools/others/email_verifier.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt class KnockMail(HackingTool): TITLE = "Knockmail" DESCRIPTION = "KnockMail Tool Verify If Email Exists" INSTALL_COMMANDS = [ "git clone https://github.com/heywoodlh/KnockMail.git", "cd KnockMail;sudo pip3 install -r requirements.txt" ] RUN_COMMANDS = ["cd KnockMail;python3 knockmail.py"] PROJECT_URL = "https://github.com/heywoodlh/KnockMail" class EmailVerifyTools(HackingToolsCollection): TITLE = "Email Verify tools" TOOLS = [KnockMail()] if __name__ == "__main__": tools = EmailVerifyTools() tools.show_options() ================================================ FILE: tools/others/hash_crack.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class HashBuster(HackingTool): TITLE = "Hash Buster" DESCRIPTION = "Features: \n " \ "Automatic hash type identification \n " \ "Supports MD5, SHA1, SHA256, SHA384, SHA512" INSTALL_COMMANDS = [ "git clone https://github.com/s0md3v/Hash-Buster.git", "cd Hash-Buster;make install" ] RUN_COMMANDS = ["buster -h"] PROJECT_URL = "https://github.com/s0md3v/Hash-Buster" class HashCrackingTools(HackingToolsCollection): TITLE = "Hash cracking tools" TOOLS = [HashBuster()] if __name__ == "__main__": tools = HashCrackingTools() tools.show_options() ================================================ FILE: tools/others/homograph_attacks.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class EvilURL(HackingTool): TITLE = "EvilURL" DESCRIPTION = "Generate unicode evil domains for IDN Homograph Attack " \ "and detect them." INSTALL_COMMANDS = ["git clone https://github.com/UndeadSec/EvilURL.git"] RUN_COMMANDS = ["cd EvilURL;python3 evilurl.py"] PROJECT_URL = "https://github.com/UndeadSec/EvilURL" class IDNHomographAttackTools(HackingToolsCollection): TITLE = "IDN Homograph Attack" TOOLS = [EvilURL()] if __name__ == "__main__": tools = IDNHomographAttackTools() tools.show_options() ================================================ FILE: tools/others/mix_tools.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class TerminalMultiplexer(HackingTool): TITLE = "Terminal Multiplexer" DESCRIPTION = ( "Terminal Multiplexer (tilix) is a tiling terminal emulator that " "allows opening several terminal sessions inside one window." ) # Bug 19 fix: tilix is a Debian/Ubuntu package only — mark Linux-only INSTALL_COMMANDS = ["sudo apt-get install -y tilix"] SUPPORTED_OS = ["linux"] def __init__(self): # Py3-4 fix: super(TerminalMultiplexer, self) → super() super().__init__(runnable=False) class Crivo(HackingTool): TITLE = "Crivo" DESCRIPTION = ( "A tool for extracting and filtering URLs, IPs, domains, and subdomains\n" "from web pages or text, with built-in web scraping capabilities.\n" "See: python3 crivo_cli.py -h" ) INSTALL_COMMANDS = [ "git clone https://github.com/GMDSantana/crivo.git", # Bug 18 verify: this is correct — cd and pip in same string works "cd crivo && pip install --user -r requirements.txt", ] PROJECT_URL = "https://github.com/GMDSantana/crivo" def __init__(self): # Py3-4 fix: super(Crivo, self) → super() super().__init__(runnable=False) class MixTools(HackingToolsCollection): TITLE = "Mix tools" TOOLS = [ TerminalMultiplexer(), Crivo() ] if __name__ == "__main__": tools = MixTools() tools.show_options() ================================================ FILE: tools/others/payload_injection.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class DebInject(HackingTool): TITLE = "Debinject" DESCRIPTION = "Debinject is a tool that inject malicious code into *.debs" INSTALL_COMMANDS = [ "git clone https://github.com/UndeadSec/Debinject.git"] RUN_COMMANDS = ["cd Debinject;python debinject.py"] PROJECT_URL = "https://github.com/UndeadSec/Debinject" class Pixload(HackingTool): TITLE = "Pixload" DESCRIPTION = "Pixload -- Image Payload Creating tools \n " \ "Pixload is Set of tools for creating/injecting payload into images." INSTALL_COMMANDS = [ "sudo apt install libgd-perl libimage-exiftool-perl libstring-crc32-perl", "git clone https://github.com/chinarulezzz/pixload.git" ] PROJECT_URL = "https://github.com/chinarulezzz/pixload" def __init__(self): super().__init__(runnable = False) class PayloadInjectorTools(HackingToolsCollection): TITLE = "Payload Injector" TOOLS = [ DebInject(), Pixload() ] if __name__ == "__main__": tools = PayloadInjectorTools() tools.show_options() ================================================ FILE: tools/others/socialmedia.py ================================================ import contextlib import os import subprocess from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class InstaBrute(HackingTool): TITLE = "Instagram Attack" DESCRIPTION = "Brute force attack against Instagram" PROJECT_URL = "https://github.com/chinoogawa/instaBrute" # Py3-7: Python 2 only (pip2.7); also violates Instagram ToS ARCHIVED = True ARCHIVED_REASON = "Python 2 only — EOL January 2020. Repo unmaintained since 2017." INSTALL_COMMANDS = [] RUN_COMMANDS = [] def __init__(self): super().__init__(installable=False, runnable=False) class BruteForce(HackingTool): TITLE = "AllinOne SocialMedia Attack" DESCRIPTION = "Brute_Force_Attack Gmail Hotmail Twitter Facebook Netflix \n" \ "[!] python3 Brute_Force.py -g -l " INSTALL_COMMANDS = [ "git clone https://github.com/Matrix07ksa/Brute_Force.git", "cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize" ] RUN_COMMANDS = ["cd Brute_Force;python3 Brute_Force.py -h"] PROJECT_URL = "https://github.com/Matrix07ksa/Brute_Force" class Faceshell(HackingTool): TITLE = "Facebook Attack" DESCRIPTION = "Facebook BruteForcer" INSTALL_COMMANDS = [ "git clone https://github.com/Matrix07ksa/Brute_Force.git", "cd Brute_Force;sudo pip3 install proxylist;pip3 install mechanize" ] PROJECT_URL = "https://github.com/Matrix07ksa/Brute_Force" def run(self): from config import get_tools_dir name = Prompt.ask("Enter Username") wordlist = Prompt.ask("Enter Wordlist path") # Bug 3 fix: os.chdir() replaced with cwd= parameter subprocess.run( ["python3", "Brute_Force.py", "-f", name, "-l", wordlist], cwd=str(get_tools_dir() / "Brute_Force"), ) class AppCheck(HackingTool): TITLE = "Application Checker" DESCRIPTION = "Tool to check if an app is installed on the target device through a link." INSTALL_COMMANDS = [ "git clone https://github.com/jakuta-tech/underhanded.git", "cd underhanded && sudo chmod +x underhanded.sh" ] RUN_COMMANDS = ["cd underhanded;sudo bash underhanded.sh"] PROJECT_URL = "https://github.com/jakuta-tech/underhanded" class SocialMediaBruteforceTools(HackingToolsCollection): TITLE = "SocialMedia Bruteforce" TOOLS = [ InstaBrute(), BruteForce(), Faceshell(), AppCheck() ] if __name__ == "__main__": tools = SocialMediaBruteforceTools() tools.show_options() ================================================ FILE: tools/others/socialmedia_finder.py ================================================ import os import subprocess from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class FacialFind(HackingTool): TITLE = "Find SocialMedia By Facial Recognation System" DESCRIPTION = "A Social Media Mapping Tool that correlates profiles\n " \ "via facial recognition across different sites." INSTALL_COMMANDS = [ "sudo apt install -y software-properties-common", "sudo add-apt-repository ppa:mozillateam/firefox-next && sudo apt update && sudo apt upgrade", "git clone https://github.com/Greenwolf/social_mapper.git", "sudo apt install -y build-essential cmake libgtk-3-dev libboost-all-dev", "cd social_mapper/setup", "sudo python3 -m pip install --no-cache-dir -r requirements.txt", 'echo "[!]Now You have To do some Manually\n' '[!] Install the Geckodriver for your operating system\n' '[!] Copy & Paste Link And Download File As System Configuration\n' '[#] https://github.com/mozilla/geckodriver/releases\n' '[!!] On Linux you can place it in /usr/bin "| boxes | lolcat' ] PROJECT_URL = "https://github.com/Greenwolf/social_mapper" def run(self): from config import get_tools_dir import subprocess setup_dir = get_tools_dir() / "social_mapper" / "setup" subprocess.run(["python3", "social_mapper.py", "-h"], cwd=str(setup_dir)) console.print( "[bold magenta]Set username and password in social_mapper.py before running.