Elgato_dark/hackingtool
1
0
Fork 0
mirror of https://github.com/Z4nzu/hackingtool synced 2026-05-24 01:18:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
hackingtool/README.md

528 lines
18 KiB
Markdown
Raw Permalink Normal View History

Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
<div align="center">
<img src="images/logo.svg" alt="HackingTool" width="600">
<p><b>All-in-One Hacking Tool for Security Researchers & Pentesters</b></p>
[![License](https://img.shields.io/github/license/Z4nzu/hackingtool)](LICENSE)&nbsp;
[![Python](https://img.shields.io/badge/Python-3.10+-3776AB?style=flat-square&logo=python&logoColor=white)](https://www.python.org/)&nbsp;
[![Version](https://img.shields.io/badge/v2.0.0-00FF88?style=flat-square)](#)&nbsp;
[![Stars](https://img.shields.io/github/stars/Z4nzu/hackingtool?style=flat-square&color=yellow)](https://github.com/Z4nzu/hackingtool/stargazers)&nbsp;
[![Forks](https://img.shields.io/github/forks/Z4nzu/hackingtool?style=flat-square&color=blue)](https://github.com/Z4nzu/hackingtool/network/members)&nbsp;
[![Issues](https://img.shields.io/github/issues/Z4nzu/hackingtool?style=flat-square&color=red)](https://github.com/Z4nzu/hackingtool/issues)&nbsp;
[![Last Commit](https://img.shields.io/github/last-commit/Z4nzu/hackingtool?style=flat-square&color=00FF88)](https://github.com/Z4nzu/hackingtool/commits/master)
![](https://img.shields.io/badge/20_Categories-7B61FF?style=for-the-badge)
![](https://img.shields.io/badge/185+_Tools-00FF88?style=for-the-badge)
![](https://img.shields.io/badge/19_Tags-FF61DC?style=for-the-badge)
![](https://img.shields.io/badge/Linux_%7C_Kali_%7C_Parrot_%7C_macOS-FFA116?style=for-the-badge&logo=linux&logoColor=white)
<a href="#installation"><img src="https://img.shields.io/badge/Install_Now-00FF88?style=for-the-badge&logo=rocket&logoColor=black" alt="Install Now"></a>&nbsp;
<a href="#quick-commands"><img src="https://img.shields.io/badge/Quick_Commands-7B61FF?style=for-the-badge&logo=terminal&logoColor=white" alt="Quick Commands"></a>&nbsp;
<a href="https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md"><img src="https://img.shields.io/badge/Suggest_a_Tool-FF61DC?style=for-the-badge&logo=plus&logoColor=white" alt="Suggest a Tool"></a>
</div>
---
## What's New in v2.0.0
<table>
<tr><td>
| | Feature | Description |
|:---:|---|---|
| **🐍** | **Python 3.10+** | All Python 2 code removed, modern syntax throughout |
| **🖥** | **OS-aware menus** | Linux-only tools hidden automatically on macOS |
| **📦** | **185+ tools** | 35 new modern tools added across 6 categories |
| **🔍** | **Search** | Type `/` to search all tools by name, description, or keyword |
| **🏷** | **Tag filter** | Type `t` to filter by 19 tags — osint, web, c2, cloud, mobile... |
| **💡** | **Recommend** | Type `r` — "I want to scan a network" → shows relevant tools |
| **✅** | **Install status** | ✔/✘ shown next to every tool — know what's ready |
| **⚡** | **Install all** | Option `97` in any category — batch install at once |
| **🔄** | **Smart update** | Each tool has Update — auto-detects git pull / pip upgrade / go install |
| **📂** | **Open folder** | Jump into any tool's directory for manual inspection |
| **🐳** | **Docker** | Builds locally — no unverified external images |
| **🚀** | **One-liner install** | `curl -sSL .../install.sh \| sudo bash` — zero manual steps |
| **🏢** | **3 new categories** | Active Directory, Cloud Security, Mobile Security |
</td></tr>
</table>
---
## Quick Commands
<div align="center">
| Command | Action | Works in |
|:---:|---|:---:|
| `/query` | **Search** — find tools instantly by keyword | Main menu |
| `t` | **Tags** — filter by osint, scanner, c2, cloud, mobile... | Main menu |
| `r` | **Recommend** — "I want to do X" → matching tools | Main menu |
| `?` | **Help** — quick reference card | Everywhere |
| `q` | **Quit** — exit from any depth | Everywhere |
| `97` | **Install All** — batch install all tools in category | Category |
| `99` | **Back** — return to previous menu | Everywhere |
</div>
---
## Tool Categories
<div align="center">
| # | Category | Tools | | # | Category | Tools |
|:---:|---|:---:|---|:---:|---|:---:|
| 1 | 🛡 [Anonymously Hiding](#anonymously-hiding-tools) | 2 | | 11 | 🧰 [Exploit Framework](#exploit-framework) | 4 |
| 2 | 🔍 [Information Gathering](#information-gathering-tools) | 26 | | 12 | 🔁 [Reverse Engineering](#reverse-engineering-tools) | 5 |
| 3 | 📚 [Wordlist Generator](#wordlist-generator) | 7 | | 13 | ⚡ [DDOS Attack](#ddos-attack-tools) | 5 |
| 4 | 📶 [Wireless Attack](#wireless-attack-tools) | 13 | | 14 | 🖥 [RAT](#remote-administrator-tools-rat) | 1 |
| 5 | 🧩 [SQL Injection](#sql-injection-tools) | 7 | | 15 | 💥 [XSS Attack](#xss-attack-tools) | 9 |
| 6 | 🎣 [Phishing Attack](#phishing-attack-tools) | 17 | | 16 | 🖼 [Steganography](#steganography-tools) | 4 |
| 7 | 🌐 [Web Attack](#web-attack-tools) | 20 | | 17 | 🏢 [Active Directory](#active-directory-tools) | 6 |
| 8 | 🔧 [Post Exploitation](#post-exploitation-tools) | 10 | | 18 | ☁ [Cloud Security](#cloud-security-tools) | 4 |
| 9 | 🕵 [Forensics](#forensic-tools) | 8 | | 19 | 📱 [Mobile Security](#mobile-security-tools) | 3 |
| 10 | 📦 [Payload Creation](#payload-creation-tools) | 8 | | 20 | ✨ [Other Tools](#other-tools) | 24 |
</div>
---
## 🛡 Anonymously Hiding Tools
- [Anonymously Surf](https://github.com/Und3rf10w/kali-anonsurf)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Multitor](https://github.com/trimstray/multitor)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 🔍 Information Gathering Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Network Map (nmap)](https://github.com/nmap/nmap)
- [Dracnmap](https://github.com/Screetsec/Dracnmap)
- Port scanning
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- Host to IP
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Xerosploit](https://github.com/LionSec/xerosploit)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [RED HAWK](https://github.com/Tuhinshubhra/RED_HAWK)
