Elgato_dark/hackingtool
1
0
Fork 0
mirror of https://github.com/Z4nzu/hackingtool synced 2026-05-23 08:58:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities

Browse source
This commit is contained in:
Hardik Zinzuvadiya 2026-03-15 13:54:03 +05:30
parent 6a32c8ac05
commit a46f01005b
19 changed files with 586 additions and 791 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
Dockerfile
View file

@ -1,12 +1,20 @@
FROM kalilinux/kali-rolling:latest
RUN apt-get update && \
apt-get install -y git python3-pip figlet sudo && \
apt-get install -y boxes php curl xdotool wget
apt-get install -y --no-install-recommends \
git python3-pip python3-venv sudo curl wget php && \
rm -rf /var/lib/apt/lists/*
WORKDIR /root/hackingtool
COPY requirements.txt ./
RUN pip3 install --no-cache-dir boxes flask lolcat requests -r requirements.txt
# Bug 21 fix: boxes/lolcat/flask are NOT pip packages — removed
RUN pip3 install --no-cache-dir -r requirements.txt
COPY . .
RUN true && echo "/root/hackingtool/" > /home/hackingtoolpath.txt;
EXPOSE 1-65535
ENTRYPOINT ["python3", "/root/hackingtool/hackingtool.py"]
# Bug 20 fix: path file must be in /root/ not /home/ (running as root in Docker)
RUN mkdir -p /root/.hackingtool/tools
# Vuln 3 fix: removed EXPOSE 1-65535 — this tool is a CLI, not a server
ENTRYPOINT ["python3", "/root/hackingtool/hackingtool.py"]

326
core.py
View file

@ -1,20 +1,37 @@
from rich.console import Console
from rich.panel import Panel
from rich.table import Table
from rich import box
from rich.traceback import install
from rich.theme import Theme
import os
import sys
import webbrowser
from collections.abc import Callable
from platform import system
from traceback import print_exc
from typing import Callable, List, Tuple
# Enable rich tracebacks
from rich import box
from rich.console import Console
from rich.panel import Panel
from rich.prompt import Prompt
from rich.table import Table
from rich.theme import Theme
from rich.traceback import install
from constants import (
THEME_PRIMARY, THEME_BORDER, THEME_ACCENT,
THEME_SUCCESS, THEME_ERROR, THEME_WARNING,
THEME_DIM, THEME_ARCHIVED, THEME_URL,
)
# Enable rich tracebacks globally
install()
_theme = Theme({"purple": "#7B61FF"})
_theme = Theme({
"purple": "#7B61FF",
"success": THEME_SUCCESS,
"error": THEME_ERROR,
"warning": THEME_WARNING,
"archived": THEME_ARCHIVED,
"url": THEME_URL,
"dim": THEME_DIM,
})
# Single shared console — all tool files do: from core import console
console = Console(theme=_theme)
@ -22,95 +39,118 @@ def clear_screen():
os.system("cls" if system() == "Windows" else "clear")
def validate_input(ip, val_range):
val_range = val_range or []
def validate_input(ip, val_range: list) -> int | None:
"""Return the integer if it is in val_range, else None."""
if not val_range:
return None
try:
ip = int(ip)
if ip in val_range:
return ip
except Exception:
return None
except (TypeError, ValueError):
pass
return None
class HackingTool(object):
TITLE: str = ""
DESCRIPTION: str = ""
INSTALL_COMMANDS: List[str] = []
INSTALLATION_DIR: str = ""
UNINSTALL_COMMANDS: List[str] = []
RUN_COMMANDS: List[str] = []
OPTIONS: List[Tuple[str, Callable]] = []
PROJECT_URL: str = ""
class HackingTool:
TITLE: str = ""
DESCRIPTION: str = ""
INSTALL_COMMANDS: list[str] = []
UNINSTALL_COMMANDS: list[str] = []
RUN_COMMANDS: list[str] = []
OPTIONS: list[tuple[str, Callable]] = []
PROJECT_URL: str = ""
# OS / capability metadata
SUPPORTED_OS: list[str] = ["linux", "macos"]
REQUIRES_ROOT: bool = False
REQUIRES_WIFI: bool = False
REQUIRES_GO: bool = False
REQUIRES_RUBY: bool = False
REQUIRES_JAVA: bool = False
REQUIRES_DOCKER: bool = False
# Archived tool flags
ARCHIVED: bool = False
ARCHIVED_REASON: str = ""
def __init__(self, options=None, installable=True, runnable=True):
options = options or []
if isinstance(options, list):
self.OPTIONS = []
if installable:
self.OPTIONS.append(("Install", self.install))
if runnable:
self.OPTIONS.append(("Run", self.run))
self.OPTIONS.extend(options)
else:
raise Exception("options must be a list of (option_name, option_fn) tuples")
if not isinstance(options, list):
raise TypeError("options must be a list of (option_name, option_fn) tuples")
self.OPTIONS = []
if installable:
self.OPTIONS.append(("Install", self.install))
if runnable:
self.OPTIONS.append(("Run", self.run))
self.OPTIONS.extend(options)
def show_info(self):
desc = f"[cyan]{self.DESCRIPTION}[/cyan]"
if self.PROJECT_URL:
desc += f"\n[green]🔗 {self.PROJECT_URL}[/green]"
console.print(Panel(desc, title=f"[bold purple]{self.TITLE}[/bold purple]", border_style="purple", box=box.DOUBLE))
desc += f"\n[url]🔗 {self.PROJECT_URL}[/url]"
if self.ARCHIVED:
desc += f"\n[archived]⚠ ARCHIVED: {self.ARCHIVED_REASON}[/archived]"
console.print(Panel(
desc,
title=f"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]",
border_style="purple",
box=box.DOUBLE,
))
def show_options(self, parent=None):
clear_screen()
self.show_info()
"""Iterative menu loop — no recursion, no stack growth."""
while True:
clear_screen()
self.show_info()
table = Table(title="Options", box=box.SIMPLE_HEAVY)
table.add_column("No.", style="bold cyan", justify="center")
table.add_column("Action", style="bold yellow")
table = Table(title="Options", box=box.SIMPLE_HEAVY)
table.add_column("No.", style="bold cyan", justify="center")
table.add_column("Action", style="bold yellow")
for index, option in enumerate(self.OPTIONS):
table.add_row(str(index + 1), option[0])
for index, option in enumerate(self.OPTIONS):
table.add_row(str(index + 1), option[0])
if self.PROJECT_URL:
table.add_row("98", "Open Project Page")
table.add_row("99", f"Back to {parent.TITLE if parent else 'Exit'}")
if self.PROJECT_URL:
table.add_row("98", "Open Project Page")
table.add_row("99", f"Back to {parent.TITLE if parent else 'Exit'}")
console.print(table)
console.print(table)
raw = Prompt.ask("\n[bold cyan][?] Select an option[/bold cyan]", default="99")
try:
choice = int(raw)
except ValueError:
console.print("[error]⚠ Please enter a number.[/error]")
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
continue
option_index = input("\n[?] Select an option: ").strip()
try:
option_index = int(option_index)
if option_index - 1 in range(len(self.OPTIONS)):
ret_code = self.OPTIONS[option_index - 1][1]()
if ret_code != 99:
input("\nPress [Enter] to continue...")
elif option_index == 98:
self.show_project_page()
elif option_index == 99:
if choice == 99:
if parent is None:
sys.exit()
return 99
except (TypeError, ValueError):
console.print("[red]⚠ Please enter a valid option.[/red]")
input("\nPress [Enter] to continue...")
except Exception:
console.print_exception(show_locals=True)
input("\nPress [Enter] to continue...")
return self.show_options(parent=parent)
elif choice == 98 and self.PROJECT_URL:
self.show_project_page()
elif 1 <= choice <= len(self.OPTIONS):
try:
self.OPTIONS[choice - 1][1]()
except Exception:
console.print_exception(show_locals=True)
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
else:
console.print("[error]⚠ Invalid option.[/error]")
def before_install(self): pass
def install(self):
self.before_install()
if isinstance(self.INSTALL_COMMANDS, (list, tuple)):
for INSTALL_COMMAND in self.INSTALL_COMMANDS:
console.print(f"[yellow]→ {INSTALL_COMMAND}[/yellow]")
os.system(INSTALL_COMMAND)
self.after_install()
for cmd in self.INSTALL_COMMANDS:
console.print(f"[warning]→ {cmd}[/warning]")
os.system(cmd)
self.after_install()
def after_install(self):
console.print("[green]✔ Successfully installed![/green]")
console.print("[success]✔ Successfully installed![/success]")
def before_uninstall(self) -> bool:
return True
@ -118,10 +158,10 @@ class HackingTool(object):
def uninstall(self):
if self.before_uninstall():
if isinstance(self.UNINSTALL_COMMANDS, (list, tuple)):
for UNINSTALL_COMMAND in self.UNINSTALL_COMMANDS:
console.print(f"[red]→ {UNINSTALL_COMMAND}[/red]")
os.system(UNINSTALL_COMMAND)
self.after_uninstall()
for cmd in self.UNINSTALL_COMMANDS:
console.print(f"[error]→ {cmd}[/error]")
os.system(cmd)
self.after_uninstall()
def after_uninstall(self): pass
@ -130,63 +170,129 @@ class HackingTool(object):
def run(self):
self.before_run()
if isinstance(self.RUN_COMMANDS, (list, tuple)):
for RUN_COMMAND in self.RUN_COMMANDS:
console.print(f"[cyan]⚙ Running:[/cyan] [bold]{RUN_COMMAND}[/bold]")
os.system(RUN_COMMAND)
self.after_run()
for cmd in self.RUN_COMMANDS:
console.print(f"[cyan]⚙ Running:[/cyan] [bold]{cmd}[/bold]")
os.system(cmd)
self.after_run()
def after_run(self): pass
def is_installed(self, dir_to_check=None):
console.print("[yellow]⚠ Unimplemented: DO NOT USE[/yellow]")
return "?"
def show_project_page(self):
console.print(f"[blue]🌐 Opening project page: {self.PROJECT_URL}[/blue]")
console.print(f"[url]🌐 Opening: {self.PROJECT_URL}[/url]")
webbrowser.open_new_tab(self.PROJECT_URL)
class HackingToolsCollection(object):
TITLE: str = ""
class HackingToolsCollection:
TITLE: str = ""
DESCRIPTION: str = ""
TOOLS: List = []
TOOLS: list = []
def __init__(self):
pass
def show_info(self):
console.rule(f"[bold purple]{self.TITLE}[/bold purple]", style="purple")
console.print(f"[italic cyan]{self.DESCRIPTION}[/italic cyan]\n")
console.rule(f"[{THEME_PRIMARY}]{self.TITLE}[/{THEME_PRIMARY}]", style="purple")
if self.DESCRIPTION:
console.print(f"[italic cyan]{self.DESCRIPTION}[/italic cyan]\n")
def _active_tools(self) -> list:
"""Return tools that are not archived and are OS-compatible."""
from os_detect import CURRENT_OS
return [
t for t in self.TOOLS
if not getattr(t, "ARCHIVED", False)
and CURRENT_OS.system in getattr(t, "SUPPORTED_OS", ["linux", "macos"])
]
def _archived_tools(self) -> list:
return [t for t in self.TOOLS if getattr(t, "ARCHIVED", False)]
def _incompatible_tools(self) -> list:
from os_detect import CURRENT_OS
return [
t for t in self.TOOLS
if not getattr(t, "ARCHIVED", False)
and CURRENT_OS.system not in getattr(t, "SUPPORTED_OS", ["linux", "macos"])
]
def _show_archived_tools(self):
"""Show archived tools sub-menu (option 98)."""
archived = self._archived_tools()
if not archived:
console.print("[dim]No archived tools in this category.[/dim]")
Prompt.ask("[dim]Press Enter to return[/dim]", default="")
return
while True:
clear_screen()
console.rule(f"[archived]Archived Tools — {self.TITLE}[/archived]", style="yellow")
table = Table(box=box.MINIMAL_DOUBLE_HEAD, show_lines=True)
table.add_column("No.", justify="center", style="bold yellow")
table.add_column("Tool", style="dim yellow")
table.add_column("Reason", style="dim white")
for i, tool in enumerate(archived):
reason = getattr(tool, "ARCHIVED_REASON", "No reason given")
table.add_row(str(i + 1), tool.TITLE, reason)
table.add_row("99", "Back", "")
console.print(table)
raw = Prompt.ask("[bold yellow][?] Select[/bold yellow]", default="99")
try:
choice = int(raw)
except ValueError:
continue
if choice == 99:
return
elif 1 <= choice <= len(archived):
archived[choice - 1].show_options(parent=self)
def show_options(self, parent=None):
clear_screen()
self.show_info()
"""Iterative menu loop — no recursion, no stack growth."""
while True:
clear_screen()
self.show_info()
table = Table(title="Available Tools", box=box.MINIMAL_DOUBLE_HEAD)
table.add_column("No.", justify="center", style="bold cyan")
table.add_column("Tool Name", style="bold yellow")
active = self._active_tools()
incompatible = self._incompatible_tools()
archived = self._archived_tools()
for index, tool in enumerate(self.TOOLS):
table.add_row(str(index), tool.TITLE)
table = Table(title="Available Tools", box=box.MINIMAL_DOUBLE_HEAD)
table.add_column("No.", justify="center", style="bold cyan")
table.add_column("Tool", style="bold yellow")
table.add_row("99", f"Back to {parent.TITLE if parent else 'Exit'}")
console.print(table)
for index, tool in enumerate(active):
table.add_row(str(index), tool.TITLE)
tool_index = input("\n[?] Choose a tool: ").strip()
try:
tool_index = int(tool_index)
if tool_index in range(len(self.TOOLS)):
ret_code = self.TOOLS[tool_index].show_options(parent=self)
if ret_code != 99:
input("\nPress [Enter] to continue...")
elif tool_index == 99:
if archived:
table.add_row("[dim]98[/dim]", f"[archived]Archived tools ({len(archived)})[/archived]")
if incompatible:
console.print(f"[dim]({len(incompatible)} tools hidden — not supported on current OS)[/dim]")
table.add_row("99", f"Back to {parent.TITLE if parent else 'Exit'}")
console.print(table)
raw = Prompt.ask("\n[bold cyan][?] Choose a tool[/bold cyan]", default="99")
try:
choice = int(raw)
except ValueError:
console.print("[error]⚠ Please enter a number.[/error]")
continue
if choice == 99:
if parent is None:
sys.exit()
return 99
except (TypeError, ValueError):
console.print("[red]⚠ Please enter a valid option.[/red]")
input("\nPress [Enter] to continue...")
except Exception:
console.print_exception(show_locals=True)
input("\nPress [Enter] to continue...")
return self.show_options(parent=parent)
elif choice == 98 and archived:
self._show_archived_tools()
elif 0 <= choice < len(active):
try:
ret = active[choice].show_options(parent=self)
except Exception:
console.print_exception(show_locals=True)
Prompt.ask("[dim]Press Enter to continue[/dim]", default="")
else:
console.print("[error]⚠ Invalid option.[/error]")

