Elgato_dark/hackingtool
1
0
Fork 0
mirror of https://github.com/Z4nzu/hackingtool synced 2026-05-24 09:28:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
hackingtool/tools/forensics.py
Hardik Zinzuvadiya cce4606d0e Phase 10: Add modern tools across 6 categories 
Information Gathering (+7):
  theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx

Web Attack (+6):
  Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana

Wordlist/Password (+3):
  Hashcat, John the Ripper, haiti

Wireless Attack (+3):
  Airgeddon, hcxdumptool, hcxtools

Forensics (+2):
  Volatility3, Binwalk

Post Exploitation (+1):
  pwncat-cs
2026-03-15 14:04:39 +05:30

145 lines
5 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import os
from core import HackingTool, HackingToolsCollection, console
from rich.panel import Panel
from rich.text import Text
from rich.prompt import Prompt
class Autopsy(HackingTool):
TITLE = "Autopsy"
DESCRIPTION = "Autopsy is a platform that is used by Cyber Investigators.\n" \
"[!] Works in any OS\n" \
"[!] Recover Deleted Files from any OS & Media \n" \
"[!] Extract Image Metadata"
RUN_COMMANDS = ["sudo autopsy"]
def __init__(self):
super().__init__(installable=False)
class Wireshark(HackingTool):
TITLE = "Wireshark"
DESCRIPTION = "Wireshark is a network capture and analyzer \n" \
"tool to see whats happening in your network.\n " \
"And also investigate Network related incident"
RUN_COMMANDS = ["sudo wireshark"]
def __init__(self):
super().__init__(installable=False)
class BulkExtractor(HackingTool):
TITLE = "Bulk extractor"
DESCRIPTION = "Extract useful information without parsing the file system"
PROJECT_URL = "https://github.com/simsong/bulk_extractor"
SUPPORTED_OS = ["linux"]
def __init__(self):
super().__init__([
('GUI Mode (Download required)', self.gui_mode),
('CLI Mode', self.cli_mode)
], installable=False, runnable=False)
def gui_mode(self):
import subprocess
from config import get_tools_dir
console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta"))
console.print("[bold magenta]Cloning repository and attempting to run GUI...[/]")
tools_dir = get_tools_dir()
subprocess.run(["git", "clone", "https://github.com/simsong/bulk_extractor.git"],
cwd=str(tools_dir))
be_dir = tools_dir / "bulk_extractor"
subprocess.run(["./BEViewer"], cwd=str(be_dir / "java_gui"))
console.print(
"[magenta]If you get an error after clone go to /java_gui/src/ and compile the .jar file && run ./BEViewer[/]")
console.print(
"[magenta]Please visit for more details about installation: https://github.com/simsong/bulk_extractor[/]")
def cli_mode(self):
import subprocess
console.print(Panel(Text(self.TITLE + " - CLI Mode", justify="center"), style="bold magenta"))
subprocess.run(["sudo", "apt", "install", "-y", "bulk-extractor"])
console.print("[magenta]bulk_extractor [options] imagefile[/]")
subprocess.run(["bulk_extractor", "-h"])
class Guymager(HackingTool):
TITLE = "Disk Clone and ISO Image Acquire"
DESCRIPTION = "Guymager is a free forensic imager for media acquisition."
SUPPORTED_OS = ["linux"]
INSTALL_COMMANDS = ["sudo apt install guymager"]
RUN_COMMANDS = ["sudo guymager"]
PROJECT_URL = "https://guymager.sourceforge.io/"
def __init__(self):
super().__init__(installable=False)
class Toolsley(HackingTool):
TITLE = "Toolsley"
DESCRIPTION = "Toolsley got more than ten useful tools for investigation.\n" \
"[+]File signature verifier\n" \
"[+]File identifier \n" \
"[+]Hash & Validate \n" \
"[+]Binary inspector \n " \
"[+]Encode text \n" \
"[+]Data URI generator \n" \
"[+]Password generator"
PROJECT_URL = "https://www.toolsley.com/"
def __init__(self):
super().__init__(installable=False, runnable=False)
class Volatility3(HackingTool):
TITLE = "Volatility 3 (Memory Forensics)"
DESCRIPTION = (
"The world's most widely used memory forensics framework.\n"
"Usage: python3 vol.py -f memory.dmp windows.pslist"
)
INSTALL_COMMANDS = [
"git clone https://github.com/volatilityfoundation/volatility3.git",
"cd volatility3 && pip install --user -r requirements.txt",
]
PROJECT_URL = "https://github.com/volatilityfoundation/volatility3"
def run(self):
from config import get_tools_dir
import subprocess
from rich.prompt import Prompt
dump = Prompt.ask("Enter path to memory dump")
plugin = Prompt.ask("Enter plugin", default="windows.pslist")
subprocess.run(
["python3", "vol.py", "-f", dump, plugin],
cwd=str(get_tools_dir() / "volatility3"),
)
class Binwalk(HackingTool):
TITLE = "Binwalk (Firmware Analysis)"
DESCRIPTION = (
"Analyze, reverse engineer, and extract firmware images.\n"
"Usage: binwalk -e firmware.bin"
)
INSTALL_COMMANDS = ["pip install --user binwalk"]
RUN_COMMANDS = ["binwalk --help"]
PROJECT_URL = "https://github.com/ReFirmLabs/binwalk"
class ForensicTools(HackingToolsCollection):
TITLE = "Forensic tools"
TOOLS = [
Autopsy(),
Wireshark(),
BulkExtractor(),
Guymager(),
Toolsley(),
Volatility3(),
Binwalk(),
]
if __name__ == "__main__":
tools = ForensicTools()
tools.show_options()
Reference in a new issue View git blame Copy permalink