[/]\n" "[magenta]Usage: python social_mapper.py -f -i -m fast -fb -tw[/]" ) class FindUser(HackingTool): TITLE = "Find SocialMedia By UserName" DESCRIPTION = "Find usernames across over 75 social networks" INSTALL_COMMANDS = [ "git clone https://github.com/xHak9x/finduser.git", "cd finduser && sudo chmod +x finduser.sh" ] RUN_COMMANDS = ["cd finduser && sudo bash finduser.sh"] PROJECT_URL = "https://github.com/xHak9x/finduser" class Sherlock(HackingTool): TITLE = "Sherlock" DESCRIPTION = "Hunt down social media accounts by username across social networks \n " \ "For More Usage \n" \ "\t >>python3 sherlock --help" INSTALL_COMMANDS = [ "git clone https://github.com/sherlock-project/sherlock.git", "cd sherlock;sudo python3 -m pip install -r requirements.txt" ] PROJECT_URL = "https://github.com/sherlock-project/sherlock" def run(self): from config import get_tools_dir from rich.prompt import Prompt name = Prompt.ask("Enter Username") # Bug 3 fix: os.chdir() replaced with cwd= parameter subprocess.run( ["python3", "sherlock", name], cwd=str(get_tools_dir() / "sherlock"), ) class SocialScan(HackingTool): TITLE = "SocialScan | Username or Email" DESCRIPTION = "Check email address and username availability on online " \ "platforms with 100% accuracy" INSTALL_COMMANDS = ["pip install --user socialscan"] PROJECT_URL = "https://github.com/iojw/socialscan" def run(self): name = input( "Enter Username or Emailid (if both then please space between email & username) >> ") subprocess.run(["sudo", "socialscan", f"{name}"]) class SocialMediaFinderTools(HackingToolsCollection): TITLE = "SocialMedia Finder" TOOLS = [ FacialFind(), FindUser(), Sherlock(), SocialScan() ] if __name__ == "__main__": tools = SocialMediaFinderTools() tools.show_options() ================================================ FILE: tools/others/web_crawling.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class GoSpider(HackingTool): TITLE = "Gospider" DESCRIPTION = "Gospider - Fast web spider written in Go" INSTALL_COMMANDS = ["sudo go get -u github.com/jaeles-project/gospider"] PROJECT_URL = "https://github.com/jaeles-project/gospider" def __init__(self): super().__init__(runnable = False) class WebCrawlingTools(HackingToolsCollection): TITLE = "Web crawling" TOOLS = [GoSpider()] if __name__ == "__main__": tools = WebCrawlingTools() tools.show_options() ================================================ FILE: tools/others/wifi_jamming.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt from rich import box class WifiJammerNG(HackingTool): TITLE = "WifiJammer-NG" DESCRIPTION = "Continuously jam all wifi clients and access points within range." SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True INSTALL_COMMANDS = [ "git clone https://github.com/MisterBianco/wifijammer-ng.git", "cd wifijammer-ng;pip install --user -r requirements.txt" ] RUN_COMMANDS = [ "cd wifijammer-ng && sudo python3 wifijammer.py --help", ] PROJECT_URL = "https://github.com/MisterBianco/wifijammer-ng" class KawaiiDeauther(HackingTool): TITLE = "KawaiiDeauther" DESCRIPTION = "Kawaii Deauther is a pentest toolkit whose goal is to perform \n " \ "jam on WiFi clients/routers and spam many fake AP for testing purposes." SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True INSTALL_COMMANDS = [ "git clone https://github.com/aryanrtm/KawaiiDeauther.git", "cd KawaiiDeauther;sudo bash install.sh" ] RUN_COMMANDS = ["cd KawaiiDeauther;sudo bash KawaiiDeauther.sh"] PROJECT_URL = "https://github.com/aryanrtm/KawaiiDeauther" class WifiJammingTools(HackingToolsCollection): TITLE = "Wifi Deauthenticate" TOOLS = [ WifiJammerNG(), KawaiiDeauther() ] if __name__ == "__main__": tools = WifiJammingTools() tools.show_options() ================================================ FILE: tools/payload_creator.py ================================================ import os import subprocess from core import HackingTool, HackingToolsCollection, console class TheFatRat(HackingTool): TITLE = "The FatRat" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "TheFatRat provides an easy way to create backdoors and payloads " "which can bypass most anti-virus." ) INSTALL_COMMANDS = [ "git clone https://github.com/Screetsec/TheFatRat.git", "cd TheFatRat && chmod +x setup.sh", ] RUN_COMMANDS = ["cd TheFatRat && sudo bash setup.sh"] PROJECT_URL = "https://github.com/Screetsec/TheFatRat" def __init__(self): super().__init__([ ("Update", self.update), ("Troubleshoot", self.troubleshoot), ]) def update(self): from config import get_tools_dir cwd = str(get_tools_dir() / "TheFatRat") subprocess.run(["bash", "update"], cwd=cwd) subprocess.run(["chmod", "+x", "setup.sh"], cwd=cwd) subprocess.run(["bash", "setup.sh"], cwd=cwd) def troubleshoot(self): from config import get_tools_dir cwd = str(get_tools_dir() / "TheFatRat") subprocess.run(["chmod", "+x", "chk_tools"], cwd=cwd) subprocess.run(["./chk_tools"], cwd=cwd) class Brutal(HackingTool): TITLE = "Brutal" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "Brutal is a toolkit to quickly create various payloads, powershell attacks, " "virus attacks and launch listener for a Human Interface Device." ) INSTALL_COMMANDS = [ "git clone https://github.com/Screetsec/Brutal.git", "cd Brutal && chmod +x Brutal.sh", ] RUN_COMMANDS = ["cd Brutal && sudo bash Brutal.sh"] PROJECT_URL = "https://github.com/Screetsec/Brutal" def show_info(self): super().show_info() console.print( "[bold cyan]Requirements:[/bold cyan]\n" " - Arduino Software (v1.6.7+)\n" " - TeensyDuino\n" " - Linux udev rules\n" " See: https://github.com/Screetsec/Brutal/wiki/Install-Requirements" ) class Stitch(HackingTool): TITLE = "Stitch" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "Stitch is a Cross Platform Python Remote Administrator Tool.\n" "[!] Refer to the project link for Windows & macOS support." ) INSTALL_COMMANDS = [ "git clone https://github.com/nathanlopez/Stitch.git", "cd Stitch && pip install --user -r lnx_requirements.txt", ] RUN_COMMANDS = ["cd Stitch && sudo python3 main.py"] PROJECT_URL = "https://nathanlopez.github.io/Stitch" class MSFVenom(HackingTool): TITLE = "MSFvenom Payload Creator" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple " "types of payloads, based on user choice." ) INSTALL_COMMANDS = [ "git clone https://github.com/g0tmi1k/msfpc.git", "cd msfpc && chmod +x msfpc.sh", ] RUN_COMMANDS = ["cd msfpc && sudo bash msfpc.sh -h -v"] PROJECT_URL = "https://github.com/g0tmi1k/msfpc" class Venom(HackingTool): TITLE = "Venom Shellcode Generator" SUPPORTED_OS = ["linux"] DESCRIPTION = "Venom exploits apache2 webserver to deliver LAN payloads via fake webpages." INSTALL_COMMANDS = [ "git clone https://github.com/r00t-3xp10it/venom.git", # Removed "sudo ./venom.sh -u" from install — interactive, runs the tool during install "sudo chmod -R 775 venom*/ && cd venom*/ && cd aux && sudo bash setup.sh", ] RUN_COMMANDS = ["cd venom && sudo ./venom.sh"] PROJECT_URL = "https://github.com/r00t-3xp10it/venom" class Spycam(HackingTool): TITLE = "Spycam" DESCRIPTION = "Generates a Win32 payload that captures webcam images every 1 minute." INSTALL_COMMANDS = [ "git clone https://github.com/indexnotfound404/spycam.git", "cd spycam && bash install.sh && chmod +x spycam", ] RUN_COMMANDS = ["cd spycam && ./spycam"] PROJECT_URL = "https://github.com/indexnotfound404/spycam" class MobDroid(HackingTool): TITLE = "Mob-Droid" SUPPORTED_OS = ["linux"] DESCRIPTION = "Generates metasploit payloads easily without typing long commands." INSTALL_COMMANDS = ["git clone https://github.com/kinghacker0/mob-droid.git"] RUN_COMMANDS = ["cd mob-droid && sudo python3 mob-droid.py"] PROJECT_URL = "https://github.com/kinghacker0/Mob-Droid" class Enigma(HackingTool): TITLE = "Enigma" SUPPORTED_OS = ["linux"] DESCRIPTION = "Enigma is a Multiplatform payload dropper." INSTALL_COMMANDS = ["git clone https://github.com/UndeadSec/Enigma.git"] RUN_COMMANDS = ["cd Enigma && sudo python3 enigma.py"] PROJECT_URL = "https://github.com/UndeadSec/Enigma" class PayloadCreatorTools(HackingToolsCollection): TITLE = "Payload creation tools" # Bug 11 fix: show_options() override was missing `parent` parameter entirely — # the whole override is now deleted and the base class method is used instead. TOOLS = [ TheFatRat(), Brutal(), Stitch(), MSFVenom(), Venom(), Spycam(), MobDroid(), Enigma(), ] if __name__ == "__main__": tools = PayloadCreatorTools() tools.show_options() ================================================ FILE: tools/phishing_attack.py ================================================ import os from core import HackingTool, HackingToolsCollection, console class Autophisher(HackingTool): TITLE = "Autophisher RK" SUPPORTED_OS = ["linux"] DESCRIPTION = "Automated Phishing Toolkit" INSTALL_COMMANDS = [ "git clone https://github.com/CodingRanjith/autophisher.git", ] RUN_COMMANDS = ["cd autophisher && sudo bash autophisher.sh"] PROJECT_URL = "https://github.com/CodingRanjith/autophisher" class Pyphisher(HackingTool): TITLE = "Pyphisher" DESCRIPTION = "Easy to use phishing tool with 77 website templates" # Bug 9 fix: pip must reference the full path, not rely on a no-op "cd" call INSTALL_COMMANDS = [ "git clone https://github.com/KasRoudra/PyPhisher", "pip3 install --user -r PyPhisher/files/requirements.txt", ] RUN_COMMANDS = ["cd PyPhisher && sudo python3 pyphisher.py"] # Bug 8 fix: PROJECT_URL was a git clone command, not a URL PROJECT_URL = "https://github.com/KasRoudra/PyPhisher" class AdvPhishing(HackingTool): TITLE = "AdvPhishing" SUPPORTED_OS = ["linux"] DESCRIPTION = "This is Advance Phishing Tool ! OTP PHISHING" INSTALL_COMMANDS = [ "git clone https://github.com/Ignitetch/AdvPhishing.git", # Vuln 2 fix: chmod 777 → chmod +x "cd AdvPhishing && chmod +x Linux-Setup.sh && bash Linux-Setup.sh", ] RUN_COMMANDS = ["cd AdvPhishing && sudo bash AdvPhishing.sh"] PROJECT_URL = "https://github.com/Ignitetch/AdvPhishing" class Setoolkit(HackingTool): TITLE = "Setoolkit" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "The Social-Engineer Toolkit is an open-source penetration\n" "testing framework designed for social engineering." ) INSTALL_COMMANDS = [ "git clone https://github.com/trustedsec/social-engineer-toolkit/", "cd social-engineer-toolkit && pip install --user .", ] RUN_COMMANDS = ["sudo setoolkit"] PROJECT_URL = "https://github.com/trustedsec/social-engineer-toolkit" class SocialFish(HackingTool): TITLE = "SocialFish" SUPPORTED_OS = ["linux"] DESCRIPTION = "Automated Phishing Tool & Information Collector NOTE: username is 'root' and password is 'pass'" INSTALL_COMMANDS = [ "git clone https://github.com/UndeadSec/SocialFish.git && sudo apt-get install python3 python3-pip python3-dev -y", "cd SocialFish && sudo python3 -m pip install -r requirements.txt", ] RUN_COMMANDS = ["cd SocialFish && sudo python3 SocialFish.py root pass"] PROJECT_URL = "https://github.com/UndeadSec/SocialFish" class HiddenEye(HackingTool): TITLE = "HiddenEye" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services\n" "\t[!] https://github.com/DarkSecDevelopers/HiddenEye" ) INSTALL_COMMANDS = [ # Vuln 2 fix: chmod 777 → chmod 755 "git clone https://github.com/Morsmalleo/HiddenEye.git && chmod -R 755 HiddenEye", "cd HiddenEye && sudo pip3 install -r requirements.txt && pip3 install pyngrok", ] RUN_COMMANDS = ["cd HiddenEye && sudo python3 HiddenEye.py"] PROJECT_URL = "https://github.com/Morsmalleo/HiddenEye" class Evilginx3(HackingTool): TITLE = "Evilginx3" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "evilginx is a man-in-the-middle attack framework used for phishing login credentials\n" "along with session cookies, bypassing 2-factor authentication.\n" "Requires Go >= 1.18 installed." ) # Bug 6 fix: removed 'sudo evilginx' (interactive) from INSTALL_COMMANDS INSTALL_COMMANDS = [ "sudo apt-get install -y git make golang-go", "go install github.com/kgretzky/evilginx/v3@latest", ] RUN_COMMANDS = ["evilginx"] PROJECT_URL = "https://github.com/kgretzky/evilginx2" REQUIRES_GO = True class ISeeYou(HackingTool): TITLE = "I-See_You" SUPPORTED_OS = ["linux"] DESCRIPTION = ( "[!] ISeeYou finds the exact location of a target via social engineering.\n" "[!] Expose local servers to the internet and decode location from log file." ) INSTALL_COMMANDS = [ "git clone https://github.com/Viralmaniar/I-See-You.git", "cd I-See-You && sudo chmod u+x ISeeYou.sh", ] RUN_COMMANDS = ["cd I-See-You && sudo bash ISeeYou.sh"] PROJECT_URL = "https://github.com/Viralmaniar/I-See-You" class SayCheese(HackingTool): TITLE = "SayCheese" SUPPORTED_OS = ["linux"] DESCRIPTION = "Take webcam shots from target just by sending a malicious link" INSTALL_COMMANDS = ["git clone https://github.com/hangetzzu/saycheese"] RUN_COMMANDS = ["cd saycheese && sudo bash saycheese.sh"] PROJECT_URL = "https://github.com/hangetzzu/saycheese" class QRJacking(HackingTool): TITLE = "QR Code Jacking" SUPPORTED_OS = ["linux"] DESCRIPTION = "QR Code Jacking (Any Website)" INSTALL_COMMANDS = [ "git clone https://github.com/cryptedwolf/ohmyqr.git && sudo apt -y install scrot", ] RUN_COMMANDS = ["cd ohmyqr && sudo bash ohmyqr.sh"] PROJECT_URL = "https://github.com/cryptedwolf/ohmyqr" # Bug 10 fix: WifiPhisher removed from phishing tools — it belongs in wireless_attack.py class BlackEye(HackingTool): TITLE = "BlackEye" SUPPORTED_OS = ["linux"] DESCRIPTION = "The ultimate phishing tool with 38 websites available!" INSTALL_COMMANDS = [ "git clone https://github.com/thelinuxchoice/blackeye", ] RUN_COMMANDS = ["cd blackeye && sudo bash blackeye.sh"] PROJECT_URL = "https://github.com/An0nUD4Y/blackeye" class ShellPhish(HackingTool): TITLE = "ShellPhish" SUPPORTED_OS = ["linux"] DESCRIPTION = "Phishing Tool for 18 social media" INSTALL_COMMANDS = ["git clone https://github.com/An0nUD4Y/shellphish.git"] RUN_COMMANDS = ["cd shellphish && sudo bash shellphish.sh"] PROJECT_URL = "https://github.com/An0nUD4Y/shellphish" class Thanos(HackingTool): TITLE = "Thanos" SUPPORTED_OS = ["linux"] DESCRIPTION = "Browser to Browser Phishing toolkit" INSTALL_COMMANDS = [ "git clone https://github.com/TridevReddy/Thanos.git", # Vuln 2 fix: chmod -R 777 → chmod +x "cd Thanos && chmod +x Thanos.sh", ] RUN_COMMANDS = ["cd Thanos && sudo bash Thanos.sh"] PROJECT_URL = "https://github.com/TridevReddy/Thanos" class QRLJacking(HackingTool): TITLE = "QRLJacking" DESCRIPTION = "QRLJacking — session hijacking attack vector targeting QR code based login" INSTALL_COMMANDS = [ "git clone https://github.com/OWASP/QRLJacking.git", # Bug fix: geckodriver must be fetched as a binary, not cloned from source "GECKO_VER=$(curl -s https://api.github.com/repos/mozilla/geckodriver/releases/latest | grep tag_name | cut -d '\"' -f4) && " "wget -q https://github.com/mozilla/geckodriver/releases/download/$GECKO_VER/geckodriver-$GECKO_VER-linux64.tar.gz -O /tmp/geckodriver.tar.gz && " "tar -xzf /tmp/geckodriver.tar.gz -C /tmp && sudo mv /tmp/geckodriver /usr/local/bin/", "cd QRLJacking && pip3 install --user -r QRLJacker/requirements.txt", ] RUN_COMMANDS = ["cd QRLJacking/QRLJacker && python3 QrlJacker.py"] PROJECT_URL = "https://github.com/OWASP/QRLJacking" class Maskphish(HackingTool): TITLE = "Maskphish" SUPPORTED_OS = ["linux"] DESCRIPTION = "Hide phishing URL under a normal looking URL (google.com or facebook.com)" INSTALL_COMMANDS = [ "git clone https://github.com/jaykali/maskphish.git", ] RUN_COMMANDS = ["cd maskphish && sudo bash maskphish.sh"] PROJECT_URL = "https://github.com/jaykali/maskphish" class BlackPhish(HackingTool): TITLE = "BlackPhish" SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "git clone https://github.com/iinc0gnit0/BlackPhish.git", "cd BlackPhish && sudo bash install.sh", ] RUN_COMMANDS = ["cd BlackPhish && sudo python3 blackphish.py"] PROJECT_URL = "https://github.com/iinc0gnit0/BlackPhish" def __init__(self): # Bug fix: super() Python 3 style super().__init__([("Update", self.update)]) def update(self): import subprocess from config import get_tools_dir subprocess.run(["bash", "update.sh"], cwd=str(get_tools_dir() / "BlackPhish")) class Dnstwist(HackingTool): # Bug 2 fix: all attributes were wrong case (Title, Install_commands, etc.) # They are now the correct uppercase names the base class reads. TITLE = "dnstwist" DESCRIPTION = "Domain name permutation engine for detecting typosquatting, phishing and brand impersonation" INSTALL_COMMANDS = ["pip3 install --user dnstwist"] RUN_COMMANDS = ["dnstwist --help"] PROJECT_URL = "https://github.com/elceef/dnstwist" class PhishingAttackTools(HackingToolsCollection): TITLE = "Phishing attack tools" TOOLS = [ Autophisher(), Pyphisher(), AdvPhishing(), Setoolkit(), SocialFish(), HiddenEye(), Evilginx3(), ISeeYou(), SayCheese(), QRJacking(), BlackEye(), ShellPhish(), Thanos(), QRLJacking(), BlackPhish(), Maskphish(), Dnstwist(), ] if __name__ == "__main__": tools = PhishingAttackTools() tools.show_options() ================================================ FILE: tools/post_exploitation.py ================================================ import os from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt class Vegile(HackingTool): TITLE = "Vegile - Ghost In The Shell" SUPPORTED_OS = ["linux"] DESCRIPTION = "This tool will set up your backdoor/rootkits when " \ "backdoor is already setup it will be \n" \ "hidden your specific process,unlimited your session in " \ "metasploit and transparent." INSTALL_COMMANDS = [ "git clone https://github.com/Screetsec/Vegile.git", "cd Vegile && sudo chmod +x Vegile" ] RUN_COMMANDS = ["cd Vegile && sudo bash Vegile"] PROJECT_URL = "https://github.com/Screetsec/Vegile" def before_run(self): console.print( "[bold magenta]Vegile commands:[/]\n" " Vegile -i / --inject [backdoor/rootkit]\n" " Vegile -u / --unlimited [backdoor/rootkit]\n" " Vegile -h / --help" ) class ChromeKeyLogger(HackingTool): TITLE = "Chrome Keylogger" SUPPORTED_OS = ["linux"] DESCRIPTION = "Hera Chrome Keylogger" INSTALL_COMMANDS = [ "git clone https://github.com/UndeadSec/HeraKeylogger.git", "cd HeraKeylogger && sudo apt-get install python3-pip -y && sudo pip3 install -r requirements.txt" ] RUN_COMMANDS = ["cd HeraKeylogger && sudo python3 hera.py"] PROJECT_URL = "https://github.com/UndeadSec/HeraKeylogger" class PwncatCS(HackingTool): TITLE = "pwncat-cs (Reverse Shell Handler)" DESCRIPTION = ( "Post-exploitation platform — manages reverse/bind shells with automation.