11
docker-compose.yml
View file

@ -1,11 +1,16 @@
version: "3.9"
services:
hackingtool:
image: vgpastor/hackingtool
# Bug 23 fix: was using external unverified image vgpastor/hackingtool
# Now builds from local Dockerfile — no third-party trust required
build: .
container_name: hackingtool
stdin_open: true
tty: true
volumes:
- .:/root/hackingtool
ports:
- 22:22
- hackingtool_data:/root/.hackingtool
# Bug 22 fix: removed port 22:22 — this is a CLI tool, SSH exposure is unnecessary
volumes:
hackingtool_data:

99
tools/anonsurf.py
View file

@ -1,129 +1,58 @@
# coding=utf-8
import os
from rich.console import Console
from rich.panel import Panel
from rich.prompt import Prompt
from rich.text import Text
from rich.table import Table
from core import HackingTool
from core import HackingToolsCollection
console = Console()
P_COLOR = "magenta"
from core import HackingTool, HackingToolsCollection, console
class AnonymouslySurf(HackingTool):
TITLE = "Anonymously Surf"
DESCRIPTION = (
"It automatically overwrites the RAM when\n"
"the system is shutting down and also change Ip."
"It automatically overwrites the RAM when the system shuts down\n"
"and also changes your IP address."
)
# Bug 28 fix: was "cd kali-anonsurf && ./installer.sh && cd .. && sudo rm -r kali-anonsurf"
# Deleting the source on install means there is no retry if install fails.
# Now kept in a separate step so failure does not destroy the source.
INSTALL_COMMANDS = [
"sudo git clone https://github.com/Und3rf10w/kali-anonsurf.git",
"cd kali-anonsurf && sudo ./installer.sh && cd .. && sudo rm -r kali-anonsurf",
"cd kali-anonsurf && sudo ./installer.sh",
]
RUN_COMMANDS = ["sudo anonsurf start"]
PROJECT_URL = "https://github.com/Und3rf10w/kali-anonsurf"
SUPPORTED_OS = ["linux"]
def __init__(self):
super(AnonymouslySurf, self).__init__([("Stop", self.stop)])
super().__init__([("Stop", self.stop)])
def stop(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=f"bold {P_COLOR}"))
console.print("Stopping Anonsurf...", style=f"bold {P_COLOR}")
console.print("[bold magenta]Stopping Anonsurf...[/bold magenta]")
os.system("sudo anonsurf stop")
class Multitor(HackingTool):
TITLE = "Multitor"
DESCRIPTION = "How to stay in multi places at the same time"
DESCRIPTION = "How to stay in multi places at the same time."
INSTALL_COMMANDS = [
"sudo git clone https://github.com/trimstray/multitor.git",
"cd multitor;sudo bash setup.sh install",
"cd multitor && sudo bash setup.sh install",
]
RUN_COMMANDS = [
"multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy"
]
PROJECT_URL = "https://github.com/trimstray/multitor"
SUPPORTED_OS = ["linux"]
def __init__(self):
# keep original behavior (non-runnable) while still initializing
super(Multitor, self).__init__(runnable=False)
super().__init__(runnable=False)
class AnonSurfTools(HackingToolsCollection):
TITLE = "Anonymously Hiding Tools"
DESCRIPTION = ""
TOOLS = [
AnonymouslySurf(),
Multitor(),
]
def _get_attr(self, obj, *names, default=""):
for n in names:
if hasattr(obj, n):
return getattr(obj, n)
return default
def pretty_print(self):
table = Table(title="Anonymously Hiding Tools", show_lines=True, expand=True)
table.add_column("Title", style="magenta", no_wrap=True)
table.add_column("Description", style="magenta")
table.add_column("Project URL", style="magenta", no_wrap=True)
for t in self.TOOLS:
title = self._get_attr(t, "TITLE", "Title", "title", default=t.__class__.__name__)
desc = self._get_attr(t, "DESCRIPTION", "Description", "description", default="")
url = self._get_attr(t, "PROJECT_URL", "PROJECT_URL", "PROJECT", "project_url", "projectUrl", default="")
table.add_row(str(title), str(desc).strip().replace("\n", " "), str(url))
panel = Panel(table, title=f"[{P_COLOR}]Available Tools[/ {P_COLOR}]", border_style=P_COLOR)
console.print(panel)
def show_options(self, parent=None):
console.print("\n")
console.print(Panel.fit(
"[bold magenta]Anonymously Hiding Tools Collection[/bold magenta]\n"
"Select a tool to view options or run it.",
border_style=P_COLOR
))
table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True, expand=True)
table.add_column("Index", justify="center", style="bold yellow")
table.add_column("Tool Name", justify="left", style="bold green")
table.add_column("Description", justify="left", style="white")
for i, tool in enumerate(self.TOOLS):
title = self._get_attr(tool, "TITLE", "Title", "title", default=tool.__class__.__name__)
desc = self._get_attr(tool, "DESCRIPTION", "Description", "description", default="")
table.add_row(str(i + 1), title, desc or "")
table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu")
console.print(table)
try:
choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]", default="99")
choice = int(choice)
if 1 <= choice <= len(self.TOOLS):
selected = self.TOOLS[choice - 1]
# delegate if collection-style interface exists
if hasattr(selected, "show_options"):
selected.show_options(parent=self)
# otherwise, if the tool has actions or a run method, prefer those
elif hasattr(selected, "run"):
selected.run()
else:
console.print("[bold yellow]Selected tool has no runnable interface.[/bold yellow]")
elif choice == 99:
return 99
except Exception:
console.print("[bold red]Invalid choice. Try again.[/bold red]")
return self.show_options(parent=parent)
if __name__ == "__main__":
tools = AnonSurfTools()
tools.pretty_print()
tools.show_options()