- [ReconSpider](https://github.com/bhavsec/reconspider)
- IsItDown
- [Infoga](https://github.com/m4ll0k/Infoga)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [ReconDog](https://github.com/s0md3v/ReconDog)
- [Striker](https://github.com/s0md3v/Striker)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [SecretFinder](https://github.com/m4ll0k/SecretFinder)
- [Shodanfy](https://github.com/m4ll0k/Shodanfy.py)
- [rang3r](https://github.com/floriankunushevci/rang3r)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Breacher](https://github.com/s0md3v/Breacher)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [theHarvester](https://github.com/laramies/theHarvester) ★
- [Amass](https://github.com/owasp-amass/amass) ★
- [Masscan](https://github.com/robertdavidgraham/masscan) ★
- [RustScan](https://github.com/RustScan/RustScan) ★
- [Holehe](https://github.com/megadose/holehe) ★
- [Maigret](https://github.com/soxoj/maigret) ★
- [httpx](https://github.com/projectdiscovery/httpx) ★
- [SpiderFoot](https://github.com/smicallef/spiderfoot) ★
- [Subfinder](https://github.com/projectdiscovery/subfinder) ★
- [TruffleHog](https://github.com/trufflesecurity/trufflehog) ★
- [Gitleaks](https://github.com/gitleaks/gitleaks) ★
## 📚 Wordlist Generator
- [Cupp](https://github.com/Mebus/cupp)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [WordlistCreator](https://github.com/Z4nzu/wlcreator)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Goblin WordGenerator](https://github.com/UndeadSec/GoblinWordGenerator)
- [Password list (1.4B)](https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got)
- [Hashcat](https://github.com/hashcat/hashcat) ★
- [John the Ripper](https://github.com/openwall/john) ★
- [haiti](https://github.com/noraj/haiti) ★
## 📶 Wireless Attack Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [WiFi-Pumpkin](https://github.com/P0cL4bs/wifipumpkin3)
- [pixiewps](https://github.com/wiire/pixiewps)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Bluetooth Honeypot (bluepot)](https://github.com/andrewmichaelsmith/bluepot)
- [Fluxion](https://github.com/FluxionNetwork/fluxion)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Wifiphisher](https://github.com/wifiphisher/wifiphisher)
- [Wifite](https://github.com/derv82/wifite2)
- [EvilTwin](https://github.com/Z4nzu/fakeap)
- [Fastssh](https://github.com/Z4nzu/fastssh)
- Howmanypeople
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Airgeddon](https://github.com/v1s1t0r1sh3r3/airgeddon) ★
- [hcxdumptool](https://github.com/ZerBea/hcxdumptool) ★
- [hcxtools](https://github.com/ZerBea/hcxtools) ★
- [Bettercap](https://github.com/bettercap/bettercap) ★
## 🧩 SQL Injection Tools
- [Sqlmap](https://github.com/sqlmapproject/sqlmap)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [NoSqlMap](https://github.com/codingo/NoSQLMap)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [DSSS](https://github.com/stamparm/DSSS)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Explo](https://github.com/dtag-dev-sec/explo)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Blisqy](https://github.com/JohnTroony/Blisqy)
- [Leviathan](https://github.com/leviathan-framework/leviathan)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [SQLScan](https://github.com/Cvar1984/sqlscan)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 🎣 Phishing Attack Tools
- [Autophisher](https://github.com/CodingRanjith/autophisher)
- [PyPhisher](https://github.com/KasRoudra/PyPhisher)
- [AdvPhishing](https://github.com/Ignitetch/AdvPhishing)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Setoolkit](https://github.com/trustedsec/social-engineer-toolkit)
- [SocialFish](https://github.com/UndeadSec/SocialFish)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [HiddenEye](https://github.com/Morsmalleo/HiddenEye)
- [Evilginx3](https://github.com/kgretzky/evilginx2)
- [I-See-You](https://github.com/Viralmaniar/I-See-You)
- [SayCheese](https://github.com/hangetzzu/saycheese)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [QR Code Jacking](https://github.com/cryptedwolf/ohmyqr)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [BlackEye](https://github.com/thelinuxchoice/blackeye)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [ShellPhish](https://github.com/An0nUD4Y/shellphish)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Thanos](https://github.com/TridevReddy/Thanos)
- [QRLJacking](https://github.com/OWASP/QRLJacking)
- [Maskphish](https://github.com/jaykali/maskphish)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [BlackPhish](https://github.com/iinc0gnit0/BlackPhish)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [dnstwist](https://github.com/elceef/dnstwist)
## 🌐 Web Attack Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Web2Attack](https://github.com/santatic/web2attack)
first time
2020-04-11 10:32:57 +00:00
- Skipfish
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Sublist3r](https://github.com/aboul3la/Sublist3r)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [CheckURL](https://github.com/UndeadSec/checkURL)
Update Takeover and add Crivo
2024-11-19 06:04:31 +00:00
- [Sub-Domain TakeOver](https://github.com/edoardottt/takeover)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Dirb](https://gitlab.com/kalilinux/packages/dirb)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Nuclei](https://github.com/projectdiscovery/nuclei) ★
- [ffuf](https://github.com/ffuf/ffuf) ★
- [Feroxbuster](https://github.com/epi052/feroxbuster) ★
- [Nikto](https://github.com/sullo/nikto) ★
- [wafw00f](https://github.com/EnableSecurity/wafw00f) ★
- [Katana](https://github.com/projectdiscovery/katana) ★
- [Gobuster](https://github.com/OJ/gobuster) ★
- [Dirsearch](https://github.com/maurosoria/dirsearch) ★
- [OWASP ZAP](https://github.com/zaproxy/zaproxy) ★
- [testssl.sh](https://github.com/drwetter/testssl.sh) ★
- [Arjun](https://github.com/s0md3v/Arjun) ★
- [Caido](https://github.com/caido/caido) ★
- [mitmproxy](https://github.com/mitmproxy/mitmproxy) ★