\n" "Handles file upload/download, persistence, privilege escalation.\n" "Usage: pwncat-cs -lp 4444" ) SUPPORTED_OS = ["linux", "macos"] INSTALL_COMMANDS = ["pip install --user pwncat-cs"] RUN_COMMANDS = ["pwncat-cs --help"] PROJECT_URL = "https://github.com/calebstewart/pwncat" class Sliver(HackingTool): TITLE = "Sliver (C2 Framework)" DESCRIPTION = "Cross-platform adversary emulation/red team C2 framework — mTLS, HTTP(S), DNS, WireGuard." INSTALL_COMMANDS = [ "curl -sSf https://sliver.sh/install -o /tmp/sliver-install.sh", "sudo bash /tmp/sliver-install.sh", ] RUN_COMMANDS = ["sliver --help"] PROJECT_URL = "https://github.com/BishopFox/sliver" SUPPORTED_OS = ["linux", "macos"] class Havoc(HackingTool): TITLE = "Havoc (C2 Framework)" DESCRIPTION = "Modern post-exploitation C2 framework with EDR evasion. Cobalt Strike alternative." SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "git clone https://github.com/HavocFramework/Havoc.git", "cd Havoc && make", ] RUN_COMMANDS = ["cd Havoc && ./havoc --help"] PROJECT_URL = "https://github.com/HavocFramework/Havoc" SUPPORTED_OS = ["linux"] class PEASSng(HackingTool): TITLE = "PEASS-ng — LinPEAS/WinPEAS (Priv Esc)" DESCRIPTION = "Privilege escalation enumeration scripts for Linux and Windows." INSTALL_COMMANDS = [ "curl -sSL https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh -o linpeas.sh", "chmod +x linpeas.sh", ] RUN_COMMANDS = ["./linpeas.sh --help"] PROJECT_URL = "https://github.com/peass-ng/PEASS-ng" class LigoloNg(HackingTool): TITLE = "Ligolo-ng (Tunneling/Pivoting)" DESCRIPTION = "Advanced tunneling/pivoting tool using TUN interfaces — no SOCKS needed." REQUIRES_GO = True INSTALL_COMMANDS = [ "go install github.com/nicocha30/ligolo-ng@latest", ] RUN_COMMANDS = ["ligolo-ng --help"] PROJECT_URL = "https://github.com/nicocha30/ligolo-ng" SUPPORTED_OS = ["linux", "macos"] class ChiselTunnel(HackingTool): TITLE = "Chisel (HTTP Tunnel)" DESCRIPTION = "Fast TCP/UDP tunnel over HTTP, secured via SSH — pivoting and port forwarding." REQUIRES_GO = True INSTALL_COMMANDS = [ "go install github.com/jpillora/chisel@latest", ] RUN_COMMANDS = ["chisel --help"] PROJECT_URL = "https://github.com/jpillora/chisel" class EvilWinRM(HackingTool): TITLE = "Evil-WinRM (Windows Remote Shell)" DESCRIPTION = "Ultimate WinRM shell for hacking/pentesting Windows machines." REQUIRES_RUBY = True INSTALL_COMMANDS = ["gem install evil-winrm"] RUN_COMMANDS = ["evil-winrm --help"] PROJECT_URL = "https://github.com/Hackplayers/evil-winrm" SUPPORTED_OS = ["linux"] class Mythic(HackingTool): TITLE = "Mythic (C2 Platform)" DESCRIPTION = "Collaborative, multi-payload C2 platform designed for red team operations." REQUIRES_DOCKER = True INSTALL_COMMANDS = [ "git clone https://github.com/its-a-feature/Mythic.git", "cd Mythic && sudo make", ] RUN_COMMANDS = ["cd Mythic && sudo ./mythic-cli start"] PROJECT_URL = "https://github.com/its-a-feature/Mythic" SUPPORTED_OS = ["linux"] class PostExploitationTools(HackingToolsCollection): TITLE = "Post exploitation tools" TOOLS = [ Vegile(), ChromeKeyLogger(), PwncatCS(), Sliver(), Havoc(), PEASSng(), LigoloNg(), ChiselTunnel(), EvilWinRM(), Mythic(), ] if __name__ == "__main__": tools = PostExploitationTools() tools.show_options() ================================================ FILE: tools/remote_administration.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt # Bug 17 fix: Stitch was defined in both payload_creator.py and remote_administration.py. # It is kept in payload_creator.py (its correct category) and removed from here. class Pyshell(HackingTool): TITLE = "Pyshell" DESCRIPTION = "Pyshell is a Rat Tool that can be able to download & upload " \ "files,\n Execute OS Command and more.." INSTALL_COMMANDS = [ "git clone https://github.com/knassar702/Pyshell.git;" "pip install --user pyscreenshot python-nmap requests" ] RUN_COMMANDS = ["cd Pyshell;./Pyshell"] PROJECT_URL = "https://github.com/knassar702/pyshell" class RemoteAdministrationTools(HackingToolsCollection): TITLE = "Remote Administrator Tools (RAT)" TOOLS = [ Pyshell() ] if __name__ == "__main__": tools = RemoteAdministrationTools() tools.show_options() ================================================ FILE: tools/reverse_engineering.py ================================================ import subprocess from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt class AndroGuard(HackingTool): TITLE = "Androguard" DESCRIPTION = "Androguard is a Reverse engineering, Malware and goodware " \ "analysis of Android applications and more" INSTALL_COMMANDS = ["sudo pip3 install -U androguard"] PROJECT_URL = "https://github.com/androguard/androguard " def __init__(self): super().__init__(runnable=False) class Apk2Gold(HackingTool): TITLE = "Apk2Gold" SUPPORTED_OS = ["linux"] DESCRIPTION = "Apk2Gold is a CLI tool for decompiling Android apps to Java" INSTALL_COMMANDS = [ "git clone https://github.com/lxdvs/apk2gold.git", "cd apk2gold;sudo bash make.sh" ] PROJECT_URL = "https://github.com/lxdvs/apk2gold " def run(self): uinput = input("Enter (.apk) File >> ") subprocess.run(["sudo", "apk2gold", uinput]) class Jadx(HackingTool): TITLE = "JadX" DESCRIPTION = "Jadx is Dex to Java decompiler.\n" \ "[*] decompile Dalvik bytecode to java classes from APK, dex," \ " aar and zip files\n" \ "[*] decode AndroidManifest.xml and other resources from " \ "resources.arsc" INSTALL_COMMANDS = [ "git clone https://github.com/skylot/jadx.git", # Bug 30 fix: gradlew dist requires Java — check first "java -version 2>&1 | grep -q 'version' && cd jadx && ./gradlew dist || echo '[ERROR] Java not found. Install: sudo apt install default-jdk'", ] PROJECT_URL = "https://github.com/skylot/jadx" REQUIRES_JAVA = True def __init__(self): # Py3-4 fix: super(Jadx, self) → super() super().__init__(runnable=False) class Ghidra(HackingTool): TITLE = "Ghidra (NSA Reverse Engineering)" DESCRIPTION = "NSA's software reverse engineering framework — disassembly, decompilation, scripting." REQUIRES_JAVA = True INSTALL_COMMANDS = [ "sudo apt-get install -y ghidra || echo 'Download from https://ghidra-sre.org/'", ] RUN_COMMANDS = ["ghidra --help || echo 'Run: ghidraRun'"] PROJECT_URL = "https://github.com/NationalSecurityAgency/ghidra" SUPPORTED_OS = ["linux", "macos"] class Radare2(HackingTool): TITLE = "Radare2 (RE Framework)" DESCRIPTION = "Portable UNIX-like reverse engineering framework and command-line toolset." INSTALL_COMMANDS = [ "git clone https://github.com/radareorg/radare2.git", "cd radare2 && sys/install.sh", ] RUN_COMMANDS = ["r2 -h"] PROJECT_URL = "https://github.com/radareorg/radare2" SUPPORTED_OS = ["linux", "macos"] class ReverseEngineeringTools(HackingToolsCollection): TITLE = "Reverse engineering tools" TOOLS = [ AndroGuard(), Apk2Gold(), Jadx(), Ghidra(), Radare2(), ] if __name__ == "__main__": tools = ReverseEngineeringTools() tools.show_options() ================================================ FILE: tools/sql_injection.py ================================================ from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt class Sqlmap(HackingTool): TITLE = "Sqlmap tool" DESCRIPTION = "sqlmap is an open source penetration testing tool that " \ "automates the process of detecting and exploiting SQL injection flaws " \ "and taking over database servers. [!] python3 sqlmap.py -u [http://example.com] --batch --banner. More usage: https://github.com/sqlmapproject/sqlmap/wiki/Usage" INSTALL_COMMANDS = ["git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev"] RUN_COMMANDS = ["cd sqlmap-dev;python3 sqlmap.py --wizard"] PROJECT_URL = "https://github.com/sqlmapproject/sqlmap" class NoSqlMap(HackingTool): TITLE = "NoSqlMap" DESCRIPTION = "NoSQLMap is an open source Python tool designed to audit and automate injection attacks. [*] Please install MongoDB." INSTALL_COMMANDS = [ "git clone https://github.com/codingo/NoSQLMap.git", # Bug 25 fix: was "python setup.py install" (Python 2) and "python NoSQLMap" "cd NoSQLMap && pip install --user .", ] # Bug 25 fix: "python" → "python3" RUN_COMMANDS = ["python3 -m nosqlmap"] PROJECT_URL = "https://github.com/codingo/NoSQLMap" class SQLiScanner(HackingTool): TITLE = "Damn Small SQLi Scanner" DESCRIPTION = "DSSS is a fully functional SQL injection vulnerability scanner also supporting GET and POST parameters. Usage: python3 dsss.py -h | -u [URL]" INSTALL_COMMANDS = ["git clone https://github.com/stamparm/DSSS.git"] PROJECT_URL = "https://github.com/stamparm/DSSS" def __init__(self): super().