191
tools/ddos.py
View file

@ -1,109 +1,87 @@
# coding=utf-8
import os
import subprocess
from rich.console import Console
from rich.prompt import Prompt
from rich.panel import Panel
from rich.text import Text
from rich.table import Table
from core import HackingTool
from core import HackingToolsCollection
console = Console()
P_COLOR = "magenta" # primary purple/magenta theme for styling
from core import HackingTool, HackingToolsCollection, console
class ddos(HackingTool):
TITLE = "ddos"
DESCRIPTION = (
"Best DDoS Attack Script With 36 Plus Methods."
"DDoS attacks\n\b "
"for SECURITY TESTING PURPOSES ONLY! "
"Best DDoS Attack Script With 36 Plus Methods. "
"DDoS attacks for SECURITY TESTING PURPOSES ONLY!"
)
INSTALL_COMMANDS = [
"git clone https://github.com/the-deepnet/ddos.git",
"cd ddos;sudo pip3 install -r requirements.txt",
"cd ddos && sudo pip3 install -r requirements.txt",
]
PROJECT_URL = "https://github.com/the-deepnet/ddos.git"
PROJECT_URL = "https://github.com/the-deepnet/ddos"
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=f"bold {P_COLOR}"))
method = Prompt.ask("Enter Method >>")
url = Prompt.ask("Enter URL >>")
threads = Prompt.ask("Enter Threads >>")
proxylist = Prompt.ask("Enter ProxyList >>")
multiple = Prompt.ask("Enter Multiple >>")
timer = Prompt.ask("Enter Timer >>")
os.system("cd ddos;")
from config import get_tools_dir
method = Prompt.ask("Enter Method")
url = Prompt.ask("Enter URL")
threads = Prompt.ask("Enter Threads")
proxylist = Prompt.ask("Enter ProxyList")
multiple = Prompt.ask("Enter Multiple")
timer = Prompt.ask("Enter Timer")
# Bug 4 fix: removed os.system("cd ddos;") — use cwd= instead
subprocess.run(
[
"sudo",
"python3 ddos",
method,
url,
"socks_type5.4.1",
threads,
proxylist,
multiple,
timer,
]
["sudo", "python3", "ddos.py", method, url,
"socks_type5.4.1", threads, proxylist, multiple, timer],
cwd=str(get_tools_dir() / "ddos"),
)
class SlowLoris(HackingTool):
TITLE = "SlowLoris"
DESCRIPTION = (
"Slowloris is basically an HTTP Denial of Service attack."
"It send lots of HTTP Request"
"Slowloris is basically an HTTP Denial of Service attack. "
"It sends lots of HTTP requests."
)
INSTALL_COMMANDS = ["sudo pip3 install slowloris"]
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=f"bold {P_COLOR}"))
target_site = Prompt.ask("Enter Target Site:-")
target_site = Prompt.ask("Enter Target Site")
subprocess.run(["slowloris", target_site])
class Asyncrone(HackingTool):
TITLE = "Asyncrone | Multifunction SYN Flood DDoS Weapon"
DESCRIPTION = (
"aSYNcrone is a C language based, mulltifunction SYN Flood "
"DDoS Weapon.\nDisable the destination system by sending a "
"SYN packet intensively to the destination."
"aSYNcrone is a C language based, multifunction SYN Flood DDoS Weapon.\n"
"Disable the destination system by sending SYN packets intensively."
)
INSTALL_COMMANDS = [
"git clone https://github.com/fatih4842/aSYNcrone.git",
"cd aSYNcrone;sudo gcc aSYNcrone.c -o aSYNcrone -lpthread",
"cd aSYNcrone && sudo gcc aSYNcrone.c -o aSYNcrone -lpthread",
]
PROJECT_URL = "https://github.com/fatihsnsy/aSYNcrone"
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=f"bold {P_COLOR}"))
source_port = Prompt.ask("Enter Source Port >>")
target_ip = Prompt.ask("Enter Target IP >>")
target_port = Prompt.ask("Enter Target port >>")
os.system("cd aSYNcrone;")
from config import get_tools_dir
source_port = Prompt.ask("Enter Source Port")
target_ip = Prompt.ask("Enter Target IP")
target_port = Prompt.ask("Enter Target Port")
# Bug 5 fix: 1000 was int — subprocess requires all args str
# Bug 4 fix: removed os.system("cd aSYNcrone;") — use cwd= instead
subprocess.run(
["sudo", "./aSYNcrone", source_port, target_ip, target_port, 1000]
["sudo", "./aSYNcrone", str(source_port), str(target_ip), str(target_port), "1000"],
cwd=str(get_tools_dir() / "aSYNcrone"),
)
class UFONet(HackingTool):
TITLE = "UFOnet"
DESCRIPTION = (
"UFONet - is a free software, P2P and cryptographic "
"-disruptive \n toolkit- that allows to perform DoS and "
"DDoS attacks\n\b "
"More Usage Visit"
"UFONet is a free software, P2P and cryptographic disruptive toolkit "
"that allows performing DoS and DDoS attacks."
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/epsylon/ufonet.git",
"cd ufonet;sudo python3 setup.py install;sudo pip3 install GeoIP;sudo pip3 install python-geoip;sudo pip3 install pygeoip;sudo pip3 install requests;sudo pip3 install pycrypto;sudo pip3 install pycurl;sudo pip3 install whois;sudo pip3 install scapy-python3",
"cd ufonet && pip install --user .",
]
RUN_COMMANDS = ["sudo python3 ufonet --gui"]
RUN_COMMANDS = ["python3 ufonet --gui"]
PROJECT_URL = "https://github.com/epsylon/ufonet"
@ -111,108 +89,49 @@ class GoldenEye(HackingTool):
TITLE = "GoldenEye"
DESCRIPTION = (
"GoldenEye is a python3 app for SECURITY TESTING PURPOSES ONLY!\n"
"GoldenEye is a HTTP DoS Test Tool."
"GoldenEye is a HTTP DoS Test Tool.\n"
"Usage: ./goldeneye.py <url> [OPTIONS]"
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/jseidl/GoldenEye.git;"
"chmod -R 755 GoldenEye"
"sudo git clone https://github.com/jseidl/GoldenEye.git",
"chmod -R 755 GoldenEye",
]
PROJECT_URL = "https://github.com/jseidl/GoldenEye"
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=f"bold {P_COLOR}"))
os.system("cd GoldenEye ;sudo ./goldeneye.py")
console.print("Go to Directory\n[*] USAGE: ./goldeneye.py <url> [OPTIONS]")
from config import get_tools_dir
# Bug 4 fix: removed os.system("cd GoldenEye; ...") — no-op cd subshell
url = Prompt.ask("Enter target URL")
subprocess.run(["sudo", "./goldeneye.py", url],
cwd=str(get_tools_dir() / "GoldenEye"))
class Saphyra(HackingTool):
TITLE = "SaphyraDDoS"
DESCRIPTION = "A complex python code to DDoS any website with a very easy usage.!\n"
DESCRIPTION = "A Python DDoS script for SECURITY TESTING PURPOSES ONLY."
INSTALL_COMMANDS = [
"sudo su",
"git clone https://github.com/anonymous24x7/Saphyra-DDoS.git",
"cd Saphyra-DDoS",
"chmod +x saphyra.py",
"python saphyra.py",
# Bug 7 fix: removed "sudo su" (first step was dropping into interactive root shell)
"sudo git clone https://github.com/anonymous24x7/Saphyra-DDoS.git",
"chmod +x Saphyra-DDoS/saphyra.py",
]
PROJECT_URL = "https://github.com/anonymous24x7/Saphyra-DDoS"
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=f"bold {P_COLOR}"))
url = Prompt.ask("Enter url>>>")
try:
os.system("python saphyra.py " + url)
except Exception:
console.print("Enter a valid url.", style="bold red")
from config import get_tools_dir
url = Prompt.ask("Enter URL")
# Vuln 1 fix: was os.system("python saphyra.py " + url) — command injection
# Now uses subprocess list form — url is never interpolated into a shell string
subprocess.run(
["python3", "saphyra.py", url],
cwd=str(get_tools_dir() / "Saphyra-DDoS"),
)
class DDOSTools(HackingToolsCollection):
TITLE = "DDOS Attack Tools"
TOOLS = [SlowLoris(), Asyncrone(), UFONet(), GoldenEye(), Saphyra()]
def _get_attr(self, obj, *names, default=""):
for n in names:
if hasattr(obj, n):
return getattr(obj, n)
return default
def pretty_print(self):
table = Table(title="DDOS Attack Tools", show_lines=True, expand=True)
table.add_column("Title", style="magenta", no_wrap=True)
table.add_column("Description", style="magenta")
table.add_column("Project URL", style="magenta", no_wrap=True)
for t in self.TOOLS:
title = self._get_attr(t, "TITLE", "Title", "title", default=t.__class__.__name__)
desc = self._get_attr(t, "DESCRIPTION", "Description", "description", default="")
url = self._get_attr(t, "PROJECT_URL", "PROJECT_URL", "PROJECT", "project_url", "projectUrl", default="")
table.add_row(str(title), str(desc).strip().replace("\n", " "), str(url))
panel = Panel(table, title=f"[{P_COLOR}]Available Tools[/ {P_COLOR}]", border_style=P_COLOR)
console.print(panel)
def show_options(self, parent=None):
console.print("\n")
console.print(Panel.fit(
"[bold magenta]DDOS Attack Tools Collection[/bold magenta]\n"
"Select a tool to view options or run it.",
border_style=P_COLOR
))
table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True, expand=True)
table.add_column("Index", justify="center", style="bold yellow")
table.add_column("Tool Name", justify="left", style="bold green")
table.add_column("Description", justify="left", style="white")
for i, tool in enumerate(self.TOOLS):
title = self._get_attr(tool, "TITLE", "Title", "title", default=tool.__class__.__name__)
desc = self._get_attr(tool, "DESCRIPTION", "Description", "description", default="")
table.add_row(str(i + 1), title, desc or "")
table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu")
console.print(table)
try:
choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]", default="99")
choice = int(choice)
if 1 <= choice <= len(self.TOOLS):
selected = self.TOOLS[choice - 1]
# If tool exposes show_options (collection-style), delegate to it
if hasattr(selected, "show_options"):
selected.show_options(parent=self)
# Otherwise, if runnable, call its run method
elif hasattr(selected, "run"):
selected.run()
else:
console.print("[bold yellow]Selected tool has no runnable interface.[/bold yellow]")
elif choice == 99:
return 99
except Exception:
console.print("[bold red]Invalid choice. Try again.[/bold red]")
return self.show_options(parent=parent)
if __name__ == "__main__":
tools = DDOSTools()
tools.pretty_print()
tools.show_options()