## 🔧 Post Exploitation Tools
- [Vegile](https://github.com/Screetsec/Vegile)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Chrome Keylogger](https://github.com/UndeadSec/HeraKeylogger)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [pwncat-cs](https://github.com/calebstewart/pwncat) ★
- [Sliver](https://github.com/BishopFox/sliver) ★
- [Havoc](https://github.com/HavocFramework/Havoc) ★
- [PEASS-ng (LinPEAS/WinPEAS)](https://github.com/peass-ng/PEASS-ng) ★
- [Ligolo-ng](https://github.com/nicocha30/ligolo-ng) ★
- [Chisel](https://github.com/jpillora/chisel) ★
- [Evil-WinRM](https://github.com/Hackplayers/evil-winrm) ★
- [Mythic](https://github.com/its-a-feature/Mythic) ★
## 🕵 Forensic Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- Autopsy
Update README.md
2020-07-11 12:14:56 +00:00
- Wireshark
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Bulk extractor](https://github.com/simsong/bulk_extractor)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Guymager](https://guymager.sourceforge.io/)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Toolsley](https://www.toolsley.com/)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Volatility 3](https://github.com/volatilityfoundation/volatility3) ★
- [Binwalk](https://github.com/ReFirmLabs/binwalk) ★
- [pspy](https://github.com/DominicBreuker/pspy) ★
## 📦 Payload Creation Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [The FatRat](https://github.com/Screetsec/TheFatRat)
- [Brutal](https://github.com/Screetsec/Brutal)
- [Stitch](https://nathanlopez.github.io/Stitch)
- [MSFvenom Payload Creator](https://github.com/g0tmi1k/msfpc)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Venom](https://github.com/r00t-3xp10it/venom)
Update README.MD SpyCam original source was retired from GitHub... updated with one of the forked sources...
2022-05-14 02:26:50 +00:00
- [Spycam](https://github.com/indexnotfound404/spycam)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Mob-Droid](https://github.com/kinghacker0/Mob-Droid)
- [Enigma](https://github.com/UndeadSec/Enigma)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 🧰 Exploit Framework
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [RouterSploit](https://github.com/threat9/routersploit)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [WebSploit](https://github.com/The404Hacking/websploit)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Commix](https://github.com/commixproject/commix)
- [Web2Attack](https://github.com/santatic/web2attack)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 🔁 Reverse Engineering Tools
- [Androguard](https://github.com/androguard/androguard)
- [Apk2Gold](https://github.com/lxdvs/apk2gold)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [JadX](https://github.com/skylot/jadx)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Ghidra](https://github.com/NationalSecurityAgency/ghidra) ★
- [Radare2](https://github.com/radareorg/radare2) ★
## ⚡ DDOS Attack Tools
- [DDoS Script](https://github.com/the-deepnet/ddos)
- [SlowLoris](https://github.com/gkbrk/slowloris)
- [Asyncrone](https://github.com/fatihsnsy/aSYNcrone)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [UFOnet](https://github.com/epsylon/ufonet)
- [GoldenEye](https://github.com/jseidl/GoldenEye)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 🖥 Remote Administrator Tools (RAT)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Pyshell](https://github.com/knassar702/pyshell)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 💥 XSS Attack Tools
- [DalFox](https://github.com/hahwul/dalfox)
- [XSS Payload Generator](https://github.com/capture0x/XSS-LOADER)
- [Extended XSS Searcher](https://github.com/Damian89/extended-xss-search)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [XSS-Freak](https://github.com/PR0PH3CY33/XSS-Freak)
- [XSpear](https://github.com/hahwul/XSpear)
- [XSSCon](https://github.com/menkrep1337/XSSCon)
- [XanXSS](https://github.com/Ekultek/XanXSS)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [XSStrike](https://github.com/UltimateHackers/XSStrike)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [RVuln](https://github.com/iinc0gnit0/RVuln)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 🖼 Steganography Tools
Added new tools
2020-04-19 07:52:11 +00:00
- SteganoHide
add stegocracker in steganography tools
2021-07-04 17:18:00 +00:00
- [StegoCracker](https://github.com/W1LDN16H7/StegoCracker)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Whitespace](https://github.com/beardog108/snow10)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## 🏢 Active Directory Tools
- [BloodHound](https://github.com/BloodHoundAD/BloodHound) ★
- [NetExec (nxc)](https://github.com/Pennyw0rth/NetExec) ★
- [Impacket](https://github.com/fortra/impacket) ★
- [Responder](https://github.com/lgandx/Responder) ★
- [Certipy](https://github.com/ly4k/Certipy) ★
- [Kerbrute](https://github.com/ropnop/kerbrute) ★
## ☁ Cloud Security Tools
- [Prowler](https://github.com/prowler-cloud/prowler) ★
- [ScoutSuite](https://github.com/nccgroup/ScoutSuite) ★
- [Pacu](https://github.com/RhinoSecurityLabs/pacu) ★
- [Trivy](https://github.com/aquasecurity/trivy) ★
## 📱 Mobile Security Tools
- [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) ★
- [Frida](https://github.com/frida/frida) ★
- [Objection](https://github.com/sensepost/objection) ★
## ✨ Other Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
#### SocialMedia Bruteforce
- [AllinOne SocialMedia Attack](https://github.com/Matrix07ksa/Brute_Force)
- [Facebook Attack](https://github.com/Matrix07ksa/Brute_Force)
- [Application Checker](https://github.com/jakuta-tech/underhanded)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
#### Android Hacking Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Keydroid](https://github.com/F4dl0/keydroid)
- [MySMS](https://github.com/papusingh2sms/mysms)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Lockphish](https://github.com/JasonJerry/lockphish)