__init__(runnable=False) class Explo(HackingTool): TITLE = "Explo" DESCRIPTION = "Explo is a simple tool to describe web security issues in human and machine readable format. Usage: explo [--verbose|-v] testcase.yaml | explo [--verbose|-v] examples/*.yaml" INSTALL_COMMANDS = [ "git clone https://github.com/dtag-dev-sec/explo.git", "cd explo && pip install --user .", ] PROJECT_URL = "https://github.com/dtag-dev-sec/explo" def __init__(self): super().__init__(runnable=False) class Blisqy(HackingTool): TITLE = "Blisqy - Exploit Time-based blind-SQL injection" DESCRIPTION = "Blisqy helps web security researchers find time-based blind SQL injections on HTTP headers and exploit them." INSTALL_COMMANDS = ["git clone https://github.com/JohnTroony/Blisqy.git"] PROJECT_URL = "https://github.com/JohnTroony/Blisqy" def __init__(self): super().__init__(runnable=False) class Leviathan(HackingTool): TITLE = "Leviathan - Wide Range Mass Audit Toolkit" DESCRIPTION = "Leviathan is a mass audit toolkit with service discovery, brute force, SQL injection detection, and custom exploit capabilities. Requires API keys." INSTALL_COMMANDS = ["git clone https://github.com/leviathan-framework/leviathan.git", "cd leviathan;pip install --user -r requirements.txt"] RUN_COMMANDS = ["cd leviathan;python leviathan.py"] PROJECT_URL = "https://github.com/leviathan-framework/leviathan" class SQLScan(HackingTool): TITLE = "SQLScan" DESCRIPTION = "SQLScan is a quick web scanner to find SQL injection points. Not for educational purposes." INSTALL_COMMANDS = ["sudo apt install php php-bz2 php-curl php-mbstring curl", "sudo curl https://raw.githubusercontent.com/Cvar1984/sqlscan/dev/build/main.phar --output /usr/local/bin/sqlscan", "chmod +x /usr/local/bin/sqlscan"] RUN_COMMANDS = ["sudo sqlscan"] PROJECT_URL = "https://github.com/Cvar1984/sqlscan" class SqlInjectionTools(HackingToolsCollection): TITLE = "SQL Injection Tools" TOOLS = [Sqlmap(), NoSqlMap(), SQLiScanner(), Explo(), Blisqy(), Leviathan(), SQLScan()] if __name__ == "__main__": tools = SqlInjectionTools() tools.show_options() ================================================ FILE: tools/steganography.py ================================================ import subprocess from core import HackingTool, HackingToolsCollection, console from core import validate_input from rich.panel import Panel from rich.prompt import Prompt class SteganoHide(HackingTool): TITLE = "SteganoHide" INSTALL_COMMANDS = ["sudo apt-get install steghide -y"] def run(self): choice_run = input( "[1] Hide\n" "[2] Extract\n" "[99]Cancel\n" ">> " ) choice_run = validate_input(choice_run, [1, 2, 99]) if choice_run is None: console.print("[bold red]Please choose a valid input[/bold red]") return self.run() if choice_run == 99: return if choice_run == 1: file_hide = input("Enter Filename to Embed (1.txt) >> ") file_to_be_hide = input("Enter Cover Filename (test.jpeg) >> ") subprocess.run(["steghide", "embed", "-cf", file_to_be_hide, "-ef", file_hide]) elif choice_run == 2: from_file = input("Enter Filename to Extract Data From >> ") subprocess.run(["steghide", "extract", "-sf", from_file]) class StegnoCracker(HackingTool): TITLE = "StegnoCracker" DESCRIPTION = "SteganoCracker uncovers hidden data inside files using brute-force utility" INSTALL_COMMANDS = ["pip3 install stegcracker && pip3 install stegcracker -U --force-reinstall"] def run(self): filename = input("Enter Filename >> ") passfile = input("Enter Wordlist Filename >> ") subprocess.run(["stegcracker", filename, passfile]) class StegoCracker(HackingTool): TITLE = "StegoCracker" DESCRIPTION = "StegoCracker lets you hide and retrieve data in image or audio files" INSTALL_COMMANDS = [ "git clone https://github.com/W1LDN16H7/StegoCracker.git", "sudo chmod -R 755 StegoCracker" ] RUN_COMMANDS = [ "cd StegoCracker && python3 -m pip install -r requirements.txt", "./install.sh" ] PROJECT_URL = "https://github.com/W1LDN16H7/StegoCracker" class Whitespace(HackingTool): TITLE = "Whitespace" DESCRIPTION = "Use whitespace and unicode characters for steganography" INSTALL_COMMANDS = [ "git clone https://github.com/beardog108/snow10.git", "sudo chmod -R 755 snow10" ] RUN_COMMANDS = ["cd snow10 && ./install.sh"] PROJECT_URL = "https://github.com/beardog108/snow10" class SteganographyTools(HackingToolsCollection): TITLE = "Steganography Tools" TOOLS = [SteganoHide(), StegnoCracker(), StegoCracker(), Whitespace()] if __name__ == "__main__": tools = SteganographyTools() tools.show_options() ================================================ FILE: tools/tool_manager.py ================================================ import os import sys import subprocess from time import sleep from rich.prompt import Confirm from core import HackingTool, HackingToolsCollection, console from constants import APP_INSTALL_DIR, APP_BIN_PATH, USER_CONFIG_DIR, REPO_URL class UpdateTool(HackingTool): TITLE = "Update Tool or System" DESCRIPTION = "Update system packages or pull the latest hackingtool code" def __init__(self): super().__init__([ ("Update System", self.update_sys), ("Update Hackingtool", self.update_ht), ], installable=False, runnable=False) def update_sys(self): from os_detect import CURRENT_OS, PACKAGE_UPDATE_CMDS mgr = CURRENT_OS.pkg_manager cmd = PACKAGE_UPDATE_CMDS.get(mgr) if cmd: priv = "" if (CURRENT_OS.system == "macos" or os.geteuid() == 0) else "sudo " # shell=True needed — cmd contains && chains; strings are hardcoded, not user input subprocess.run(f"{priv}{cmd}", shell=True, check=False) else: console.print("[warning]Unknown package manager — update manually.[/warning]") def update_ht(self): if not APP_INSTALL_DIR.exists(): console.print(f"[error]Install directory not found: {APP_INSTALL_DIR}[/error]") console.print("[dim]Run install.py first.[/dim]") return console.print(f"[bold cyan]Pulling latest code from {REPO_URL}...[/bold cyan]") result = subprocess.run( ["git", "pull", "--rebase"], cwd=str(APP_INSTALL_DIR), capture_output=True, text=True, ) if result.returncode != 0: console.print(f"[error]git pull failed:\n{result.stderr}[/error]") return pip = str(APP_INSTALL_DIR / "venv" / "bin" / "pip") if (APP_INSTALL_DIR / "venv" / "bin" / "pip").exists(): subprocess.run([pip, "install", "-q", "-r", str(APP_INSTALL_DIR / "requirements.txt")]) console.print("[success]✔ Hackingtool updated.[/success]") class UninstallTool(HackingTool): TITLE = "Uninstall HackingTool" DESCRIPTION = "Remove hackingtool from system" def __init__(self): super().__init__([ ("Uninstall", self.uninstall), ], installable=False, runnable=False) def uninstall(self): import shutil console.print("[warning]This will remove hackingtool from your system.[/warning]") if not Confirm.ask("Continue?", default=False): return if APP_INSTALL_DIR.exists(): shutil.rmtree(str(APP_INSTALL_DIR)) console.print(f"[success]✔ Removed {APP_INSTALL_DIR}[/success]") else: console.print(f"[dim]{APP_INSTALL_DIR} not found — already removed?[/dim]") if APP_BIN_PATH.exists(): APP_BIN_PATH.unlink() console.print(f"[success]✔ Removed launcher {APP_BIN_PATH}[/success]") if Confirm.ask(f"Also remove user data at {USER_CONFIG_DIR}?", default=False): shutil.rmtree(str(USER_CONFIG_DIR), ignore_errors=True) console.print(f"[success]✔ Removed {USER_CONFIG_DIR}[/success]") console.print("[bold green]Hackingtool uninstalled. Goodbye.[/bold green]") sleep(1) sys.exit(0) class ToolManager(HackingToolsCollection): TITLE = "Update or Uninstall | Hackingtool" TOOLS = [ UpdateTool(), UninstallTool(), ] if __name__ == "__main__": manager = ToolManager() manager.show_options() ================================================ FILE: tools/web_attack.py ================================================ import subprocess from core import HackingTool, HackingToolsCollection, console from rich.panel import Panel from rich.prompt import Prompt class Web2Attack(HackingTool): TITLE = "Web2Attack" DESCRIPTION = "Web hacking framework with tools, exploits by python" INSTALL_COMMANDS = [ "git clone https://github.com/santatic/web2attack.git" ] RUN_COMMANDS = ["cd web2attack && sudo python3 w2aconsole"] PROJECT_URL = "https://github.com/santatic/web2attack" class Skipfish(HackingTool): TITLE = "Skipfish" DESCRIPTION = ( "Skipfish – Fully automated, active web application " "security reconnaissance tool \n " "Usage: skipfish -o [FolderName] targetip/site" ) RUN_COMMANDS = [ "sudo skipfish -h", 'echo "skipfish -o [FolderName] targetip/site"|boxes -d headline | lolcat' ] def __init__(self): super().