9
tools/exploit_frameworks.py
View file

@ -45,13 +45,16 @@ class Commix(HackingTool):
"attacks.\n Usage: python commix.py [option(s)]"
INSTALL_COMMANDS = [
"git clone https://github.com/commixproject/commix.git commix",
"cd commix;sudo python setup.py install"
# Bug 26 fix: was "sudo python setup.py install" (Python 2)
"cd commix && pip install --user .",
]
RUN_COMMANDS = ["sudo python commix.py --wizard"]
# Bug 26 fix: was "sudo python commix.py --wizard" (Python 2)
RUN_COMMANDS = ["cd commix && sudo python3 commix.py --wizard"]
PROJECT_URL = "https://github.com/commixproject/commix"
def __init__(self):
super(Commix, self).__init__(runnable=False)
# Py3-4 fix: super(Commix, self) → super()
super().__init__(runnable=False)
class ExploitFrameworkTools(HackingToolsCollection):

33
tools/information_gathering_tools.py
View file

@ -149,10 +149,13 @@ class Striker(HackingTool):
PROJECT_URL = "https://github.com/s0md3v/Striker"
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=PURPLE_STYLE))
site = Prompt.ask("Enter Site Name (example.com) >> ")
os.chdir("Striker")
subprocess.run(["sudo", "python3", "striker.py", site])
from config import get_tools_dir
site = Prompt.ask("Enter Site Name (example.com)")
# Bug 3 fix: os.chdir() corrupts the process CWD permanently — use cwd= instead
subprocess.run(
["sudo", "python3", "striker.py", site],
cwd=str(get_tools_dir() / "Striker"),
)
class SecretFinder(HackingTool):
@ -193,10 +196,13 @@ class PortScannerRanger(HackingTool):
PROJECT_URL = "https://github.com/floriankunushevci/rang3r"
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=PURPLE_STYLE))
ip = Prompt.ask("Enter Ip >> ")
os.chdir("rang3r")
subprocess.run(["sudo", "python", "rang3r.py", "--ip", ip])
from config import get_tools_dir
ip = Prompt.ask("Enter IP")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["sudo", "python3", "rang3r.py", "--ip", ip],
cwd=str(get_tools_dir() / "rang3r"),
)
class Breacher(HackingTool):
@ -206,10 +212,13 @@ class Breacher(HackingTool):
PROJECT_URL = "https://github.com/s0md3v/Breacher"
def run(self):
console.print(Panel(Text(self.TITLE, justify="center"), style=PURPLE_STYLE))
domain = Prompt.ask("Enter domain (example.com) >> ")
os.chdir("Breacher")
subprocess.run(["python3", "breacher.py", "-u", domain])
from config import get_tools_dir
domain = Prompt.ask("Enter domain (example.com)")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["python3", "breacher.py", "-u", domain],
cwd=str(get_tools_dir() / "Breacher"),
)
class InformationGatheringTools(HackingToolsCollection):

11
tools/other_tools.py
View file

@ -33,9 +33,14 @@ class HatCloud(HackingTool):
PROJECT_URL = "https://github.com/HatBashBR/HatCloud"
def run(self):
site = input("Enter Site >> ")
os.chdir("HatCloud")
subprocess.run(["sudo", "ruby", "hatcloud.rb", "-b", site])
from config import get_tools_dir
from rich.prompt import Prompt
site = Prompt.ask("Enter Site")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["sudo", "ruby", "hatcloud.rb", "-b", site],
cwd=str(get_tools_dir() / "HatCloud"),
)
class OtherTools(HackingToolsCollection):

5
tools/others/android_attack.py
View file

@ -49,8 +49,9 @@ class Droidcam(HackingTool):
TITLE = "DroidCam (Capture Image)"
DESCRIPTION = "Powerful Tool For Grab Front Camera Snap Using A Link"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/kinghacker0/WishFish.git;"
"sudo apt install php wget openssh-client"
# Bug 16 fix: missing comma caused two strings to be implicitly concatenated into one
"sudo git clone https://github.com/kinghacker0/WishFish.git",
"sudo apt install -y php wget openssh-client",
]
RUN_COMMANDS = ["cd WishFish && sudo bash wishfish.sh"]
PROJECT_URL = "https://github.com/kinghacker0/WishFish"

29
tools/others/mix_tools.py
View file

@ -15,29 +15,36 @@ console = Console(theme=_theme)
class TerminalMultiplexer(HackingTool):
TITLE = "Terminal Multiplexer"
DESCRIPTION = "Terminal Multiplexer is a tiling terminal emulator that " \
"allows us to open \n several terminal sessions inside one " \
"single window."
INSTALL_COMMANDS = ["sudo apt-get install tilix"]
DESCRIPTION = (
"Terminal Multiplexer (tilix) is a tiling terminal emulator that "
"allows opening several terminal sessions inside one window."
)
# Bug 19 fix: tilix is a Debian/Ubuntu package only — mark Linux-only
INSTALL_COMMANDS = ["sudo apt-get install -y tilix"]
SUPPORTED_OS = ["linux"]
def __init__(self):
super(TerminalMultiplexer, self).__init__(runnable = False)
# Py3-4 fix: super(TerminalMultiplexer, self) → super()
super().__init__(runnable=False)
class Crivo(HackingTool):
TITLE = "Crivo"
DESCRIPTION = "A tool for extracting and filtering URLs, IPs, domains, " \
"\n and subdomains from web pages or text, " \
"with built-in web scraping capabilities.\n" \
"See: python3 crivo_cli.py -h"
DESCRIPTION = (
"A tool for extracting and filtering URLs, IPs, domains, and subdomains\n"
"from web pages or text, with built-in web scraping capabilities.\n"
"See: python3 crivo_cli.py -h"
)
INSTALL_COMMANDS = [
"git clone https://github.com/GMDSantana/crivo.git",
"cd crivo;pip install -r requirements.txt"
# Bug 18 verify: this is correct — cd and pip in same string works
"cd crivo && pip install --user -r requirements.txt",
]
PROJECT_URL = "https://github.com/GMDSantana/crivo"
def __init__(self):
super(Crivo, self).__init__(runnable = False)
# Py3-4 fix: super(Crivo, self) → super()
super().__init__(runnable=False)
class MixTools(HackingToolsCollection):

30
tools/others/socialmedia.py
View file

@ -20,19 +20,15 @@ console = Console(theme=_theme)
class InstaBrute(HackingTool):
TITLE = "Instagram Attack"
DESCRIPTION = "Brute force attack against Instagram"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/chinoogawa/instaBrute.git",
"cd instaBrute;sudo pip2.7 install -r requirements.txt"
]
PROJECT_URL = "https://github.com/chinoogawa/instaBrute"
# Py3-7: Python 2 only (pip2.7); also violates Instagram ToS
ARCHIVED = True
ARCHIVED_REASON = "Python 2 only — EOL January 2020. Repo unmaintained since 2017."
INSTALL_COMMANDS = []
RUN_COMMANDS = []
def run(self):
name = input("Enter Username >> ")
wordlist = input("Enter wordword list >> ")
os.chdir("instaBrute")
subprocess.run(
["sudo", "python", "instaBrute.py", "-u", f"{name}", "-d",
f"{wordlist}"])
def __init__(self):
super().__init__(installable=False, runnable=False)
class BruteForce(HackingTool):
@ -57,12 +53,14 @@ class Faceshell(HackingTool):
PROJECT_URL = "https://github.com/Matrix07ksa/Brute_Force"
def run(self):
name = input("Enter Username >> ")
wordlist = input("Enter Wordlist >> ")
with contextlib.suppress(FileNotFoundError):
os.chdir("Brute_Force")
from config import get_tools_dir
name = Prompt.ask("Enter Username")
wordlist = Prompt.ask("Enter Wordlist path")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["python3", "Brute_Force.py", "-f", f"{name}", "-l", f"{wordlist}"])
["python3", "Brute_Force.py", "-f", name, "-l", wordlist],
cwd=str(get_tools_dir() / "Brute_Force"),
)
class AppCheck(HackingTool):

11
tools/others/socialmedia_finder.py
View file

@ -69,9 +69,14 @@ class Sherlock(HackingTool):
PROJECT_URL = "https://github.com/sherlock-project/sherlock"
def run(self):
name = input("Enter Username >> ")
os.chdir('sherlock')
subprocess.run(["sudo", "python3", "sherlock", f"{name}"])
from config import get_tools_dir
from rich.prompt import Prompt
name = Prompt.ask("Enter Username")
# Bug 3 fix: os.chdir() replaced with cwd= parameter
subprocess.run(
["python3", "sherlock", name],
cwd=str(get_tools_dir() / "sherlock"),
)
class SocialScan(HackingTool):