- [DroidCam / WishFish](https://github.com/kinghacker0/WishFish)
- [EvilApp](https://github.com/crypticterminal/EvilApp)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
#### IDN Homograph Attack
- [EvilURL](https://github.com/UndeadSec/EvilURL)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
#### Email Verify Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Knockmail](https://github.com/4w4k3/KnockMail)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
#### Hash Cracking Tools
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Hash Buster](https://github.com/s0md3v/Hash-Buster)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
#### Wifi Deauthenticate
- [WifiJammer-NG](https://github.com/MisterBianco/wifijammer-ng)
- [KawaiiDeauther](https://github.com/aryanrtm/KawaiiDeauther)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
#### SocialMedia Finder
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [Find SocialMedia By Facial Recognition](https://github.com/Greenwolf/social_mapper)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Find SocialMedia By UserName](https://github.com/xHak9x/finduser)
- [Sherlock](https://github.com/sherlock-project/sherlock)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
- [SocialScan](https://github.com/iojw/socialscan)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
#### Payload Injector
- [Debinject](https://github.com/UndeadSec/Debinject)
- [Pixload](https://github.com/chinarulezzz/pixload)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
#### Web Crawling
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
- [Gospider](https://github.com/jaeles-project/gospider)
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
#### Mix Tools
- Terminal Multiplexer (tilix)
Update Takeover and add Crivo
2024-11-19 06:04:31 +00:00
- [Crivo](https://github.com/GMDSantana/crivo)
Refactored the whole project List of changes + Handling information about a tool has been improved a lot by providing a `HackingTool` class, which takes care of showing the options, running the selected option, executing the required commands + This class is designed with flexibililty and simplicity in mind, so adding a new tool is a lot easier, mention TITLE, DESCRIPTION, list of INSTALL_COMMANDS, RUN_COMMANDS and PROJECT_URL and there you go... + grouping all the `HackingTool`s is also made super simpler by providing a `HackingToolsCollection` class which groups the tools into their respective categories. Just add the instances of `HackingTool` classes to the TOOLS property of the `HackingToolsCollection`. + Refactored all the tools into separate files based on their categories. + Added a READM_template.md and generate_readme.py script to automatically generate Table of contents and the list of tools available automatically. + Now each tool in the README.md points to its project url if provided. This makes it easier to visit the project from the readme.
2020-08-14 11:11:59 +00:00
Update README.md
2020-06-23 15:00:01 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
---
Some Changes
2020-04-11 18:05:13 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## Contributing — Add a New Tool
Update README.md
2020-04-11 09:36:28 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
<table>
<tr>
<td width="50%">
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
### Open an Issue
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
> **Title:** `[Tool Request] ToolName — Category`
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Use the [Tool Request](.github/ISSUE_TEMPLATE/tool_request.md) template.
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Required: tool name, GitHub URL, category, OS, install command, reason.
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
</td>
<td width="50%">
Update README.md
2020-04-11 09:36:28 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
### Open a Pull Request
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
> **Title:** `[New Tool] ToolName — Category`
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Use the [PR template](.github/PULL_REQUEST_TEMPLATE.md) checklist.
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Required: class in `tools/*.py`, TITLE, DESCRIPTION, INSTALL/RUN commands, SUPPORTED_OS, test locally.
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
</td>
</tr>
</table>
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
> Issues or PRs that don't follow the title format will be closed without review.
Added steps for installing tool Added a proper steps for better understanding for user to run tool
2023-07-17 16:59:33 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
---
first time
2020-04-11 10:32:57 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## Installation
Update README.md
2020-07-14 17:35:48 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
<table>
<tr>
<td>
Add Docker
2022-12-02 21:16:16 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
### One-liner (recommended)
Add Docker
2022-12-02 21:16:16 +00:00
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
```bash
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
curl -sSL https://raw.githubusercontent.com/Z4nzu/hackingtool/master/install.sh | sudo bash
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
```
Add Docker
2022-12-02 21:16:16 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Handles everything — prerequisites, clone, venv, launcher.
</td>
<td>
### Manual
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
```bash
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
git clone https://github.com/Z4nzu/hackingtool.git
cd hackingtool
sudo python3 install.py
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
```
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Then run: `hackingtool`
</td>
</tr>
</table>
### Docker
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
```bash
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
# Build
docker build -t hackingtool .