__init__(installable=False) class SubDomainFinder(HackingTool): TITLE = "SubDomain Finder" DESCRIPTION = ( "Sublist3r is a python tool designed to enumerate " "subdomains of websites using OSINT \n " "Usage:\n\t[1] python3 sublist3r.py -d example.com \n" "[2] python3 sublist3r.py -d example.com -p 80,443" ) INSTALL_COMMANDS = [ "sudo pip3 install requests argparse dnspython", "git clone https://github.com/aboul3la/Sublist3r.git", "cd Sublist3r && sudo pip3 install -r requirements.txt" ] RUN_COMMANDS = ["cd Sublist3r && python3 sublist3r.py -h"] PROJECT_URL = "https://github.com/aboul3la/Sublist3r" class CheckURL(HackingTool): TITLE = "CheckURL" DESCRIPTION = ( "Detect evil urls that uses IDN Homograph Attack.\n\t" "[!] python3 checkURL.py --url google.com" ) INSTALL_COMMANDS = ["git clone https://github.com/UndeadSec/checkURL.git"] RUN_COMMANDS = ["cd checkURL && python3 checkURL.py --help"] PROJECT_URL = "https://github.com/UndeadSec/checkURL" class Blazy(HackingTool): TITLE = "Blazy(Also Find ClickJacking)" DESCRIPTION = "Blazy is a modern login page bruteforcer" INSTALL_COMMANDS = [] RUN_COMMANDS = [] PROJECT_URL = "https://github.com/UltimateHackers/Blazy" ARCHIVED = True ARCHIVED_REASON = "Python 2 only (pip2.7/python2.7). Repo archived/unmaintained." def __init__(self): super().__init__(installable=False, runnable=False) class SubDomainTakeOver(HackingTool): TITLE = "Sub-Domain TakeOver" DESCRIPTION = ( "Sub-domain takeover vulnerability occur when a sub-domain " "\n (subdomain.example.com) is pointing to a service " "(e.g: GitHub, AWS/S3,..)\nthat has been removed or deleted.\n" "Usage:python3 takeover.py -d www.domain.com -v" ) INSTALL_COMMANDS = [ "git clone https://github.com/edoardottt/takeover.git", "cd takeover && pip install --user ." ] PROJECT_URL = "https://github.com/edoardottt/takeover" def __init__(self): super().__init__(runnable=False) class Dirb(HackingTool): TITLE = "Dirb" DESCRIPTION = ( "DIRB is a Web Content Scanner. It looks for existing " "(and/or hidden) Web Objects.\n" "It basically works by launching a dictionary based " "attack against \n a web server and analyzing the response." ) INSTALL_COMMANDS = [ "git clone https://gitlab.com/kalilinux/packages/dirb.git", "cd dirb;sudo bash configure;make" ] PROJECT_URL = "https://gitlab.com/kalilinux/packages/dirb" def run(self): uinput = input("Enter Url >> ") subprocess.run(["sudo", "dirb", uinput]) class Nuclei(HackingTool): TITLE = "Nuclei (Vulnerability Scanner)" DESCRIPTION = ( "Fast, template-based vulnerability scanner used by 50k+ security teams.\n" "Usage: nuclei -u https://example.com" ) REQUIRES_GO = True INSTALL_COMMANDS = [ "go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest", "nuclei -update-templates", ] RUN_COMMANDS = ["nuclei -h"] PROJECT_URL = "https://github.com/projectdiscovery/nuclei" class Ffuf(HackingTool): TITLE = "ffuf (Web Fuzzer)" DESCRIPTION = ( "Fast web fuzzer — content discovery, parameter fuzzing, vhost discovery.\n" "Usage: ffuf -w wordlist.txt -u https://example.com/FUZZ" ) REQUIRES_GO = True INSTALL_COMMANDS = [ "go install -v github.com/ffuf/ffuf/v2@latest", ] RUN_COMMANDS = ["ffuf -h"] PROJECT_URL = "https://github.com/ffuf/ffuf" class Feroxbuster(HackingTool): TITLE = "Feroxbuster (Directory Brute Force)" DESCRIPTION = ( "Fast, recursive content discovery tool written in Rust.\n" "Usage: feroxbuster -u https://example.com -w wordlist.txt" ) SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/main/install-nix.sh " "| sudo bash -s /usr/local/bin", ] RUN_COMMANDS = ["feroxbuster -h"] PROJECT_URL = "https://github.com/epi052/feroxbuster" class Nikto(HackingTool): TITLE = "Nikto (Web Server Scanner)" DESCRIPTION = ( "Scan web servers for dangerous files, outdated software, misconfigurations.\n" "Usage: nikto -h https://example.com" ) SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["sudo apt-get install -y nikto"] RUN_COMMANDS = ["nikto -Help"] PROJECT_URL = "https://github.com/sullo/nikto" class Wafw00f(HackingTool): TITLE = "wafw00f (WAF Detector)" DESCRIPTION = ( "Fingerprint and identify Web Application Firewalls (WAF).\n" "Usage: wafw00f https://example.com" ) INSTALL_COMMANDS = [ "git clone https://github.com/EnableSecurity/wafw00f.git", "cd wafw00f && pip install --user .", ] RUN_COMMANDS = ["wafw00f --help"] PROJECT_URL = "https://github.com/EnableSecurity/wafw00f" class Katana(HackingTool): TITLE = "Katana (Web Crawler)" DESCRIPTION = ( "Next-generation crawling and spidering framework from ProjectDiscovery.\n" "Usage: katana -u https://example.com" ) REQUIRES_GO = True INSTALL_COMMANDS = [ "go install -v github.com/projectdiscovery/katana/cmd/katana@latest", ] RUN_COMMANDS = ["katana -h"] PROJECT_URL = "https://github.com/projectdiscovery/katana" class Gobuster(HackingTool): TITLE = "Gobuster (Dir/DNS/Vhost Brute Force)" DESCRIPTION = "Directory/file, DNS, and vhost brute-forcing tool written in Go." REQUIRES_GO = True INSTALL_COMMANDS = ["go install github.com/OJ/gobuster/v3@latest"] RUN_COMMANDS = ["gobuster --help"] PROJECT_URL = "https://github.com/OJ/gobuster" class Dirsearch(HackingTool): TITLE = "Dirsearch (Web Path Discovery)" DESCRIPTION = "Web path brute-forcing tool for discovering directories and files on web servers." INSTALL_COMMANDS = ["pip install --user dirsearch"] RUN_COMMANDS = ["dirsearch --help"] PROJECT_URL = "https://github.com/maurosoria/dirsearch" class OwaspZap(HackingTool): TITLE = "OWASP ZAP (Web App Scanner)" DESCRIPTION = "Full-featured web application security scanner — proxy, spider, fuzzer, scanner." SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["sudo apt-get install -y zaproxy"] RUN_COMMANDS = ["zaproxy --help"] PROJECT_URL = "https://github.com/zaproxy/zaproxy" class TestSSL(HackingTool): TITLE = "testssl.sh (TLS/SSL Checker)" DESCRIPTION = "Check TLS/SSL ciphers, protocols, and cryptographic flaws on any port." INSTALL_COMMANDS = ["git clone https://github.com/drwetter/testssl.sh.git"] RUN_COMMANDS = ["cd testssl.sh && ./testssl.sh --help"] PROJECT_URL = "https://github.com/drwetter/testssl.sh" class Arjun(HackingTool): TITLE = "Arjun (HTTP Parameter Discovery)" DESCRIPTION = "HTTP parameter discovery suite that finds hidden GET/POST parameters." INSTALL_COMMANDS = ["pip install --user arjun"] RUN_COMMANDS = ["arjun --help"] PROJECT_URL = "https://github.com/s0md3v/Arjun" class Caido(HackingTool): TITLE = "Caido (Web Security Auditing)" DESCRIPTION = "Lightweight, modern web security auditing toolkit — Burp Suite alternative written in Rust." INSTALL_COMMANDS = [ "curl -sSL https://caido.download/releases/latest/caido-cli-linux-x86_64.tar.gz | sudo tar xz -C /usr/local/bin", ] RUN_COMMANDS = ["caido --help"] PROJECT_URL = "https://github.com/caido/caido" SUPPORTED_OS = ["linux", "macos"] class Mitmproxy(HackingTool): TITLE = "mitmproxy (Intercepting Proxy)" DESCRIPTION = "Interactive TLS-capable intercepting HTTP proxy for pentesters and developers." INSTALL_COMMANDS = ["pip install --user mitmproxy"] RUN_COMMANDS = ["mitmproxy --version"] PROJECT_URL = "https://github.com/mitmproxy/mitmproxy" class WebAttackTools(HackingToolsCollection): TITLE = "Web Attack tools" DESCRIPTION = "" TOOLS = [ Web2Attack(), Skipfish(), SubDomainFinder(), CheckURL(), Blazy(), SubDomainTakeOver(), Dirb(), Nuclei(), Ffuf(), Feroxbuster(), Nikto(), Wafw00f(), Katana(), Gobuster(), Dirsearch(), OwaspZap(), TestSSL(), Arjun(), Caido(), Mitmproxy(), ] if __name__ == "__main__": tools = WebAttackTools() tools.show_options() ================================================ FILE: tools/wireless_attack.py ================================================ from rich.prompt import Prompt from core import HackingTool, HackingToolsCollection, console class WIFIPumpkin(HackingTool): TITLE = "WiFi-Pumpkin" DESCRIPTION = ( "The WiFi-Pumpkin is a rogue AP framework to easily create fake networks\n" "while forwarding legitimate traffic to and from the unsuspecting target." ) INSTALL_COMMANDS = [ "sudo apt install -y libssl-dev libffi-dev build-essential python3-pyqt5", "git clone https://github.com/P0cL4bs/wifipumpkin3.git", "chmod -R 755 wifipumpkin3", "cd wifipumpkin3 && pip install --user .", ] RUN_COMMANDS = ["sudo wifipumpkin3"] PROJECT_URL = "https://github.com/P0cL4bs/wifipumpkin3" SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True class pixiewps(HackingTool): TITLE = "pixiewps" DESCRIPTION = ( "Pixiewps is a tool written in C used to bruteforce offline the WPS pin\n" "exploiting the low or non-existing entropy of some Access Points " "(pixie dust attack)." ) INSTALL_COMMANDS = [ # Bug 29 fix: removed wget https://pastebin.com/... (insecure download from pastebin) "git clone https://github.com/wiire/pixiewps.git && apt-get -y install build-essential", "cd pixiewps && make", "cd pixiewps && sudo make install", ] PROJECT_URL = "https://github.com/wiire/pixiewps" SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True def run(self): console.print( "[bold cyan]Usage:[/bold cyan]\n" " 1. Put interface into monitor mode: [yellow]airmon-ng start [/yellow]\n" " 2. Scan: [yellow]wash -i [/yellow]\n" " 3. Attack: [yellow]reaver -i -b -c -vvv -K 1 -f[/yellow]\n" " 4. Run: [yellow]pixiewps -h[/yellow]" ) class BluePot(HackingTool): TITLE = "Bluetooth Honeypot GUI Framework" DESCRIPTION = ( "You need at least 1 bluetooth receiver.