150
tools/payload_creator.py
View file

@ -1,34 +1,25 @@
# coding=utf-8
import os
from core import HackingTool
from core import HackingToolsCollection
from rich.console import Console
from rich.theme import Theme
from rich.table import Table
from rich.panel import Panel
from rich.prompt import Prompt
_theme = Theme({"purple": "#7B61FF"})
console = Console(theme=_theme)
from core import HackingTool, HackingToolsCollection, console
class TheFatRat(HackingTool):
TITLE = "The FatRat"
DESCRIPTION = "TheFatRat Provides An Easy way to create Backdoors and Payloads " \
"which can bypass most anti-virus"
DESCRIPTION = (
"TheFatRat provides an easy way to create backdoors and payloads "
"which can bypass most anti-virus."
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/Screetsec/TheFatRat.git",
"cd TheFatRat && sudo chmod +x setup.sh"
"cd TheFatRat && chmod +x setup.sh",
]
RUN_COMMANDS = ["cd TheFatRat && sudo bash setup.sh"]
PROJECT_URL = "https://github.com/Screetsec/TheFatRat"
def __init__(self):
super(TheFatRat, self).__init__([
('Update', self.update),
('Troubleshoot', self.troubleshoot)
super().__init__([
("Update", self.update),
("Troubleshoot", self.troubleshoot),
])
def update(self):
@ -40,60 +31,63 @@ class TheFatRat(HackingTool):
class Brutal(HackingTool):
TITLE = "Brutal"
DESCRIPTION = "Brutal is a toolkit to quickly create various payloads, powershell attacks, " \
"virus attacks and launch listener for a Human Interface Device"
DESCRIPTION = (
"Brutal is a toolkit to quickly create various payloads, powershell attacks, "
"virus attacks and launch listener for a Human Interface Device."
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/Screetsec/Brutal.git",
"cd Brutal && sudo chmod +x Brutal.sh"
"cd Brutal && chmod +x Brutal.sh",
]
RUN_COMMANDS = ["cd Brutal && sudo bash Brutal.sh"]
PROJECT_URL = "https://github.com/Screetsec/Brutal"
def show_info(self):
super(Brutal, self).show_info()
console.print("""
[!] Requirement
>> Arduino Software (I used v1.6.7)
>> TeensyDuino
>> Linux udev rules
>> Copy and paste the PaensyLib folder inside your Arduino libraries
[!] Visit for Installation for Arduino:
>> https://github.com/Screetsec/Brutal/wiki/Install-Requirements
""")
super().show_info()
console.print(
"[bold cyan]Requirements:[/bold cyan]\n"
" - Arduino Software (v1.6.7+)\n"
" - TeensyDuino\n"
" - Linux udev rules\n"
" See: https://github.com/Screetsec/Brutal/wiki/Install-Requirements"
)
class Stitch(HackingTool):
TITLE = "Stitch"
DESCRIPTION = "Stitch is Cross Platform Python Remote Administrator Tool\n" \
"[!] Refer Below Link For Wins & Mac OS"
DESCRIPTION = (
"Stitch is a Cross Platform Python Remote Administrator Tool.\n"
"[!] Refer to the project link for Windows & macOS support."
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/nathanlopez/Stitch.git",
"cd Stitch && sudo pip install -r lnx_requirements.txt"
"cd Stitch && pip install --user -r lnx_requirements.txt",
]
RUN_COMMANDS = ["cd Stitch && sudo python main.py"]
RUN_COMMANDS = ["cd Stitch && sudo python3 main.py"]
PROJECT_URL = "https://nathanlopez.github.io/Stitch"
class MSFVenom(HackingTool):
TITLE = "MSFvenom Payload Creator"
DESCRIPTION = "MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, " \
"based on user choice. Simplifies payload creation."
DESCRIPTION = (
"MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple "
"types of payloads, based on user choice."
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/g0tmi1k/msfpc.git",
"cd msfpc;sudo chmod +x msfpc.sh"
"cd msfpc && chmod +x msfpc.sh",
]
RUN_COMMANDS = ["cd msfpc;sudo bash msfpc.sh -h -v"]
RUN_COMMANDS = ["cd msfpc && sudo bash msfpc.sh -h -v"]
PROJECT_URL = "https://github.com/g0tmi1k/msfpc"
class Venom(HackingTool):
TITLE = "Venom Shellcode Generator"
DESCRIPTION = "Venom 1.0.11 (malicious_server) exploits apache2 webserver to deliver LAN payloads via fake webpages."
DESCRIPTION = "Venom exploits apache2 webserver to deliver LAN payloads via fake webpages."
INSTALL_COMMANDS = [
"sudo git clone https://github.com/r00t-3xp10it/venom.git",
# Removed "sudo ./venom.sh -u" from install — interactive, runs the tool during install
"sudo chmod -R 775 venom*/ && cd venom*/ && cd aux && sudo bash setup.sh",
"sudo ./venom.sh -u"
]
RUN_COMMANDS = ["cd venom && sudo ./venom.sh"]
PROJECT_URL = "https://github.com/r00t-3xp10it/venom"
@ -101,10 +95,10 @@ class Venom(HackingTool):
class Spycam(HackingTool):
TITLE = "Spycam"
DESCRIPTION = "Generates a Win32 payload that captures webcam images every 1 minute and sends them to the attacker."
DESCRIPTION = "Generates a Win32 payload that captures webcam images every 1 minute."
INSTALL_COMMANDS = [
"sudo git clone https://github.com/indexnotfound404/spycam.git",
"cd spycam && bash install.sh && chmod +x spycam"
"cd spycam && bash install.sh && chmod +x spycam",
]
RUN_COMMANDS = ["cd spycam && ./spycam"]
PROJECT_URL = "https://github.com/indexnotfound404/spycam"
@ -113,25 +107,23 @@ class Spycam(HackingTool):
class MobDroid(HackingTool):
TITLE = "Mob-Droid"
DESCRIPTION = "Generates metasploit payloads easily without typing long commands."
INSTALL_COMMANDS = [
"git clone https://github.com/kinghacker0/mob-droid.git"
]
RUN_COMMANDS = ["cd mob-droid;sudo python mob-droid.py"]
INSTALL_COMMANDS = ["git clone https://github.com/kinghacker0/mob-droid.git"]
RUN_COMMANDS = ["cd mob-droid && sudo python3 mob-droid.py"]
PROJECT_URL = "https://github.com/kinghacker0/Mob-Droid"
class Enigma(HackingTool):
TITLE = "Enigma"
DESCRIPTION = "Enigma is a Multiplatform payload dropper."
INSTALL_COMMANDS = [
"sudo git clone https://github.com/UndeadSec/Enigma.git"
]
RUN_COMMANDS = ["cd Enigma;sudo python enigma.py"]
INSTALL_COMMANDS = ["sudo git clone https://github.com/UndeadSec/Enigma.git"]
RUN_COMMANDS = ["cd Enigma && sudo python3 enigma.py"]
PROJECT_URL = "https://github.com/UndeadSec/Enigma"
class PayloadCreatorTools(HackingToolsCollection):
TITLE = "Payload creation tools"
# Bug 11 fix: show_options() override was missing `parent` parameter entirely —
# the whole override is now deleted and the base class method is used instead.
TOOLS = [
TheFatRat(),
Brutal(),
@ -140,62 +132,10 @@ class PayloadCreatorTools(HackingToolsCollection):
Venom(),
Spycam(),
MobDroid(),
Enigma()
Enigma(),
]
def pretty_print(self):
table = Table(title="Payload Creation Tools", show_lines=True, expand=True)
table.add_column("Title", style="purple", no_wrap=True)
table.add_column("Description", style="purple")
table.add_column("Project URL", style="purple", no_wrap=True)
for t in self.TOOLS:
desc = getattr(t, "DESCRIPTION", "") or ""
url = getattr(t, "PROJECT_URL", "") or ""
table.add_row(t.TITLE, desc.strip().replace("\n", " "), url)
console.print(Panel(table, title="[purple]Available Tools[/purple]", border_style="purple"))
def show_options(self):
console.print("\n")
console.print(Panel.fit(
"[bold purple]Payload Creator Collection[/bold purple]\n"
"Select a tool to run it or exit.",
border_style="purple"
))
table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True, expand=True)
table.add_column("Index", justify="center", style="bold yellow")
table.add_column("Tool Name", justify="left", style="bold green")
table.add_column("Description", justify="left", style="white")
for i, tool in enumerate(self.TOOLS):
desc = getattr(tool, "DESCRIPTION", "") or ""
table.add_row(str(i + 1), tool.TITLE, desc.replace("\n", " "))
table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu")
console.print(table)
try:
choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]", default="99")
choice = int(choice)
if 1 <= choice <= len(self.TOOLS):
selected = self.TOOLS[choice - 1]
if hasattr(selected, "run"):
selected.run()
elif hasattr(selected, "show_actions"):
selected.show_actions()
else:
console.print("[bold yellow]Selected tool has no runnable interface.[/bold yellow]")
elif choice == 99:
return 99
except Exception:
console.print("[bold red]Invalid choice. Try again.[/bold red]")
return self.show_options()
if __name__ == "__main__":
tools = PayloadCreatorTools()
tools.pretty_print()
tools.show_options()