# Run (direct)
docker run -it --rm hackingtool
# Run (Compose — recommended)
docker compose up -d
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
docker exec -it hackingtool bash
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
# Dev mode (live source mount)
docker compose --profile dev up
docker exec -it hackingtool-dev bash
# Stop
docker compose down # stop container
docker compose down -v # also remove data volume
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
```
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
### Requirements
| Dependency | Version | Needed for |
|---|---|---|
| Python | 3.10+ | Core |
| Go | 1.21+ | nuclei, ffuf, amass, httpx, katana, dalfox, gobuster, subfinder |
| Ruby | any | haiti, evil-winrm |
| Docker | any | Mythic, MobSF (optional) |
```bash
pip install -r requirements.txt
Optimized Dockerfile for layer cache and moved all the installations for cache not to rerun the same layer for every code change for Docker container.
2023-09-01 07:02:42 +00:00
```
Add Docker
2022-12-02 21:16:16 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
---
## Star History
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date&theme=dark" />
<source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date" />
<img alt="HackingTool Star History Chart" src="https://api.star-history.com/svg?repos=Z4nzu/hackingtool&type=Date" />
</picture>
---
## Support
Add Docker
2022-12-02 21:16:16 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
If this project helps you, consider buying me a coffee:
Add Docker
2022-12-02 21:16:16 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
<a href="https://buymeacoffee.com/hardikzinzu" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png" alt="Buy Me A Coffee" height="50"></a>
changing made
2020-04-11 14:52:07 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
## Social
Update README.md
2020-06-19 14:14:30 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
[![Twitter](https://img.shields.io/badge/Twitter-Follow-1DA1F2?style=for-the-badge&logo=twitter&logoColor=white)](https://twitter.com/_Zinzu07)
[![GitHub](https://img.shields.io/badge/GitHub-Follow-181717?style=for-the-badge&logo=github&logoColor=white)](https://github.com/Z4nzu/)
Update with new tools
2020-07-21 16:56:08 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
> **For authorized security testing only.**
> Thanks to all original authors of the tools included in hackingtool.
Update README.md
2020-07-11 12:14:56 +00:00
Restructure for v2.0.0 with new tools, features, and UI updates (#590) * Phase 0: Add foundation files for v2.0.0 restructure - constants.py: single source of truth for repo URLs, version (2.0.0), all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection - os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager, CURRENT_OS singleton, per-OS install command maps - config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd() - tools/__init__.py, tools/others/__init__.py: make proper Python packages - IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines) - LOG.md: 13-phase progress tracker * Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities * Phase 3: Installation & path overhaul * Phase 4+5: Core architecture + shared console across all tool files Phase 4 (core.py — largely done in Phase 1, completed here): - HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields - HackingTool: remove INSTALLATION_DIR (unused) - HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools() - HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu) - HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag - OS-incompatible tools show count but are hidden from menu - Archived tools accessible via option 98 with reason displayed Phase 5 (all 22 remaining tool files): - Remove local console = Console() and _theme = Theme() from all 22 files - Remove P_COLOR and PURPLE_STYLE local constants - Add `from core import HackingTool, HackingToolsCollection, console` everywhere - Remove show_options() overrides from all collection classes (500+ lines deleted) - Remove pretty_print() overrides from all collection classes - Remove _get_attr() / _get_attr_fallback() helpers from all collection classes - Replace super(ClassName, self).__init__() → super().__init__() in all files - Remove # coding=utf-8 headers from all files - Fix remaining PURPLE_STYLE usages → "bold magenta" literal All 28 tool modules import cleanly. Zero local console instances remain. * Phase 6: Naming & structure cleanup - Rename tools/phising_attack.py → phishing_attack.py (fix typo) - Rename tools/information_gathering_tools.py → information_gathering.py - Rename tools/wireless_attack_tools.py → wireless_attack.py - Rename tools/forensic_tools.py → forensics.py - Rename tools/sql_tools.py → sql_injection.py - Rename tools/webattack.py → web_attack.py - Rename class autophisher → Autophisher (PEP-8 CapWords) - Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS" - Update all imports in hackingtool.py and exploit_frameworks.py * Phase 7: Tool install command fixes - Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga) - Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7) - Replace sudo git clone → git clone everywhere (no root needed for user tools dir) - Replace sudo pip install → pip install --user everywhere - Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest - Add apt -y flag to ReconSpider apt install * Phase 8: Mark archived tools and add SUPPORTED_OS flags - Remove stale sys.path.append hack from forensics.py (unused since package structure) - Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only) - Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts) - Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools - Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe * Phase 11: requirements.txt and Dockerfile cleanup - requirements.txt: remove boxes, lolcat (system CLI tools not pip packages), flask (unused), requests (unused at runtime); pin rich>=13.0.0 - Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance on Kali/Debian externally-managed Python environments) * Phase 13: Python 3 modernization and os.system cleanup - Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...) in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot), forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update) - Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print - Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print - Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form * Phase 13 (cont): Final os.system cleanup - anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form - tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True) (shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input) * Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools Mark bash-script and apt-dependent tools as linux-only so they