\n" "Install libbluetooth-dev (Ubuntu) / bluez-libs-devel (Fedora) / bluez-devel (openSUSE)." ) INSTALL_COMMANDS = [ # Bug 15 fix: missing comma caused implicit string concatenation — two strings joined "sudo wget https://raw.githubusercontent.com/andrewmichaelsmith/bluepot/master/bin/bluepot-0.2.tar.gz", "sudo tar xfz bluepot-0.2.tar.gz && sudo rm bluepot-0.2.tar.gz", ] RUN_COMMANDS = ["cd bluepot && sudo java -jar bluepot.jar"] PROJECT_URL = "https://github.com/andrewmichaelsmith/bluepot" SUPPORTED_OS = ["linux"] REQUIRES_JAVA = True class Fluxion(HackingTool): TITLE = "Fluxion" DESCRIPTION = "Fluxion is a remake of linset by vk496 with enhanced functionality." INSTALL_COMMANDS = [ "git clone https://github.com/FluxionNetwork/fluxion.git", "cd fluxion && chmod +x fluxion.sh", ] RUN_COMMANDS = ["cd fluxion && sudo bash fluxion.sh -i"] PROJECT_URL = "https://github.com/FluxionNetwork/fluxion" SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True class Wifiphisher(HackingTool): TITLE = "Wifiphisher" DESCRIPTION = ( "Wifiphisher is a rogue Access Point framework for conducting red team engagements\n" "or Wi-Fi security testing. Easily achieve man-in-the-middle position against\n" "wireless clients by performing targeted Wi-Fi association attacks." ) INSTALL_COMMANDS = [ "git clone https://github.com/wifiphisher/wifiphisher.git", "cd wifiphisher && pip install --user .", ] RUN_COMMANDS = ["cd wifiphisher && sudo wifiphisher"] PROJECT_URL = "https://github.com/wifiphisher/wifiphisher" SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True class Wifite(HackingTool): TITLE = "Wifite" DESCRIPTION = "Wifite is an automated wireless attack tool." INSTALL_COMMANDS = [ "git clone https://github.com/derv82/wifite2.git", "cd wifite2 && pip install --user .", ] RUN_COMMANDS = ["sudo wifite"] PROJECT_URL = "https://github.com/derv82/wifite2" SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True class EvilTwin(HackingTool): TITLE = "EvilTwin" DESCRIPTION = ( "Fakeap — perform Evil Twin Attack by getting credentials " "using a Fake page and Fake Access Point." ) INSTALL_COMMANDS = ["git clone https://github.com/Z4nzu/fakeap.git"] RUN_COMMANDS = ["cd fakeap && sudo bash fakeap.sh"] PROJECT_URL = "https://github.com/Z4nzu/fakeap" SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True class Fastssh(HackingTool): TITLE = "Fastssh" DESCRIPTION = ( "Fastssh — multi-threaded scan and brute force attack against SSH protocol\n" "using the most commonly used credentials." ) INSTALL_COMMANDS = [ "git clone https://github.com/Z4nzu/fastssh.git && cd fastssh && chmod +x fastssh.sh", "sudo apt-get install -y sshpass netcat", ] RUN_COMMANDS = ["cd fastssh && sudo bash fastssh.sh --scan"] PROJECT_URL = "https://github.com/Z4nzu/fastssh" SUPPORTED_OS = ["linux"] class Howmanypeople(HackingTool): TITLE = "Howmanypeople" DESCRIPTION = ( "Count the number of people around you by monitoring wifi signals.\n" "[@] WIFI ADAPTER REQUIRED\n" "[*] It may be illegal to monitor networks for MAC addresses on networks you do not own." ) INSTALL_COMMANDS = [ # Bug 14 fix: missing comma caused "sudo apt-get install tshark;sudo python3..." # to be one implicitly concatenated string — only first command ran "sudo apt-get install -y tshark", "sudo python3 -m pip install howmanypeoplearearound", ] RUN_COMMANDS = ["howmanypeoplearearound"] SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True class Airgeddon(HackingTool): TITLE = "Airgeddon (Wireless Attack Suite)" DESCRIPTION = ( "Multi-use bash script for auditing wireless networks.\n" "Covers WPA/WPA2, WEP, WPS, PMKID, evil twin, handshake capture and more." ) SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True INSTALL_COMMANDS = [ "git clone https://github.com/v1s1t0r1sh3r3/airgeddon.git", ] RUN_COMMANDS = ["cd airgeddon && sudo bash airgeddon.sh"] PROJECT_URL = "https://github.com/v1s1t0r1sh3r3/airgeddon" class Hcxdumptool(HackingTool): TITLE = "hcxdumptool (PMKID Capture)" DESCRIPTION = ( "Capture packets and PMKID hashes from WLAN devices.\n" "Usage: hcxdumptool -i -o capture.pcapng --enable_status=1" ) SUPPORTED_OS = ["linux"] REQUIRES_WIFI = True INSTALL_COMMANDS = [ "git clone https://github.com/ZerBea/hcxdumptool.git", "cd hcxdumptool && make && sudo make install", ] RUN_COMMANDS = ["hcxdumptool --help"] PROJECT_URL = "https://github.com/ZerBea/hcxdumptool" class Hcxtools(HackingTool): TITLE = "hcxtools (PMKID/Hash Conversion)" DESCRIPTION = ( "Convert captured WLAN packets to hashcat/JtR-compatible format.\n" "Usage: hcxpcapngtool -o hashes.txt capture.pcapng" ) SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = [ "git clone https://github.com/ZerBea/hcxtools.git", "cd hcxtools && make && sudo make install", ] RUN_COMMANDS = ["hcxpcapngtool --help"] PROJECT_URL = "https://github.com/ZerBea/hcxtools" class Bettercap(HackingTool): TITLE = "Bettercap (Network/WiFi/BLE MITM)" DESCRIPTION = "Swiss army knife for WiFi, BLE, HID, and Ethernet network recon and MITM attacks." SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["sudo apt-get install -y bettercap"] RUN_COMMANDS = ["sudo bettercap --help"] PROJECT_URL = "https://github.com/bettercap/bettercap" class WirelessAttackTools(HackingToolsCollection): TITLE = "Wireless attack tools" TOOLS = [ WIFIPumpkin(), pixiewps(), BluePot(), Fluxion(), Wifiphisher(), Wifite(), EvilTwin(), Fastssh(), Howmanypeople(), Airgeddon(), Hcxdumptool(), Hcxtools(), Bettercap(), ] if __name__ == "__main__": tools = WirelessAttackTools() tools.show_options() ================================================ FILE: tools/wordlist_generator.py ================================================ import os import subprocess from rich.panel import Panel from rich.prompt import Prompt from rich.table import Table from rich import box from core import HackingTool, HackingToolsCollection, console class Cupp(HackingTool): TITLE = "Cupp" # Bug 24 fix: DESCRIPTION was copy-pasted from WlCreator — completely wrong DESCRIPTION = "Common User Passwords Profiler — generates personalized wordlists based on target info." INSTALL_COMMANDS = ["git clone https://github.com/Mebus/cupp.git"] RUN_COMMANDS = ["cd cupp && python3 cupp.py -i"] PROJECT_URL = "https://github.com/Mebus/cupp" def show_info(self): panel = Panel( f"[bold purple]{self.TITLE}[/bold purple]\n\n" f"[cyan]{self.DESCRIPTION}[/cyan]\n\n" f"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]", border_style="purple", box=box.ROUNDED, ) console.print(panel) class WlCreator(HackingTool): TITLE = "WordlistCreator" DESCRIPTION = "WlCreator is a C program that can create all possibilities" \ " of passwords,\n and you can choose Length, Lowercase, " \ "Capital, Numbers and Special Chars" INSTALL_COMMANDS = ["git clone https://github.com/Z4nzu/wlcreator.git"] RUN_COMMANDS = [ "cd wlcreator && sudo gcc -o wlcreator wlcreator.c && ./wlcreator 5"] PROJECT_URL = "https://github.com/Z4nzu/wlcreator" def show_info(self): panel = Panel( f"[bold purple]{self.TITLE}[/bold purple]\n\n" f"[cyan]{self.DESCRIPTION}[/cyan]\n\n" f"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]", border_style="purple", box=box.ROUNDED, ) console.print(panel) class GoblinWordGenerator(HackingTool): TITLE = "Goblin WordGenerator" DESCRIPTION = "Goblin WordGenerator" INSTALL_COMMANDS = [ "git clone https://github.com/UndeadSec/GoblinWordGenerator.git"] RUN_COMMANDS = ["cd GoblinWordGenerator && python3 goblin.py"] PROJECT_URL = "https://github.com/UndeadSec/GoblinWordGenerator.git" def show_info(self): panel = Panel( f"[bold purple]{self.TITLE}[/bold purple]\n\n" f"[cyan]{self.DESCRIPTION}[/cyan]\n\n" f"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]", border_style="purple", box=box.ROUNDED, ) console.print(panel) class showme(HackingTool): TITLE = "Password list (1.4 Billion Clear Text Password)" DESCRIPTION = "This tool allows you to perform OSINT and reconnaissance on " \ "an organisation or an individual. It allows one to search " \ "1.4 Billion clear text credentials which was dumped as " \ "part of BreachCompilation leak. This database makes " \ "finding passwords faster and easier than ever before." INSTALL_COMMANDS = [ "git clone https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got.git", "cd SMWYG-Show-Me-What-You-Got && pip3 install -r requirements.txt" ] RUN_COMMANDS = ["cd SMWYG-Show-Me-What-You-Got && python SMWYG.py"] PROJECT_URL = "https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got" def show_info(self): panel = Panel( f"[bold purple]{self.TITLE}[/bold purple]\n\n" f"[cyan]{self.DESCRIPTION}[/cyan]\n\n" f"[green]Repository:[/green] [underline blue]{self.PROJECT_URL}[/underline blue]", border_style="purple", box=box.ROUNDED, ) console.print(panel) class Hashcat(HackingTool): TITLE = "Hashcat (Password Cracker)" DESCRIPTION = ( "World's fastest GPU/CPU password recovery tool — supports 300+ hash types.