231
tools/phising_attack.py
View file

@ -1,17 +1,6 @@
# coding=utf-8
import os
from core import HackingTool
from core import HackingToolsCollection
from rich.console import Console
from rich.theme import Theme
from rich.table import Table
from rich.panel import Panel
from rich.prompt import Prompt
_theme = Theme({"purple": "#7B61FF"})
console = Console(theme=_theme)
from core import HackingTool, HackingToolsCollection, console
class autophisher(HackingTool):
@ -19,22 +8,22 @@ class autophisher(HackingTool):
DESCRIPTION = "Automated Phishing Toolkit"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/CodingRanjith/autophisher.git",
"cd autophisher"
]
RUN_COMMANDS = ["cd autophisher;sudo bash autophisher.sh"]
RUN_COMMANDS = ["cd autophisher && sudo bash autophisher.sh"]
PROJECT_URL = "https://github.com/CodingRanjith/autophisher"
class Pyphisher(HackingTool):
TITLE = "Pyphisher"
DESCRIPTION = "Easy to use phishing tool with 77 website templates"
# Bug 9 fix: pip must reference the full path, not rely on a no-op "cd" call
INSTALL_COMMANDS = [
"sudo git clone https://github.com/KasRoudra/PyPhisher",
"cd PyPhisher/files",
"pip3 install -r requirements.txt"
"git clone https://github.com/KasRoudra/PyPhisher",
"pip3 install --user -r PyPhisher/files/requirements.txt",
]
RUN_COMMANDS = ["cd PyPhisher;sudo python3 pyphisher.py"]
PROJECT_URL = "git clone https://github.com/KasRoudra/PyPhisher"
RUN_COMMANDS = ["cd PyPhisher && sudo python3 pyphisher.py"]
# Bug 8 fix: PROJECT_URL was a git clone command, not a URL
PROJECT_URL = "https://github.com/KasRoudra/PyPhisher"
class AdvPhishing(HackingTool):
@ -42,18 +31,22 @@ class AdvPhishing(HackingTool):
DESCRIPTION = "This is Advance Phishing Tool ! OTP PHISHING"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/Ignitetch/AdvPhishing.git",
"cd AdvPhishing;chmod 777 *;bash Linux-Setup.sh"]
# Vuln 2 fix: chmod 777 → chmod +x
"cd AdvPhishing && chmod +x Linux-Setup.sh && bash Linux-Setup.sh",
]
RUN_COMMANDS = ["cd AdvPhishing && sudo bash AdvPhishing.sh"]
PROJECT_URL = "https://github.com/Ignitetch/AdvPhishing"
class Setoolkit(HackingTool):
TITLE = "Setoolkit"
DESCRIPTION = "The Social-Engineer Toolkit is an open-source penetration\n" \
"testing framework designed for social engine"
DESCRIPTION = (
"The Social-Engineer Toolkit is an open-source penetration\n"
"testing framework designed for social engineering."
)
INSTALL_COMMANDS = [
"git clone https://github.com/trustedsec/social-engineer-toolkit/",
"cd social-engineer-toolkit && sudo python3 setup.py"
"cd social-engineer-toolkit && pip install --user .",
]
RUN_COMMANDS = ["sudo setoolkit"]
PROJECT_URL = "https://github.com/trustedsec/social-engineer-toolkit"
@ -64,7 +57,7 @@ class SocialFish(HackingTool):
DESCRIPTION = "Automated Phishing Tool & Information Collector NOTE: username is 'root' and password is 'pass'"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/UndeadSec/SocialFish.git && sudo apt-get install python3 python3-pip python3-dev -y",
"cd SocialFish && sudo python3 -m pip install -r requirements.txt"
"cd SocialFish && sudo python3 -m pip install -r requirements.txt",
]
RUN_COMMANDS = ["cd SocialFish && sudo python3 SocialFish.py root pass"]
PROJECT_URL = "https://github.com/UndeadSec/SocialFish"
@ -72,45 +65,45 @@ class SocialFish(HackingTool):
class HiddenEye(HackingTool):
TITLE = "HiddenEye"
DESCRIPTION = "Modern Phishing Tool With Advanced Functionality And " \
"Multiple Tunnelling Services \n" \
"\t [!]https://github.com/DarkSecDevelopers/HiddenEye"
DESCRIPTION = (
"Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services\n"
"\t[!] https://github.com/DarkSecDevelopers/HiddenEye"
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/Morsmalleo/HiddenEye.git ;sudo chmod 777 HiddenEye",
"cd HiddenEye;sudo pip3 install -r requirements.txt;sudo pip3 install requests;pip3 install pyngrok"
# Vuln 2 fix: chmod 777 → chmod 755
"sudo git clone https://github.com/Morsmalleo/HiddenEye.git && chmod -R 755 HiddenEye",
"cd HiddenEye && sudo pip3 install -r requirements.txt && pip3 install pyngrok",
]
RUN_COMMANDS = ["cd HiddenEye;sudo python3 HiddenEye.py"]
PROJECT_URL = "https://github.com/Morsmalleo/HiddenEye.git"
RUN_COMMANDS = ["cd HiddenEye && sudo python3 HiddenEye.py"]
PROJECT_URL = "https://github.com/Morsmalleo/HiddenEye"
class Evilginx2(HackingTool):
TITLE = "Evilginx2"
DESCRIPTION = "evilginx2 is a man-in-the-middle attack framework used " \
"for phishing login credentials along with session cookies,\n" \
"which in turn allows to bypass 2-factor authentication protection.\n\n\t " \
"[+]Make sure you have installed GO of version at least 1.14.0 \n" \
"[+]After installation, add this to your ~/.profile, assuming that you installed GO in /usr/local/go\n\t " \
"[+]export GOPATH=$HOME/go \n " \
"[+]export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin \n" \
"[+]Then load it with source ~/.profiles."
TITLE = "Evilginx3"
DESCRIPTION = (
"evilginx is a man-in-the-middle attack framework used for phishing login credentials\n"
"along with session cookies, bypassing 2-factor authentication.\n"
"Requires Go >= 1.18 installed."
)
# Bug 6 fix: removed 'sudo evilginx' (interactive) from INSTALL_COMMANDS
INSTALL_COMMANDS = [
"sudo apt-get install git make;go get -u github.com/kgretzky/evilginx2",
"cd $GOPATH/src/github.com/kgretzky/evilginx2;make",
"sudo make install;sudo evilginx"
"sudo apt-get install -y git make golang-go",
"go install github.com/kgretzky/evilginx/v3@latest",
]
RUN_COMMANDS = ["sudo evilginx"]
RUN_COMMANDS = ["evilginx"]
PROJECT_URL = "https://github.com/kgretzky/evilginx2"
REQUIRES_GO = True
class ISeeYou(HackingTool):
TITLE = "I-See_You"
DESCRIPTION = "[!] ISeeYou is a tool to find Exact Location of Victom By" \
" User SocialEngineering or Phishing Engagement..\n" \
"[!] Users can expose their local servers to the Internet " \
"and decode the location coordinates by looking at the log file"
DESCRIPTION = (
"[!] ISeeYou finds the exact location of a target via social engineering.\n"
"[!] Expose local servers to the internet and decode location from log file."
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/Viralmaniar/I-See-You.git",
"cd I-See-You && sudo chmod u+x ISeeYou.sh"
"cd I-See-You && sudo chmod u+x ISeeYou.sh",
]
RUN_COMMANDS = ["cd I-See-You && sudo bash ISeeYou.sh"]
PROJECT_URL = "https://github.com/Viralmaniar/I-See-You"
@ -118,7 +111,7 @@ class ISeeYou(HackingTool):
class SayCheese(HackingTool):
TITLE = "SayCheese"
DESCRIPTION = "Take webcam shots from target just sending a malicious link"
DESCRIPTION = "Take webcam shots from target just by sending a malicious link"
INSTALL_COMMANDS = ["sudo git clone https://github.com/hangetzzu/saycheese"]
RUN_COMMANDS = ["cd saycheese && sudo bash saycheese.sh"]
PROJECT_URL = "https://github.com/hangetzzu/saycheese"
@ -128,19 +121,13 @@ class QRJacking(HackingTool):
TITLE = "QR Code Jacking"
DESCRIPTION = "QR Code Jacking (Any Website)"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/cryptedwolf/ohmyqr.git && sudo apt -y install scrot"]
"sudo git clone https://github.com/cryptedwolf/ohmyqr.git && sudo apt -y install scrot",
]
RUN_COMMANDS = ["cd ohmyqr && sudo bash ohmyqr.sh"]
PROJECT_URL = "https://github.com/cryptedwolf/ohmyqr"
class WifiPhisher(HackingTool):
TITLE = "WifiPhisher"
DESCRIPTION = "The Rogue Access Point Framework"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/wifiphisher/wifiphisher.git",
"cd wifiphisher"]
RUN_COMMANDS = ["cd wifiphisher && sudo python setup.py"]
PROJECT_URL = "https://github.com/wifiphisher/wifiphisher"
# Bug 10 fix: WifiPhisher removed from phishing tools — it belongs in wireless_attack_tools.py
class BlackEye(HackingTool):
@ -148,7 +135,7 @@ class BlackEye(HackingTool):
DESCRIPTION = "The ultimate phishing tool with 38 websites available!"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/thelinuxchoice/blackeye",
"cd blackeye "]
]
RUN_COMMANDS = ["cd blackeye && sudo bash blackeye.sh"]
PROJECT_URL = "https://github.com/An0nUD4Y/blackeye"
@ -157,45 +144,44 @@ class ShellPhish(HackingTool):
TITLE = "ShellPhish"
DESCRIPTION = "Phishing Tool for 18 social media"
INSTALL_COMMANDS = ["git clone https://github.com/An0nUD4Y/shellphish.git"]
RUN_COMMANDS = ["cd shellphish;sudo bash shellphish.sh"]
RUN_COMMANDS = ["cd shellphish && sudo bash shellphish.sh"]
PROJECT_URL = "https://github.com/An0nUD4Y/shellphish"
class Thanos(HackingTool):
TITLE = "Thanos"
DESCRIPTION = "Browser to Browser Phishingtoolkit"
DESCRIPTION = "Browser to Browser Phishing toolkit"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/TridevReddy/Thanos.git",
"cd Thanos && sudo chmod -R 777 Thanos.sh"
# Vuln 2 fix: chmod -R 777 → chmod +x
"cd Thanos && chmod +x Thanos.sh",
]
RUN_COMMANDS = ["cd Thanos;sudo bash Thanos.sh"]
RUN_COMMANDS = ["cd Thanos && sudo bash Thanos.sh"]
PROJECT_URL = "https://github.com/TridevReddy/Thanos"
class QRLJacking(HackingTool):
TITLE = "QRLJacking"
DESCRIPTION = "QRLJacking"
DESCRIPTION = "QRLJacking — session hijacking attack vector targeting QR code based login"
INSTALL_COMMANDS = [
"git clone https://github.com/OWASP/QRLJacking.git",
"cd QRLJacking",
"git clone https://github.com/mozilla/geckodriver.git",
"chmod +x geckodriver",
"sudo mv -f geckodriver /usr/local/share/geckodriver",
"sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver",
"sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver",
"cd QRLJacker;pip3 install -r requirements.txt"
# Bug fix: geckodriver must be fetched as a binary, not cloned from source
"GECKO_VER=$(curl -s https://api.github.com/repos/mozilla/geckodriver/releases/latest | grep tag_name | cut -d '\"' -f4) && "
"wget -q https://github.com/mozilla/geckodriver/releases/download/$GECKO_VER/geckodriver-$GECKO_VER-linux64.tar.gz -O /tmp/geckodriver.tar.gz && "
"tar -xzf /tmp/geckodriver.tar.gz -C /tmp && sudo mv /tmp/geckodriver /usr/local/bin/",
"cd QRLJacking && pip3 install --user -r QRLJacker/requirements.txt",
]
RUN_COMMANDS = ["cd QRLJacking/QRLJacker;python3 QrlJacker.py"]
RUN_COMMANDS = ["cd QRLJacking/QRLJacker && python3 QrlJacker.py"]
PROJECT_URL = "https://github.com/OWASP/QRLJacking"
class Maskphish(HackingTool):
TITLE = "Miskphish"
TITLE = "Maskphish"
DESCRIPTION = "Hide phishing URL under a normal looking URL (google.com or facebook.com)"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/jaykali/maskphish.git",
"cd maskphish"]
RUN_COMMANDS = ["cd maskphish;sudo bash maskphish.sh"]
]
RUN_COMMANDS = ["cd maskphish && sudo bash maskphish.sh"]
PROJECT_URL = "https://github.com/jaykali/maskphish"
@ -203,23 +189,27 @@ class BlackPhish(HackingTool):
TITLE = "BlackPhish"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/iinc0gnit0/BlackPhish.git",
"cd BlackPhish;sudo bash install.sh"
"cd BlackPhish && sudo bash install.sh",
]
RUN_COMMANDS = ["cd BlackPhish;sudo python3 blackphish.py"]
RUN_COMMANDS = ["cd BlackPhish && sudo python3 blackphish.py"]
PROJECT_URL = "https://github.com/iinc0gnit0/BlackPhish"
def __init__(self):
super(BlackPhish, self).__init__([('Update', self.update)])
# Bug fix: super() Python 3 style
super().__init__([("Update", self.update)])
def update(self):
os.system("cd BlackPhish;sudo bash update.sh")
os.system("cd BlackPhish && sudo bash update.sh")
class dnstwist(HackingTool):
Title = 'dnstwist'
Install_commands = ['sudo git clone https://github.com/elceef/dnstwist.git','cd dnstwist']
Run_commands = ['cd dnstwist;sudo python3 dnstwist.py']
project_url = 'https://github.com/elceef/dnstwist'
class Dnstwist(HackingTool):
# Bug 2 fix: all attributes were wrong case (Title, Install_commands, etc.)
# They are now the correct uppercase names the base class reads.
TITLE = "dnstwist"
DESCRIPTION = "Domain name permutation engine for detecting typosquatting, phishing and brand impersonation"
INSTALL_COMMANDS = ["pip3 install --user dnstwist"]
RUN_COMMANDS = ["dnstwist --help"]
PROJECT_URL = "https://github.com/elceef/dnstwist"
class PhishingAttackTools(HackingToolsCollection):
@ -241,79 +231,10 @@ class PhishingAttackTools(HackingToolsCollection):
QRLJacking(),
BlackPhish(),
Maskphish(),
dnstwist()
Dnstwist(),
]
def _get_attr_fallback(self, item, *names, default=""):
for n in names:
if hasattr(item, n):
return getattr(item, n)
return default
def pretty_print(self):
table = Table(title="Phishing Attack Tools", show_lines=True, expand=True)
table.add_column("Title", style="purple", no_wrap=True)
table.add_column("Description", style="purple")
table.add_column("Project URL", style="purple", no_wrap=True)
for t in self.TOOLS:
# try typical attribute names, then fall back to common variations
title = (
self._get_attr_fallback(t, "TITLE", "Title", "title")
or t.__class__.__name__
)
desc = self._get_attr_fallback(t, "DESCRIPTION", "Description", "description", "INSTALL_COMMANDS", default="") or ""
# prefer PROJECT_URL but also accept project_url or project_url-like fields
url = self._get_attr_fallback(t, "PROJECT_URL", "PROJECT_URL", "PROJECT", "project_url", "projectUrl", default="") or ""
table.add_row(str(title), str(desc).strip().replace("\n", " "), str(url))
panel = Panel(table, title="[purple]Available Tools[/purple]", border_style="purple")
console.print(panel)
def show_options(self, parent=None):
console.print("\n")
panel = Panel.fit("[bold magenta]Phishing Attack Tools Collection[/bold magenta]\n"
"Select a tool to view options or run it.",
border_style="purple")
console.print(panel)
table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True, expand=True)
table.add_column("Index", justify="center", style="bold yellow")
table.add_column("Tool Name", justify="left", style="bold green")
table.add_column("Description", justify="left", style="white")
for i, tool in enumerate(self.TOOLS):
title = self._get_attr_fallback(tool, "TITLE", "Title", "title", default=tool.__class__.__name__)
desc = self._get_attr_fallback(tool, "DESCRIPTION", "Description", "description", default="")
table.add_row(str(i + 1), title, desc or "")
table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu")
console.print(table)
try:
choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]", default="99")
choice = int(choice)
if 1 <= choice <= len(self.TOOLS):
selected = self.TOOLS[choice - 1]
# If tool exposes show_options (collection-style), delegate to it
if hasattr(selected, "show_options"):
selected.show_options(parent=self)
# Otherwise, if runnable, call its run method
elif hasattr(selected, "run"):
selected.run()
# Preserve any before_run hooks if present
elif hasattr(selected, "before_run"):
selected.before_run()
else:
console.print("[bold yellow]Selected tool has no runnable interface.[/bold yellow]")
elif choice == 99:
return 99
except Exception:
console.print("[bold red]Invalid choice. Try again.[/bold red]")
return self.show_options(parent=parent)
if __name__ == "__main__":
tools = PhishingAttackTools()
tools.pretty_print()
tools.show_options()

