diff --git a/hackingtool.py b/hackingtool.py index b9968f5..4cdd4dc 100755 --- a/hackingtool.py +++ b/hackingtool.py @@ -49,6 +49,9 @@ from tools.web_attack import WebAttackTools from tools.wireless_attack import WirelessAttackTools from tools.wordlist_generator import WordlistGeneratorTools from tools.xss_attack import XSSAttackTools +from tools.active_directory import ActiveDirectoryTools +from tools.cloud_security import CloudSecurityTools +from tools.mobile_security import MobileSecurityTools # ── Tool registry ────────────────────────────────────────────────────────────── @@ -72,6 +75,9 @@ tool_definitions = [ ("Remote Administrator Tools (RAT)", "🖥 ", "Remote Admin (RAT)"), ("XSS Attack Tools", "💥", "XSS Attack"), ("Steganography tools", "🖼 ", "Steganography"), + ("Active Directory Tools", "🏢", "Active Directory"), + ("Cloud Security Tools", "☁ ", "Cloud Security"), + ("Mobile Security Tools", "📱", "Mobile Security"), ("Other tools", "✨", "Other Tools"), ("Update or Uninstall | Hackingtool", "♻ ", "Update / Uninstall"), ] @@ -93,6 +99,9 @@ all_tools = [ RemoteAdministrationTools(), XSSAttackTools(), SteganographyTools(), + ActiveDirectoryTools(), + CloudSecurityTools(), + MobileSecurityTools(), OtherTools(), ToolManager(), ] @@ -110,8 +119,8 @@ def show_help(): Text.assemble( (" Main menu\n", "bold white"), (" ─────────────────────────────────────\n", "dim"), - (" 1–17 ", "bold cyan"), ("open a category\n", "white"), - (" 18 ", "bold cyan"), ("Update / Uninstall hackingtool\n", "white"), + (" 1–20 ", "bold cyan"), ("open a category\n", "white"), + (" 21 ", "bold cyan"), ("Update / Uninstall hackingtool\n", "white"), (" ? ", "bold cyan"), ("show this help\n", "white"), (" q ", "bold cyan"), ("quit hackingtool\n\n", "white"), (" Inside a category\n", "bold white"), @@ -210,7 +219,7 @@ def _build_header() -> Panel: (" kernel › ", info["kernel"][:34]), (" user › ", f"{info['user']} @ {info['host'][:20]}"), (" ip › ", info["ip"]), - (" tools › ", f"{len(all_tools)} categories · 150+ modules"), + (" tools › ", f"{len(all_tools)} categories · 185+ modules"), (" session › ", info["time"]), ("", ""), (" python › ", f"{sys.version_info.major}.{sys.version_info.minor}.{sys.version_info.micro}"), diff --git a/tools/active_directory.py b/tools/active_directory.py new file mode 100644 index 0000000..f1368e6 --- /dev/null +++ b/tools/active_directory.py @@ -0,0 +1,75 @@ +from core import HackingTool +from core import HackingToolsCollection + + +class BloodHound(HackingTool): + TITLE = "BloodHound (AD Attack Paths)" + DESCRIPTION = "Uses graph theory to reveal hidden attack paths in Active Directory/Azure environments." + INSTALL_COMMANDS = [ + "pip install --user bloodhound", + "sudo apt-get install -y neo4j", + ] + RUN_COMMANDS = ["bloodhound-python --help"] + PROJECT_URL = "https://github.com/BloodHoundAD/BloodHound" + SUPPORTED_OS = ["linux", "macos"] + + +class NetExec(HackingTool): + TITLE = "NetExec — nxc (Network Pentesting)" + DESCRIPTION = "Swiss army knife for pentesting Windows/AD networks. Successor to CrackMapExec." + INSTALL_COMMANDS = ["pip install --user netexec"] + RUN_COMMANDS = ["nxc --help"] + PROJECT_URL = "https://github.com/Pennyw0rth/NetExec" + SUPPORTED_OS = ["linux", "macos"] + + +class Impacket(HackingTool): + TITLE = "Impacket (Network Protocol Tools)" + DESCRIPTION = "Python classes for working with SMB, MSRPC, Kerberos, LDAP, and more." + INSTALL_COMMANDS = ["pip install --user impacket"] + RUN_COMMANDS = ["impacket-smbclient --help"] + PROJECT_URL = "https://github.com/fortra/impacket" + SUPPORTED_OS = ["linux", "macos"] + + +class Responder(HackingTool): + TITLE = "Responder (LLMNR/NBT-NS Poisoner)" + DESCRIPTION = "LLMNR/NBT-NS/MDNS poisoner with rogue authentication servers for credential capture." + INSTALL_COMMANDS = ["git clone https://github.com/lgandx/Responder.git"] + RUN_COMMANDS = ["cd Responder && sudo python3 Responder.py --help"] + PROJECT_URL = "https://github.com/lgandx/Responder" + SUPPORTED_OS = ["linux"] + + +class Certipy(HackingTool): + TITLE = "Certipy (AD Certificate Abuse)" + DESCRIPTION = "Active Directory Certificate Services enumeration and abuse tool." + INSTALL_COMMANDS = ["pip install --user certipy-ad"] + RUN_COMMANDS = ["certipy --help"] + PROJECT_URL = "https://github.com/ly4k/Certipy" + SUPPORTED_OS = ["linux", "macos"] + + +class Kerbrute(HackingTool): + TITLE = "Kerbrute (Kerberos Brute Force)" + DESCRIPTION = "Kerberos pre-auth brute-forcer for username enumeration and password spraying." + REQUIRES_GO = True + INSTALL_COMMANDS = [ + "go install github.com/ropnop/kerbrute@latest", + ] + RUN_COMMANDS = ["kerbrute --help"] + PROJECT_URL = "https://github.com/ropnop/kerbrute" + SUPPORTED_OS = ["linux", "macos"] + + +class ActiveDirectoryTools(HackingToolsCollection): + TITLE = "Active Directory Tools" + DESCRIPTION = "Tools for AD enumeration, attack path discovery, and credential attacks." + TOOLS = [ + BloodHound(), + NetExec(), + Impacket(), + Responder(), + Certipy(), + Kerbrute(), + ] \ No newline at end of file diff --git a/tools/cloud_security.py b/tools/cloud_security.py new file mode 100644 index 0000000..adbc738 --- /dev/null +++ b/tools/cloud_security.py @@ -0,0 +1,51 @@ +from core import HackingTool +from core import HackingToolsCollection + + +class Prowler(HackingTool): + TITLE = "Prowler (Cloud Security Scanner)" + DESCRIPTION = "Open-source security tool for AWS, Azure, GCP, and Kubernetes assessments." + INSTALL_COMMANDS = ["pip install --user prowler"] + RUN_COMMANDS = ["prowler --help"] + PROJECT_URL = "https://github.com/prowler-cloud/prowler" + SUPPORTED_OS = ["linux", "macos"] + + +class ScoutSuite(HackingTool): + TITLE = "ScoutSuite (Multi-Cloud Auditing)" + DESCRIPTION = "Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba, and Oracle." + INSTALL_COMMANDS = ["pip install --user scoutsuite"] + RUN_COMMANDS = ["scout --help"] + PROJECT_URL = "https://github.com/nccgroup/ScoutSuite" + SUPPORTED_OS = ["linux", "macos"] + + +class Pacu(HackingTool): + TITLE = "Pacu (AWS Exploitation Framework)" + DESCRIPTION = "AWS exploitation framework for offensive security testing of AWS environments." + INSTALL_COMMANDS = ["pip install --user pacu"] + RUN_COMMANDS = ["pacu --help"] + PROJECT_URL = "https://github.com/RhinoSecurityLabs/pacu" + SUPPORTED_OS = ["linux", "macos"] + + +class Trivy(HackingTool): + TITLE = "Trivy (Container/K8s Scanner)" + DESCRIPTION = "Comprehensive vulnerability scanner for containers, Kubernetes, IaC, and code." + INSTALL_COMMANDS = [ + "curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin", + ] + RUN_COMMANDS = ["trivy --help"] + PROJECT_URL = "https://github.com/aquasecurity/trivy" + SUPPORTED_OS = ["linux", "macos"] + + +class CloudSecurityTools(HackingToolsCollection): + TITLE = "Cloud Security Tools" + DESCRIPTION = "Tools for cloud infrastructure security assessment and exploitation." + TOOLS = [ + Prowler(), + ScoutSuite(), + Pacu(), + Trivy(), + ] diff --git a/tools/forensics.py b/tools/forensics.py index 8a51507..442564d 100644 --- a/tools/forensics.py +++ b/tools/forensics.py @@ -128,6 +128,18 @@ class Binwalk(HackingTool): PROJECT_URL = "https://github.com/ReFirmLabs/binwalk" +class Pspy(HackingTool): + TITLE = "pspy (Process Monitor — No Root)" + DESCRIPTION = "Monitor Linux processes without root — detects cron jobs, scheduled tasks, other users' commands." + INSTALL_COMMANDS = [ + "curl -sSL https://github.com/DominicBreuker/pspy/releases/latest/download/pspy64 -o pspy", + "chmod +x pspy", + ] + RUN_COMMANDS = ["./pspy --help"] + PROJECT_URL = "https://github.com/DominicBreuker/pspy" + SUPPORTED_OS = ["linux"] + + class ForensicTools(HackingToolsCollection): TITLE = "Forensic tools" TOOLS = [ @@ -138,6 +150,7 @@ class ForensicTools(HackingToolsCollection): Toolsley(), Volatility3(), Binwalk(), + Pspy(), ] if __name__ == "__main__": diff --git a/tools/information_gathering.py b/tools/information_gathering.py index 62a8e1a..e773839 100644 --- a/tools/information_gathering.py +++ b/tools/information_gathering.py @@ -306,6 +306,44 @@ class Httpx(HackingTool): PROJECT_URL = "https://github.com/projectdiscovery/httpx" +class SpiderFoot(HackingTool): + TITLE = "SpiderFoot (OSINT Automation)" + DESCRIPTION = "Automates OSINT collection for threat intelligence and attack surface mapping." + INSTALL_COMMANDS = ["pip install --user spiderfoot"] + RUN_COMMANDS = ["spiderfoot -h"] + PROJECT_URL = "https://github.com/smicallef/spiderfoot" + + +class Subfinder(HackingTool): + TITLE = "Subfinder (Subdomain Enumeration)" + DESCRIPTION = "Fast passive subdomain enumeration using multiple sources." + REQUIRES_GO = True + INSTALL_COMMANDS = [ + "go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest", + ] + RUN_COMMANDS = ["subfinder -h"] + PROJECT_URL = "https://github.com/projectdiscovery/subfinder" + + +class TruffleHog(HackingTool): + TITLE = "TruffleHog (Secret Scanner)" + DESCRIPTION = "Find, verify, and analyze leaked credentials across git repos, S3 buckets, filesystems." + INSTALL_COMMANDS = ["pip install --user trufflehog"] + RUN_COMMANDS = ["trufflehog --help"] + PROJECT_URL = "https://github.com/trufflesecurity/trufflehog" + + +class Gitleaks(HackingTool): + TITLE = "Gitleaks (Git Secret Scanner)" + DESCRIPTION = "Fast secret scanner for git repos — detects hardcoded passwords, API keys, tokens." + REQUIRES_GO = True + INSTALL_COMMANDS = [ + "go install github.com/gitleaks/gitleaks/v8@latest", + ] + RUN_COMMANDS = ["gitleaks --help"] + PROJECT_URL = "https://github.com/gitleaks/gitleaks" + + class InformationGatheringTools(HackingToolsCollection): TITLE = "Information gathering tools" TOOLS = [ @@ -331,6 +369,10 @@ class InformationGatheringTools(HackingToolsCollection): Holehe(), Maigret(), Httpx(), + SpiderFoot(), + Subfinder(), + TruffleHog(), + Gitleaks(), ] if __name__ == "__main__": diff --git a/tools/mobile_security.py b/tools/mobile_security.py new file mode 100644 index 0000000..ee9518f --- /dev/null +++ b/tools/mobile_security.py @@ -0,0 +1,42 @@ +from core import HackingTool +from core import HackingToolsCollection + + +class MobSF(HackingTool): + TITLE = "MobSF (Mobile Security Framework)" + DESCRIPTION = "All-in-one mobile app pentesting, malware analysis, and security assessment." + INSTALL_COMMANDS = [ + "git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git", + "cd Mobile-Security-Framework-MobSF && ./setup.sh", + ] + RUN_COMMANDS = ["cd Mobile-Security-Framework-MobSF && ./run.sh"] + PROJECT_URL = "https://github.com/MobSF/Mobile-Security-Framework-MobSF" + SUPPORTED_OS = ["linux", "macos"] + + +class Frida(HackingTool): + TITLE = "Frida (Dynamic Instrumentation)" + DESCRIPTION = "Dynamic instrumentation toolkit for runtime hooking on Android, iOS, Windows, macOS, Linux." + INSTALL_COMMANDS = ["pip install --user frida-tools"] + RUN_COMMANDS = ["frida --help"] + PROJECT_URL = "https://github.com/frida/frida" + SUPPORTED_OS = ["linux", "macos"] + + +class Objection(HackingTool): + TITLE = "Objection (Mobile Runtime Exploration)" + DESCRIPTION = "Runtime mobile exploration toolkit powered by Frida — no jailbreak/root required." + INSTALL_COMMANDS = ["pip install --user objection"] + RUN_COMMANDS = ["objection --help"] + PROJECT_URL = "https://github.com/sensepost/objection" + SUPPORTED_OS = ["linux", "macos"] + + +class MobileSecurityTools(HackingToolsCollection): + TITLE = "Mobile Security Tools" + DESCRIPTION = "Tools for Android/iOS application security testing and analysis." + TOOLS = [ + MobSF(), + Frida(), + Objection(), + ] \ No newline at end of file diff --git a/tools/post_exploitation.py b/tools/post_exploitation.py index 2591fa0..8e7d0d0 100644 --- a/tools/post_exploitation.py +++ b/tools/post_exploitation.py @@ -54,12 +54,100 @@ class PwncatCS(HackingTool): PROJECT_URL = "https://github.com/calebstewart/pwncat" +class Sliver(HackingTool): + TITLE = "Sliver (C2 Framework)" + DESCRIPTION = "Cross-platform adversary emulation/red team C2 framework — mTLS, HTTP(S), DNS, WireGuard." + INSTALL_COMMANDS = [ + "curl https://sliver.sh/install | sudo bash", + ] + RUN_COMMANDS = ["sliver --help"] + PROJECT_URL = "https://github.com/BishopFox/sliver" + SUPPORTED_OS = ["linux", "macos"] + + +class Havoc(HackingTool): + TITLE = "Havoc (C2 Framework)" + DESCRIPTION = "Modern post-exploitation C2 framework with EDR evasion. Cobalt Strike alternative." + INSTALL_OS = ["linux"] + INSTALL_COMMANDS = [ + "git clone https://github.com/HavocFramework/Havoc.git", + "cd Havoc && make", + ] + RUN_COMMANDS = ["cd Havoc && ./havoc --help"] + PROJECT_URL = "https://github.com/HavocFramework/Havoc" + SUPPORTED_OS = ["linux"] + + +class PEASSng(HackingTool): + TITLE = "PEASS-ng — LinPEAS/WinPEAS (Priv Esc)" + DESCRIPTION = "Privilege escalation enumeration scripts for Linux and Windows." + INSTALL_COMMANDS = [ + "curl -sSL https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh -o linpeas.sh", + "chmod +x linpeas.sh", + ] + RUN_COMMANDS = ["./linpeas.sh --help"] + PROJECT_URL = "https://github.com/peass-ng/PEASS-ng" + + +class LigoloNg(HackingTool): + TITLE = "Ligolo-ng (Tunneling/Pivoting)" + DESCRIPTION = "Advanced tunneling/pivoting tool using TUN interfaces — no SOCKS needed." + REQUIRES_GO = True + INSTALL_COMMANDS = [ + "go install github.com/nicocha30/ligolo-ng@latest", + ] + RUN_COMMANDS = ["ligolo-ng --help"] + PROJECT_URL = "https://github.com/nicocha30/ligolo-ng" + SUPPORTED_OS = ["linux", "macos"] + + +class ChiselTunnel(HackingTool): + TITLE = "Chisel (HTTP Tunnel)" + DESCRIPTION = "Fast TCP/UDP tunnel over HTTP, secured via SSH — pivoting and port forwarding." + REQUIRES_GO = True + INSTALL_COMMANDS = [ + "go install github.com/jpillora/chisel@latest", + ] + RUN_COMMANDS = ["chisel --help"] + PROJECT_URL = "https://github.com/jpillora/chisel" + + +class EvilWinRM(HackingTool): + TITLE = "Evil-WinRM (Windows Remote Shell)" + DESCRIPTION = "Ultimate WinRM shell for hacking/pentesting Windows machines." + REQUIRES_RUBY = True + INSTALL_COMMANDS = ["gem install evil-winrm"] + RUN_COMMANDS = ["evil-winrm --help"] + PROJECT_URL = "https://github.com/Hackplayers/evil-winrm" + SUPPORTED_OS = ["linux"] + + +class Mythic(HackingTool): + TITLE = "Mythic (C2 Platform)" + DESCRIPTION = "Collaborative, multi-payload C2 platform designed for red team operations." + REQUIRES_DOCKER = True + INSTALL_COMMANDS = [ + "git clone https://github.com/its-a-feature/Mythic.git", + "cd Mythic && sudo make", + ] + RUN_COMMANDS = ["cd Mythic && sudo ./mythic-cli start"] + PROJECT_URL = "https://github.com/its-a-feature/Mythic" + SUPPORTED_OS = ["linux"] + + class PostExploitationTools(HackingToolsCollection): TITLE = "Post exploitation tools" TOOLS = [ Vegile(), ChromeKeyLogger(), PwncatCS(), + Sliver(), + Havoc(), + PEASSng(), + LigoloNg(), + ChiselTunnel(), + EvilWinRM(), + Mythic(), ] if __name__ == "__main__": diff --git a/tools/reverse_engineering.py b/tools/reverse_engineering.py index fc898c3..588df80 100644 --- a/tools/reverse_engineering.py +++ b/tools/reverse_engineering.py @@ -52,12 +52,38 @@ class Jadx(HackingTool): super().__init__(runnable=False) +class Ghidra(HackingTool): + TITLE = "Ghidra (NSA Reverse Engineering)" + DESCRIPTION = "NSA's software reverse engineering framework — disassembly, decompilation, scripting." + REQUIRES_JAVA = True + INSTALL_COMMANDS = [ + "sudo apt-get install -y ghidra || echo 'Download from https://ghidra-sre.org/'", + ] + RUN_COMMANDS = ["ghidra --help || echo 'Run: ghidraRun'"] + PROJECT_URL = "https://github.com/NationalSecurityAgency/ghidra" + SUPPORTED_OS = ["linux", "macos"] + + +class Radare2(HackingTool): + TITLE = "Radare2 (RE Framework)" + DESCRIPTION = "Portable UNIX-like reverse engineering framework and command-line toolset." + INSTALL_COMMANDS = [ + "git clone https://github.com/radareorg/radare2.git", + "cd radare2 && sys/install.sh", + ] + RUN_COMMANDS = ["r2 -h"] + PROJECT_URL = "https://github.com/radareorg/radare2" + SUPPORTED_OS = ["linux", "macos"] + + class ReverseEngineeringTools(HackingToolsCollection): TITLE = "Reverse engineering tools" TOOLS = [ AndroGuard(), Apk2Gold(), - Jadx() + Jadx(), + Ghidra(), + Radare2(), ] if __name__ == "__main__": diff --git a/tools/web_attack.py b/tools/web_attack.py index ca8e2b6..9b421c3 100644 --- a/tools/web_attack.py +++ b/tools/web_attack.py @@ -193,6 +193,67 @@ class Katana(HackingTool): PROJECT_URL = "https://github.com/projectdiscovery/katana" +class Gobuster(HackingTool): + TITLE = "Gobuster (Dir/DNS/Vhost Brute Force)" + DESCRIPTION = "Directory/file, DNS, and vhost brute-forcing tool written in Go." + REQUIRES_GO = True + INSTALL_COMMANDS = ["go install github.com/OJ/gobuster/v3@latest"] + RUN_COMMANDS = ["gobuster --help"] + PROJECT_URL = "https://github.com/OJ/gobuster" + + +class Dirsearch(HackingTool): + TITLE = "Dirsearch (Web Path Discovery)" + DESCRIPTION = "Web path brute-forcing tool for discovering directories and files on web servers." + INSTALL_COMMANDS = ["pip install --user dirsearch"] + RUN_COMMANDS = ["dirsearch --help"] + PROJECT_URL = "https://github.com/maurosoria/dirsearch" + + +class OwaspZap(HackingTool): + TITLE = "OWASP ZAP (Web App Scanner)" + DESCRIPTION = "Full-featured web application security scanner — proxy, spider, fuzzer, scanner." + SUPPORTED_OS = ["linux"] + INSTALL_COMMANDS = ["sudo apt-get install -y zaproxy"] + RUN_COMMANDS = ["zaproxy --help"] + PROJECT_URL = "https://github.com/zaproxy/zaproxy" + + +class TestSSL(HackingTool): + TITLE = "testssl.sh (TLS/SSL Checker)" + DESCRIPTION = "Check TLS/SSL ciphers, protocols, and cryptographic flaws on any port." + INSTALL_COMMANDS = ["git clone https://github.com/drwetter/testssl.sh.git"] + RUN_COMMANDS = ["cd testssl.sh && ./testssl.sh --help"] + PROJECT_URL = "https://github.com/drwetter/testssl.sh" + + +class Arjun(HackingTool): + TITLE = "Arjun (HTTP Parameter Discovery)" + DESCRIPTION = "HTTP parameter discovery suite that finds hidden GET/POST parameters." + INSTALL_COMMANDS = ["pip install --user arjun"] + RUN_COMMANDS = ["arjun --help"] + PROJECT_URL = "https://github.com/s0md3v/Arjun" + + +class Caido(HackingTool): + TITLE = "Caido (Web Security Auditing)" + DESCRIPTION = "Lightweight, modern web security auditing toolkit — Burp Suite alternative written in Rust." + INSTALL_COMMANDS = [ + "curl -sSL https://caido.download/releases/latest/caido-cli-linux-x86_64.tar.gz | sudo tar xz -C /usr/local/bin", + ] + RUN_COMMANDS = ["caido --help"] + PROJECT_URL = "https://github.com/caido/caido" + SUPPORTED_OS = ["linux", "macos"] + + +class Mitmproxy(HackingTool): + TITLE = "mitmproxy (Intercepting Proxy)" + DESCRIPTION = "Interactive TLS-capable intercepting HTTP proxy for pentesters and developers." + INSTALL_COMMANDS = ["pip install --user mitmproxy"] + RUN_COMMANDS = ["mitmproxy --version"] + PROJECT_URL = "https://github.com/mitmproxy/mitmproxy" + + class WebAttackTools(HackingToolsCollection): TITLE = "Web Attack tools" DESCRIPTION = "" @@ -210,6 +271,13 @@ class WebAttackTools(HackingToolsCollection): Nikto(), Wafw00f(), Katana(), + Gobuster(), + Dirsearch(), + OwaspZap(), + TestSSL(), + Arjun(), + Caido(), + Mitmproxy(), ] if __name__ == "__main__": diff --git a/tools/wireless_attack.py b/tools/wireless_attack.py index 8fbff09..1c6c177 100644 --- a/tools/wireless_attack.py +++ b/tools/wireless_attack.py @@ -200,6 +200,15 @@ class Hcxtools(HackingTool): PROJECT_URL = "https://github.com/ZerBea/hcxtools" +class Bettercap(HackingTool): + TITLE = "Bettercap (Network/WiFi/BLE MITM)" + DESCRIPTION = "Swiss army knife for WiFi, BLE, HID, and Ethernet network recon and MITM attacks." + SUPPORTED_OS = ["linux"] + INSTALL_COMMANDS = ["sudo apt-get install -y bettercap"] + RUN_COMMANDS = ["sudo bettercap --help"] + PROJECT_URL = "https://github.com/bettercap/bettercap" + + class WirelessAttackTools(HackingToolsCollection): TITLE = "Wireless attack tools" TOOLS = [ @@ -215,6 +224,7 @@ class WirelessAttackTools(HackingToolsCollection): Airgeddon(), Hcxdumptool(), Hcxtools(), + Bettercap(), ]