are hidden automatically on macOS via _active_tools() filter in core.py: - phishing_attack.py: 14 tools (all bash-script based) - ddos.py: all 6 tools (Linux network stack required) - post_exploitation.py: Vegile, ChromeKeyLogger - payload_creator.py: all 7 tools (bash setup scripts) - exploit_frameworks.py: WebSploit (bash install) - reverse_engineering.py: Apk2Gold (bash build) - xss_attack.py: RVuln (Rust + apt deps) * Phase 10: Add modern tools across 6 categories Information Gathering (+7): theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx Web Attack (+6): Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana Wordlist/Password (+3): Hashcat, John the Ripper, haiti Wireless Attack (+3): Airgeddon, hcxdumptool, hcxtools Forensics (+2): Volatility3, Binwalk Post Exploitation (+1): pwncat-cs * Phase 12: Update README for v2.0.0 - Version badge: v1.2.0 -> v2.0.0 - Python badge: Python-3 -> Python-3.10+ - Add macOS to platform badge - Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes - Regenerate full tool list — 22 new tools marked with new - Fix docker build typo: 'docker buitl' -> 'docker build' - Add Requirements section (Python 3.10+, Go 1.21+, Ruby) - Remove stale 'To do' checklist and old Docker output block * Redesign README, templates, and update .github workflows README.md: - Modern centered header with full badge row - Stats banner: 17 categories, 150+ tools - What's new as a comparison table - Tool category table with per-category counts - Complete tool listing with star markers for new tools - Contributing section with enforced title formats for issues and PRs - Star History chart (Z4nzu/hackingtool) - Cleaned up Installation, Requirements, Social sections README_template.md: - Full redesign matching README.md layout - {{toc}} and {{tools}} placeholders preserved for generate_readme.py - Contributing section with title format rules embedded in template .github/ISSUE_TEMPLATE/bug_report.md: - Remove irrelevant browser/smartphone sections - Add tool name, category, error output, environment table .github/ISSUE_TEMPLATE/feature_request.md: - Tighten to 4 focused fields, note tool additions use separate template .github/ISSUE_TEMPLATE/tool_request.md (new): - Structured template for new tool suggestions - Required fields: name, URL, category, OS, install/run commands, reason - Enforced title format: [Tool Request] ToolName - Category .github/PULL_REQUEST_TEMPLATE.md (new): - PR checklist for new tool additions and other change types - Enforced title format: [New Tool] / [Fix] / [Improve] - All required class fields listed as checklist items .github/workflows/lint_python.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 (project requires 3.10+) - ruff target-version: py37 -> py310 - ruff --show-source -> --output-format=full (updated flag name) - Remove deprecated safety check command .github/workflows/test_install.yml: - actions/checkout v3 -> v4, setup-python v4 -> v5 - python-version: 3.x -> 3.12 - Replace fragile matrix of hard-coded menu numbers with two simple smoke tests: launch+quit, and navigate+back * Improve Dockerfile, docker-compose, add .dockerignore Dockerfile: - Add '# syntax=docker/dockerfile:1' to enable BuildKit features - Add LABEL metadata (OCI image spec) - Remove unused apt packages: sudo, python3-venv - Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds) - Add comments explaining each decision docker-compose.yml: - Remove deprecated 'version:' field (Compose v2 ignores it, shows warning) - Add 'image: hackingtool:latest' tag for clarity - Add 'restart: unless-stopped' for production service - Add 'hackingtool-dev' profile service with live source volume mount so dev workflow (edit without rebuild) is separate from default run - Clarify volume purpose in comments .dockerignore (new): - Exclude .git/, images/, __pycache__/, .github/, *.md, tests/ - Prevents multi-hundred-MB build context; dramatically reduces image size - Keeps layer cache more stable (README changes no longer bust COPY layer) README.md / README_template.md: - Replace single-line Docker snippet with 3-option step-by-step guide: Option A: docker run -it --rm (no Compose) Option B: docker compose up -d + exec (recommended) Option C: docker compose --profile dev (live source mount) - Add docker compose down / down -v stop instructions * Fix Docker sudo error, 99 back navigation, and empty input exit install.py: - sudo prefix now determined by euid (== 0 means root) not by OS name - Previously used 'sudo ' for all Linux — breaks inside Docker where we run as root but sudo is not installed - Single priv variable computed once at top of install_system_packages() Dockerfile: - Add python3-venv back to apt installs - Was removed as 'unused' but install.py uses 'python3 -m venv' to create the virtualenv in APP_INSTALL_DIR; missing package caused venv failure core.py (HackingTool.show_options + HackingToolsCollection.show_options): - 99 always returns now instead of sys.exit() when parent is None Previously: sub-menus with no parent called sys.exit() — since interact_menu() never passes parent, pressing 99 in any category exited the entire program instead of returning to the main menu - Empty Enter (blank input) now continues the loop instead of defaulting to "99" and triggering exit Previously: Prompt default="99" meant pressing Enter without typing anything was treated as choosing exit - "Exit" label on 99 row changed to "Main Menu" since it now returns * Restore Description column and 1-based numbering in collection menus HackingToolsCollection.show_options(): - Add Description column back (was dropped during restructure) - Show first line of description; '—' for tools with no description - Switch to box.SIMPLE_HEAD with show_lines=True for row separators - Numbering changed from 0-based to 1-based (index 1..N) - Input validation updated: 1 <= choice <= len(active) with active[choice-1] * Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help Header: - Replace 8-line pixelated ASCII logo with a compact 9-line styled panel - Shows tool name, version, repo URL, and legal warning in one block - Screen is now cleared inside build_menu() on each main menu render Menu layout: - Single narrow column → 2-column grid (9 left / 8 right) - Full terminal width is used; short display labels prevent truncation - tool_definitions gains a third field (menu_label) for the grid; full TITLE is still used when entering a category Numbering: - 0-based → 1-based throughout interact_menu() - ToolManager is item 18 (was mislabeled 99, conflicting with exit) - Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1] Commands: - Add ? / help → show Quick Help overlay (main/category/tool reference) - Add q / quit / exit → clean exit with goodbye message - Remove Confirm.ask("Return to main menu?") — pressing 99 in any sub-menu already returns here; the extra prompt was redundant friction - Ctrl+C still works as force quit Error messages updated to reflect new command set * Redesign header: hacker split-layout with ASCII art + live system info Replace compact text panel with a Metasploit-style split header: - Left: "HT" block-letter ASCII art in bright green - Vertical │ separator that runs the full height of the art block - Right: live system stats — os, kernel, user@host, ip, tool count, session time - Bottom: random hacker quote (10 options, changes on each launch) - Bottom: authorized-use warning in dim red - Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style) - Panel subtitle: '[ timestamp ]' right-aligned - Border: bright_magenta HEAVY box Live info gathered via platform, socket, os.getlogin() with fallbacks: - OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system() - IP: UDP connect trick (no data sent, gets local outbound IP) - User: os.getlogin() → USER env → LOGNAME env → 'root' * Redesign header: full HACKING TOOL art + ? and q in all sub-menus hackingtool.py: - Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters - Right side gains 3 more info lines: python version, arch, status - 12 art lines paired with 12 stat lines for consistent separator - Layout optimized for wide terminals (100+ chars); gracefully truncates on narrow ones core.py — ? and q support in all sub-menus: - Add _show_inline_help() function: compact navigation reference (1-N select, 99 back, 98 project page, ? help, q quit) - HackingTool.show_options(): parse ? → inline help, q → SystemExit - HackingToolsCollection.show_options(): same ? and q handling - Both menus now show hint bar: "Enter number · ? help · q quit" - Prompt changed from "[?] Select" to ">" for consistency with main menu - q/quit/exit raises SystemExit(0) to cleanly exit from any depth * Add install.sh one-liner and fix install.py to detect local source install.sh (new): - Standalone bash installer for curl | sudo bash one-liner - Detects package manager (apt-get, pacman, dnf, brew) - Installs prerequisites: git, python3, pip, venv - Checks Python >= 3.10 - Clones repo with --depth 1 (shallow, faster) - Creates venv + installs requirements - Creates /usr/bin/hackingtool launcher - Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER) install.py: - Add _is_source_dir() — detects if install.py is being run from a local clone (hackingtool.py exists alongside it) - install_source() replaces git_clone() — copies source to /usr/share/ instead of re-cloning when running from a local clone - Falls back to git clone --depth 1 when not in a source directory - Eliminates the redundant clone-after-clone pattern README.md / README_template.md: - Add one-liner install as primary method - Keep manual git clone + install.py as alternative - Remove sudo from hackingtool run command (launcher handles it) * Add 35 new tools across 3 new + 6 existing categories New categories: - tools/active_directory.py: BloodHound, NetExec (nxc), Impacket, Responder, Certipy, Kerbrute (6 tools) - tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools) - tools/mobile_security.py: MobSF, Frida, Objection (3 tools) Existing categories expanded: - information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4) - web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun, Caido, mitmproxy (7) - post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel, Evil-WinRM, Mythic (7) - reverse_engineering.py: +Ghidra, Radare2 (2) - forensics.py: +pspy (1) - wireless_attack.py: +Bettercap (1) hackingtool.py: - Import 3 new category modules - Add 3 new entries to tool_definitions (AD, Cloud, Mobile) - Add 3 new instances to all_tools list - Categories: 17 -> 20, total tools: 150+ -> 185+ - Help overlay updated for new range (1-20, 21=Update) * Feature: Search tools by name or keyword (/ or s) - Add _collect_all_tools() — walks all collections recursively and returns (tool_instance, category_name) pairs for 185 tools - Add search_tools() — prompts for query, matches against TITLE and DESCRIPTION (case-insensitive), shows results table with category, user selects a result number to jump directly into tool.show_options() - Wire / and s commands into interact_menu() - Add / search to help overlay and hint bar - Fix ToolManager row number: was hardcoded 18, now computed dynamically from len(categories) + 1 (currently 21) * Feature: Show installed status (✔/✘) next to each tool core.py: - Add is_installed property to HackingTool class Checks: (1) shutil.which() for binary from first RUN_COMMAND, (2) os.path.isdir() for git clone target directory Handles "cd foo && binary" and "sudo binary" patterns - Add status column to HackingToolsCollection.show_options() table ✔ (green) = installed, ✘ (dim) = not installed - Archived/back rows updated for extra column * Feature: Tag-based filtering with auto-derived tags (t command) core.py: - Add TAGS field to HackingTool class (list[str], default empty) - Allows manual tag override per tool hackingtool.py: - Add _get_all_tags() — builds tag index from 19 regex rules that auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2, web, cloud, mobile, wireless, forensics, reversing, etc.) - Manual TAGS on a tool class take priority over auto-derived - Add filter_by_tag() — shows all available tags with tool counts, user picks a tag, results shown with installed status, select to jump directly into tool.show_options() - Wire t/tag/tags/filter commands into interact_menu() - Search also matches against TAGS field - Updated hint bar: / search · t tags · ? help · q quit - Updated help overlay with tag filter entry * Feature: Install all tools in a category (option 97) HackingToolsCollection.show_options(): - Count not-installed tools using is_installed property - Show option 97 'Install all (N not installed)' when N > 0 - On select: iterates all not-installed tools, calls tool.install() with progress counter (1/N, 2/N, ...) and error handling per tool - Hidden when all tools are already installed - Updated inline help to mention option 97 * Feature: Update command for each tool (option 3 in tool menu) HackingTool: - Add update() method — detects install method from INSTALL_COMMANDS and runs the appropriate update: git clone → git -C <dir> pull pip install → pip install --upgrade go install → re-runs go install (fetches latest) gem install → gem update - Checks is_installed first; shows warning if not installed - Added as option 3 in every tool's OPTIONS menu (Install, Run, Update) * Feature: Tool recommendations — "I want to do X" (r command) - Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names: "scan a network" → scanner, "crack passwords" → bruteforce/credentials, "pentest active directory" → active-directory, "pivot through network" → network, etc. - Add recommend_tools() — shows numbered task list, user picks one, shows all matching tools with installed status, select to jump in - Wire