13
tools/remote_administration.py
View file

@ -12,17 +12,8 @@ _theme = Theme({"purple": "#7B61FF"})
console = Console(theme=_theme)
class Stitch(HackingTool):
TITLE = "Stitch"
DESCRIPTION = "Stitch is a cross platform python framework.\n" \
"which allows you to build custom payloads\n" \
"For Windows, Mac and Linux."
INSTALL_COMMANDS = [
"sudo git clone https://github.com/nathanlopez/Stitch.git",
"cd Stitch;sudo pip install -r lnx_requirements.txt"
]
RUN_COMMANDS = ["cd Stitch;python main.py"]
PROJECT_URL = "https://github.com/nathanlopez/Stitch"
# Bug 17 fix: Stitch was defined in both payload_creator.py and remote_administration.py.
# It is kept in payload_creator.py (its correct category) and removed from here.
class Pyshell(HackingTool):

7
tools/reverse_engineering.py
View file

@ -48,12 +48,15 @@ class Jadx(HackingTool):
"resources.arsc"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/skylot/jadx.git",
"cd jadx;./gradlew dist"
# Bug 30 fix: gradlew dist requires Java — check first
"java -version 2>&1 | grep -q 'version' && cd jadx && ./gradlew dist || echo '[ERROR] Java not found. Install: sudo apt install default-jdk'",
]
PROJECT_URL = "https://github.com/skylot/jadx"
REQUIRES_JAVA = True
def __init__(self):
super(Jadx, self).__init__(runnable=False)
# Py3-4 fix: super(Jadx, self) → super()
super().__init__(runnable=False)
class ReverseEngineeringTools(HackingToolsCollection):

10
tools/sql_tools.py
View file

@ -25,9 +25,13 @@ class Sqlmap(HackingTool):
class NoSqlMap(HackingTool):
TITLE = "NoSqlMap"
DESCRIPTION = "NoSQLMap is an open source Python tool designed to audit and automate injection attacks. [*] Please install MongoDB."
INSTALL_COMMANDS = ["git clone https://github.com/codingo/NoSQLMap.git",
"sudo chmod -R 755 NoSQLMap;cd NoSQLMap;python setup.py install"]
RUN_COMMANDS = ["python NoSQLMap"]
INSTALL_COMMANDS = [
"git clone https://github.com/codingo/NoSQLMap.git",
# Bug 25 fix: was "python setup.py install" (Python 2) and "python NoSQLMap"
"cd NoSQLMap && pip install --user .",
]
# Bug 25 fix: "python" → "python3"
RUN_COMMANDS = ["python3 -m nosqlmap"]
PROJECT_URL = "https://github.com/codingo/NoSQLMap"