\n" "Usage: hashcat -m 0 -a 0 hashes.txt wordlist.txt" ) SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["sudo apt-get install -y hashcat"] RUN_COMMANDS = ["hashcat --help"] PROJECT_URL = "https://github.com/hashcat/hashcat" class JohnTheRipper(HackingTool): TITLE = "John the Ripper" DESCRIPTION = ( "Open-source password security auditing and recovery tool.\n" "Usage: john --wordlist=wordlist.txt hashfile" ) SUPPORTED_OS = ["linux"] INSTALL_COMMANDS = ["sudo apt-get install -y john"] RUN_COMMANDS = ["john --help"] PROJECT_URL = "https://github.com/openwall/john" class Haiti(HackingTool): TITLE = "haiti (Hash Type Identifier)" DESCRIPTION = ( "Identify hash types — supports 300+ algorithms.\n" "Usage: haiti " ) REQUIRES_RUBY = True INSTALL_COMMANDS = ["gem install haiti-hash"] RUN_COMMANDS = ["haiti --help"] PROJECT_URL = "https://github.com/noraj/haiti" class WordlistGeneratorTools(HackingToolsCollection): TITLE = "Wordlist Generator" TOOLS = [ Cupp(), WlCreator(), GoblinWordGenerator(), showme(), Hashcat(), JohnTheRipper(), Haiti(), ] def show_info(self): header = Panel(f"[bold white on purple] {self.TITLE} [/bold white on purple]", border_style="purple", box=box.DOUBLE) console.print(header) table = Table(box=box.SIMPLE, show_header=True, header_style="bold purple") table.add_column("#", justify="center", style="cyan", width=4) table.add_column("Tool", style="bold") table.add_column("Description", style="dim", overflow="fold") for idx, t in enumerate(self.TOOLS, start=1): desc = getattr(t, "DESCRIPTION", "") or "" table.add_row(str(idx), t.TITLE, desc) table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu") console.print(table) if __name__ == "__main__": tools = WordlistGeneratorTools() tools.show_info() tools.show_options() ================================================ FILE: tools/xss_attack.py ================================================ import os import subprocess from rich.panel import Panel from rich.prompt import Prompt from core import HackingTool, HackingToolsCollection, console class Dalfox(HackingTool): TITLE = "DalFox (Finder of XSS)" DESCRIPTION = "XSS Scanning and Parameter Analysis tool." INSTALL_COMMANDS = [ "sudo apt-get install -y golang", "go install github.com/hahwul/dalfox/v2@latest", ] RUN_COMMANDS = [ "~/go/bin/dalfox --help", ] PROJECT_URL = "https://github.com/hahwul/dalfox" class XSSPayloadGenerator(HackingTool): TITLE = "XSS Payload Generator" DESCRIPTION = "XSS PAYLOAD GENERATOR - XSS SCANNER - XSS DORK FINDER" INSTALL_COMMANDS = [ "git clone https://github.com/capture0x/XSS-LOADER.git", "cd XSS-LOADER;sudo pip3 install -r requirements.txt" ] RUN_COMMANDS = ["cd XSS-LOADER;sudo python3 payloader.py"] PROJECT_URL = "https://github.com/capture0x/XSS-LOADER.git" class XSSFinder(HackingTool): TITLE = "Extended XSS Searcher and Finder" DESCRIPTION = "Extended XSS Searcher and Finder" INSTALL_COMMANDS = [ "git clone https://github.com/Damian89/extended-xss-search.git"] PROJECT_URL = "https://github.com/Damian89/extended-xss-search" def after_install(self): console.print(Panel.fit( "[bold cyan]Follow These Steps After Installation:[/bold cyan]\n" "[red]*[/red] Go to [yellow]extended-xss-search[/yellow] directory\n" "[green]*[/green] Rename [bold]example.app-settings.conf[/bold] → [bold]app-settings.conf[/bold]", title="[ Install Notes ]", border_style="magenta" )) input("Press ENTER to continue") def run(self): console.print(Panel.fit( "[bold cyan]You need to add links to scan[/bold cyan]\n" "[red]*[/red] Go to [yellow]extended-xss-search/config/urls-to-test.txt[/yellow]\n" "[green]*[/green] Run: [bold]python3 extended-xss-search.py[/bold]", title="[ Run Instructions ]", border_style="blue" )) class XSSFreak(HackingTool): TITLE = "XSS-Freak" DESCRIPTION = "An XSS scanner fully written in Python 3 from scratch." INSTALL_COMMANDS = [ "git clone https://github.com/PR0PH3CY33/XSS-Freak.git", "cd XSS-Freak;sudo pip3 install -r requirements.txt" ] RUN_COMMANDS = ["cd XSS-Freak;sudo python3 XSS-Freak.py"] PROJECT_URL = "https://github.com/PR0PH3CY33/XSS-Freak" class XSpear(HackingTool): TITLE = "XSpear" DESCRIPTION = "XSpear is an XSS Scanner built on Ruby Gems." INSTALL_COMMANDS = ["gem install XSpear"] RUN_COMMANDS = ["XSpear -h"] PROJECT_URL = "https://github.com/hahwul/XSpear" class XSSCon(HackingTool): TITLE = "XSSCon" INSTALL_COMMANDS = [ "git clone https://github.com/menkrep1337/XSSCon.git", "sudo chmod 755 -R XSSCon" ] PROJECT_URL = "https://github.com/menkrep1337/XSSCon" def run(self): console.print(Panel.fit( "Enter target website to scan with XSSCon:", title="[bold yellow]XSSCon[/bold yellow]", border_style="bright_yellow" )) website = Prompt.ask("[bold cyan]Enter Website[/bold cyan]") from config import get_tools_dir subprocess.run(["python3", "xsscon.py", "-u", website], cwd=str(get_tools_dir() / "XSSCon")) class XanXSS(HackingTool): TITLE = "XanXSS" DESCRIPTION = "Reflected XSS searching tool that creates payloads from templates." INSTALL_COMMANDS = ["git clone https://github.com/Ekultek/XanXSS.git"] PROJECT_URL = "https://github.com/Ekultek/XanXSS" def run(self): from config import get_tools_dir subprocess.run(["python3", "xanxss.py", "-h"], cwd=str(get_tools_dir() / "XanXSS")) class XSSStrike(HackingTool): TITLE = "Advanced XSS Detection Suite" DESCRIPTION = "XSStrike is a Python-based tool designed to detect and exploit XSS vulnerabilities." INSTALL_COMMANDS = [ "sudo rm -rf XSStrike", "git clone https://github.com/UltimateHackers/XSStrike.git " "&& cd XSStrike && pip install -r requirements.txt" ] PROJECT_URL = "https://github.com/UltimateHackers/XSStrike" def __init__(self): super().__init__(runnable=False) class RVuln(HackingTool): TITLE = "RVuln" SUPPORTED_OS = ["linux"] DESCRIPTION = "Multi-threaded and Automated Web Vulnerability Scanner written in Rust." INSTALL_COMMANDS = [ "git clone https://github.com/iinc0gnit0/RVuln.git;" "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh;" "source $HOME/.cargo/env;" "sudo apt install librust-openssl-dev;" "cd RVuln;sudo su;cargo build --release;mv target/release/RVuln" ] RUN_COMMANDS = ["RVuln"] PROJECT_URL = "https://github.com/iinc0gnit0/RVuln" class XSSAttackTools(HackingToolsCollection): TITLE = "XSS Attack Tools" TOOLS = [ Dalfox(), XSSPayloadGenerator(), XSSFinder(), XSSFreak(), XSpear(), XSSCon(), XanXSS(), XSSStrike(), RVuln() ] def show_info(self): console.print(Panel.fit( "[bold magenta]XSS Attack Tools Collection[/bold magenta]\n" "A curated set of tools for XSS vulnerability analysis and exploitation.", border_style="bright_magenta" )) ================================================ FILE: update.sh ================================================ #!/bin/bash set -euo pipefail INSTALL_DIR="/usr/share/hackingtool" if [[ $EUID -ne 0 ]]; then echo "[ERROR] Run as root: sudo bash update.sh" exit 1 fi if [[ ! -d "$INSTALL_DIR" ]]; then echo "[ERROR] Installation not found at $INSTALL_DIR. Run install.py first." exit 1 fi echo "[*] Checking internet connection..." if ! curl -sSf --max-time 10 https://github.com > /dev/null; then echo "[ERROR] No internet connection." exit 1 fi echo "[✔] Internet OK" echo "[*] Pulling latest changes..." git -C "$INSTALL_DIR" config --local safe.directory "$INSTALL_DIR" git -C "$INSTALL_DIR" pull --rebase echo "[*] Updating Python dependencies..." if [[ -f "$INSTALL_DIR/venv/bin/pip" ]]; then "$INSTALL_DIR/venv/bin/pip" install -q --upgrade -r "$INSTALL_DIR/requirements.txt" else echo "[WARN] venv not found — skipping pip update. Run install.py to create it." fi echo "[✔] Hackingtool updated. Run 'hackingtool' to start."