r/rec/recommend into interact_menu() - Updated hint bar and help overlay * Update README with all new features, 3 new categories, 35 new tools - Stats banner: 17 → 20 categories, 150+ → 185+ tools - What's New table: add 10 new feature entries (search, tags, recommend, install status, install all, update, one-liner, new categories/tools) - Add Quick Commands reference table (/, t, r, ?, q, 97, 99) - Tool Categories table: add Active Directory, Cloud Security, Mobile Security rows; update tool counts for expanded categories - Add 3 new category sections: Active Directory Tools (6), Cloud Security Tools (4), Mobile Security Tools (3) with GitHub links - Mark all 35 new tools with ★ in their respective category sections * UI: Dual-line prompt and inline /query search Prompt style (all menus): - Replace bare '>' with '╰─>' connected to the hint bar above - Hint bar uses Claude CLI style: first letter highlighted in cyan, rest dimmed (/search tags recommend ?help quit) - Creates a visual dual-line input area similar to Claude Code CLI Inline search: - Typing /subdomain at the main prompt immediately searches and shows results — no second "enter query" prompt needed - / (bare slash) still opens the interactive search prompt - s still works as a search alias - search_tools() now accepts optional query parameter core.py sub-menus: - Same dual-line prompt style: hint bar + ╰─> - Compact hint: ?help quit 99 back * Fix is_installed crash on sub-collections (OtherTools) OtherTools.TOOLS contains HackingToolsCollection instances (like SocialMediaBruteforceTools) which don't have the is_installed property. - Guard is_installed access with hasattr() in both the status column and the not_installed count for Install All - Sub-collections show blank status; individual tools show ✔/✘ * Add Buy Me a Coffee link to README and FUNDING.yml - README.md: Add Support section with Buy Me a Coffee button above Social - .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu (enables GitHub Sponsor button on the repo page) * Feature: Open Folder option to manually access tool directory HackingTool: - Add _get_tool_dir() — finds the tool's local directory by checking: 1. Git clone target dir (from INSTALL_COMMANDS) 2. "cd foo && bar" pattern in RUN_COMMANDS 3. Binary location via shutil.which() → dirname - Add open_folder() — opens the tool's directory in a new shell ($SHELL) so the user can inspect files, run manual install steps, or debug If dir not found: shows a helpful message with git clone command - Added as option 4 in every tool menu (Install, Run, Update, Open Folder) - Updated inline help to mention the tool menu options * Add SVG logo and update README header images/logo.svg: - Terminal-style dark background with rounded corners - Red/yellow/green window dots (macOS style) - Green shield with skull & crossbones icon - "HACKING" in purple-to-pink gradient with glow - "TOOL" in hacker green with glow effect - Blinking cursor animation, binary numbers, corner brackets - Monospace font, 600x200 viewport README.md: - Replace plain # HackingTool heading with centered logo SVG * Redesign README with modern GitHub features Header: - for-the-badge style badges with logos and custom colors - Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms) - CTA buttons: Install Now, Quick Commands, Suggest a Tool What's New: - Wrapped in collapsible <details open> with icon-prefixed table rows - Each feature has an emoji icon for visual scanning Quick Commands: - Centered table with Works-in column showing scope Tool Categories: - 2-column table layout showing all 20 categories side by side - Wrapped in collapsible section Tool lists: - Every category wrapped in collapsible <details> sections - Keeps README scannable — users expand only what they need - New tools still marked with star Contributing: - Side-by-side table: Issue template left, PR template right Installation: - Side-by-side table: One-liner left, Manual right - Docker in collapsible section (not everyone needs it) Requirements: - Table format with version, dependency, and "needed for" columns Support/Social: - Centered layout with for-the-badge Twitter/GitHub follow buttons - Larger Buy Me a Coffee button * Redesign README header, add category emojis, left-align support Header: - Consolidate badges into 2 clean rows instead of 4 sparse rows - Row 1: flat-square badges (license, python, version, stars, forks, issues, last commit) — compact, inline, no awkward gaps - Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags, Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge - CTA buttons tightened with consistent spacing Category headings: - Add emoji to every ## category heading throughout the README (matching the index table emojis) Support section: - Left-aligned instead of centered - Social split into its own heading Also removes all <details>/<summary> collapse wrappers — all sections are plain visible as requested * Fix missing imports: subprocess in payload_creator, Table in wordlist_generator - payload_creator.py: add 'import subprocess' (used by TheFatRat methods) - wordlist_generator.py: add 'from rich.table import Table' (used by show_options) - Fixes 6 ruff F821 'Undefined name' errors * Fix codespell error: 'ags' flagged as misspelling in hint bar Restructure the hint bar string so shortcut letters and their labels are separate tokens ('t' + 'tags') instead of split across Rich markup tags ('t' + 'ags') which codespell flagged as a misspelling. * Fix 12 issues from Copilot PR review (#590) post_exploitation.py: - Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored) - Sliver: replace curl|sudo bash pipe with download-then-execute pattern ddos.py: - Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable) phishing_attack.py: - Rename class Evilginx2 -> Evilginx3 (installs v3 via go install) - Update instance in TOOLS list to match - Fix stale comment: wireless_attack_tools.py -> wireless_attack.py forensics.py: - Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS) tool_manager.py: - Skip sudo prefix when already root (os.geteuid() == 0), matching the pattern already used in install.py install.py: - Add chown -R root:root after cp -a to prevent git "dubious ownership" errors when the source clone has different ownership update.sh: - Add git config safe.directory before pull to prevent dubious ownership - Add --upgrade flag to pip install so dependencies actually update os_detect.py: - Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS, and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError) Skipped (not applicable): - #1 subprocess import: already fixed in prior commit - #11 Path.home() under sudo: by design (installer runs as root)
2026-03-15 14:33:08 +00:00
Your favourite tool is not listed? [Suggest it here](https://github.com/Z4nzu/hackingtool/issues/new?template=tool_request.md)
Reference in a new issue Copy permalink