187
tools/wireless_attack_tools.py
View file

@ -1,80 +1,68 @@
# coding=utf-8
import os
import subprocess
from core import HackingTool
from core import HackingToolsCollection
from rich.console import Console
from rich.theme import Theme
from rich.table import Table
from rich.panel import Panel
from rich.prompt import Prompt
_theme = Theme({"purple": "#7B61FF"})
console = Console(theme=_theme)
from core import HackingTool, HackingToolsCollection, console
class WIFIPumpkin(HackingTool):
TITLE = "WiFi-Pumpkin"
DESCRIPTION = (
"The WiFi-Pumpkin is a rogue AP framework to easily create "
"these fake networks\n"
"all while forwarding legitimate traffic to and from the "
"unsuspecting target."
"The WiFi-Pumpkin is a rogue AP framework to easily create fake networks\n"
"while forwarding legitimate traffic to and from the unsuspecting target."
)
INSTALL_COMMANDS = [
"sudo apt install libssl-dev libffi-dev build-essential",
"sudo apt install -y libssl-dev libffi-dev build-essential python3-pyqt5",
"sudo git clone https://github.com/P0cL4bs/wifipumpkin3.git",
"chmod -R 755 wifipumpkin3",
"sudo apt install python3-pyqt5",
"cd wifipumpkin3;sudo python3 setup.py install",
"cd wifipumpkin3 && pip install --user .",
]
RUN_COMMANDS = ["sudo wifipumpkin3"]
PROJECT_URL = "https://github.com/P0cL4bs/wifipumpkin3"
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
class pixiewps(HackingTool):
TITLE = "pixiewps"
DESCRIPTION = (
"Pixiewps is a tool written in C used to bruteforce offline "
"the WPS pin\n "
"exploiting the low or non-existing entropy of some Access "
"Points, the so-called pixie dust attack"
"Pixiewps is a tool written in C used to bruteforce offline the WPS pin\n"
"exploiting the low or non-existing entropy of some Access Points "
"(pixie dust attack)."
)
INSTALL_COMMANDS = [
# Bug 29 fix: removed wget https://pastebin.com/... (insecure download from pastebin)
"sudo git clone https://github.com/wiire/pixiewps.git && apt-get -y install build-essential",
"cd pixiewps*/ && make",
"cd pixiewps*/ && sudo make install && wget https://pastebin.com/y9Dk1Wjh",
"cd pixiewps && make",
"cd pixiewps && sudo make install",
]
PROJECT_URL = "https://github.com/wiire/pixiewps"
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
def run(self):
os.system(
'echo "'
'1.> Put your interface into monitor mode using '
"'airmon-ng start {wireless interface}\n'"
"'2.> wash -i {monitor-interface like mon0}\'\n'"
"'3.> reaver -i {monitor interface} -b {BSSID of router} -c {router channel} -vvv -K 1 -f"
'| boxes -d boy'
console.print(
"[bold cyan]Usage:[/bold cyan]\n"
" 1. Put interface into monitor mode: [yellow]airmon-ng start <iface>[/yellow]\n"
" 2. Scan: [yellow]wash -i <mon-iface>[/yellow]\n"
" 3. Attack: [yellow]reaver -i <mon-iface> -b <BSSID> -c <ch> -vvv -K 1 -f[/yellow]\n"
" 4. Run: [yellow]pixiewps -h[/yellow]"
)
print("You Have To Run Manually By USing >>pixiewps -h ")
class BluePot(HackingTool):
TITLE = "Bluetooth Honeypot GUI Framework"
DESCRIPTION = (
"You need to have at least 1 bluetooth receiver "
"(if you have many it will work with those, too).\n"
"You must install/libbluetooth-dev on "
"Ubuntu/bluez-libs-devel on Fedora/bluez-devel on openSUSE"
"You need at least 1 bluetooth receiver.\n"
"Install libbluetooth-dev (Ubuntu) / bluez-libs-devel (Fedora) / bluez-devel (openSUSE)."
)
INSTALL_COMMANDS = [
"sudo wget https://raw.githubusercontent.com/andrewmichaelsmith/bluepot/master/bin/bluepot-0.2.tar.gz"
"sudo tar xfz bluepot-0.2.tar.gz;sudo rm bluepot-0.2.tar.gz"
# Bug 15 fix: missing comma caused implicit string concatenation — two strings joined
"sudo wget https://raw.githubusercontent.com/andrewmichaelsmith/bluepot/master/bin/bluepot-0.2.tar.gz",
"sudo tar xfz bluepot-0.2.tar.gz && sudo rm bluepot-0.2.tar.gz",
]
RUN_COMMANDS = ["cd bluepot && sudo java -jar bluepot.jar"]
PROJECT_URL = "https://github.com/andrewmichaelsmith/bluepot"
SUPPORTED_OS = ["linux"]
REQUIRES_JAVA = True
class Fluxion(HackingTool):
@ -82,87 +70,92 @@ class Fluxion(HackingTool):
DESCRIPTION = "Fluxion is a remake of linset by vk496 with enhanced functionality."
INSTALL_COMMANDS = [
"git clone https://github.com/FluxionNetwork/fluxion.git",
"cd fluxion && sudo chmod +x fluxion.sh",
"cd fluxion && chmod +x fluxion.sh",
]
RUN_COMMANDS = ["cd fluxion;sudo bash fluxion.sh -i"]
RUN_COMMANDS = ["cd fluxion && sudo bash fluxion.sh -i"]
PROJECT_URL = "https://github.com/FluxionNetwork/fluxion"
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
class Wifiphisher(HackingTool):
TITLE = "Wifiphisher"
DESCRIPTION = """
Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing.
Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing
targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the
connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the
victim stations with malware..\n
For More Details Visit >> https://github.com/wifiphisher/wifiphisher
"""
DESCRIPTION = (
"Wifiphisher is a rogue Access Point framework for conducting red team engagements\n"
"or Wi-Fi security testing. Easily achieve man-in-the-middle position against\n"
"wireless clients by performing targeted Wi-Fi association attacks."
)
INSTALL_COMMANDS = [
"git clone https://github.com/wifiphisher/wifiphisher.git",
"cd wifiphisher;sudo python3 setup.py install",
"cd wifiphisher && pip install --user .",
]
RUN_COMMANDS = ["cd wifiphisher;sudo wifiphisher"]
RUN_COMMANDS = ["cd wifiphisher && sudo wifiphisher"]
PROJECT_URL = "https://github.com/wifiphisher/wifiphisher"
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
class Wifite(HackingTool):
TITLE = "Wifite"
DESCRIPTION = "Wifite is an automated wireless attack tool"
DESCRIPTION = "Wifite is an automated wireless attack tool."
INSTALL_COMMANDS = [
"sudo git clone https://github.com/derv82/wifite2.git",
"cd wifite2 && sudo python3 setup.py install",
"cd wifite2 && pip install --user .",
]
RUN_COMMANDS = ["cd wifite2; sudo wifite"]
RUN_COMMANDS = ["sudo wifite"]
PROJECT_URL = "https://github.com/derv82/wifite2"
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
class EvilTwin(HackingTool):
TITLE = "EvilTwin"
DESCRIPTION = (
"Fakeap is a script to perform Evil Twin Attack, by getting"
" credentials using a Fake page and Fake Access Point"
"Fakeap — perform Evil Twin Attack by getting credentials "
"using a Fake page and Fake Access Point."
)
INSTALL_COMMANDS = ["sudo git clone https://github.com/Z4nzu/fakeap.git"]
RUN_COMMANDS = ["cd fakeap && sudo bash fakeap.sh"]
PROJECT_URL = "https://github.com/Z4nzu/fakeap"
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
class Fastssh(HackingTool):
TITLE = "Fastssh"
DESCRIPTION = (
"Fastssh is an Shell Script to perform multi-threaded scan"
" \n and brute force attack against SSH protocol using the "
"most commonly credentials."
"Fastssh — multi-threaded scan and brute force attack against SSH protocol\n"
"using the most commonly used credentials."
)
INSTALL_COMMANDS = [
"sudo git clone https://github.com/Z4nzu/fastssh.git && cd fastssh && sudo chmod +x fastssh.sh",
"sudo git clone https://github.com/Z4nzu/fastssh.git && cd fastssh && chmod +x fastssh.sh",
"sudo apt-get install -y sshpass netcat",
]
RUN_COMMANDS = ["cd fastssh && sudo bash fastssh.sh --scan"]
PROJECT_URL = "https://github.com/Z4nzu/fastssh"
SUPPORTED_OS = ["linux"]
class Howmanypeople(HackingTool):
TITLE = "Howmanypeople"
DESCRIPTION = (
"Count the number of people around you by monitoring wifi "
"signals.\n"
"[@] WIFI ADAPTER REQUIRED* \n[*]"
"It may be illegal to monitor networks for MAC addresses, \n"
"especially on networks that you do not own. "
"Please check your country's laws"
"Count the number of people around you by monitoring wifi signals.\n"
"[@] WIFI ADAPTER REQUIRED\n"
"[*] It may be illegal to monitor networks for MAC addresses on networks you do not own."
)
INSTALL_COMMANDS = [
"sudo apt-get install tshark"
";sudo python3 -m pip install howmanypeoplearearound"
# Bug 14 fix: missing comma caused "sudo apt-get install tshark;sudo python3..."
# to be one implicitly concatenated string — only first command ran
"sudo apt-get install -y tshark",
"sudo python3 -m pip install howmanypeoplearearound",
]
RUN_COMMANDS = ["howmanypeoplearearound"]
SUPPORTED_OS = ["linux"]
REQUIRES_WIFI = True
class WirelessAttackTools(HackingToolsCollection):
TITLE = "Wireless attack tools"
DESCRIPTION = ""
TOOLS = [
WIFIPumpkin(),
pixiewps(),
@ -175,59 +168,7 @@ class WirelessAttackTools(HackingToolsCollection):
Howmanypeople(),
]
def pretty_print(self):
table = Table(title="Wireless Attack Tools", show_lines=True, expand=True)
table.add_column("Title", style="purple", no_wrap=True)
table.add_column("Description", style="purple")
table.add_column("Project URL", style="purple", no_wrap=True)
for t in self.TOOLS:
desc = getattr(t, "DESCRIPTION", "") or ""
url = getattr(t, "PROJECT_URL", "") or ""
table.add_row(t.TITLE, desc.strip().replace("\n", " "), url)
panel = Panel(table, title="[purple]Available Tools[/purple]", border_style="purple")
console.print(panel)
def show_options(self, parent=None):
console.print("\n")
panel = Panel.fit("[bold magenta]Wireless Attack Tools Collection[/bold magenta]\n"
"Select a tool to view options or run it.",
border_style="purple")
console.print(panel)
table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True, expand=True)
table.add_column("Index", justify="center", style="bold yellow")
table.add_column("Tool Name", justify="left", style="bold green")
table.add_column("Description", justify="left", style="white")
for i, tool in enumerate(self.TOOLS):
title = getattr(tool, "TITLE", tool.__class__.__name__)
desc = getattr(tool, "DESCRIPTION", "")
table.add_row(str(i + 1), title, desc or "")
table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu")
console.print(table)
try:
choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]", default="99")
choice = int(choice)
if 1 <= choice <= len(self.TOOLS):
selected = self.TOOLS[choice - 1]
if hasattr(selected, "show_options"):
selected.show_options(parent=self)
elif hasattr(selected, "run"):
selected.run()
else:
console.print("[bold yellow]Selected tool has no runnable interface.[/bold yellow]")
elif choice == 99:
return 99
except Exception:
console.print("[bold red]Invalid choice. Try again.[/bold red]")
return self.show_options(parent=parent)
if __name__ == "__main__":
tools = WirelessAttackTools()
tools.pretty_print()
tools.show_options()
tools.show_options()

4
tools/wordlist_generator.py
View file

@ -18,8 +18,8 @@ console = Console(theme=_theme)
class Cupp(HackingTool):
TITLE = "Cupp"
DESCRIPTION = "WlCreator is a C program that can create all possibilities of passwords,\n " \
"and you can choose Length, Lowercase, Capital, Numbers and Special Chars"
# Bug 24 fix: DESCRIPTION was copy-pasted from WlCreator — completely wrong
DESCRIPTION = "Common User Passwords Profiler — generates personalized wordlists based on target info."
INSTALL_COMMANDS = ["git clone https://github.com/Mebus/cupp.git"]
RUN_COMMANDS = ["cd cupp && python3 cupp.py -i"]
PROJECT_URL = "https://github.com/Mebus/cupp"