You've already forked hackingtool
mirror of
https://github.com/Z4nzu/hackingtool.git
synced 2026-04-24 03:36:11 +02:00
Hardik Zinzuvadiya
01a51bbca6
* Phase 0: Add foundation files for v2.0.0 restructure
- constants.py: single source of truth for repo URLs, version (2.0.0),
all paths via Path.home(), UI theme constants, PRIV_CMD auto-detection
- os_detect.py: OSInfo dataclass, auto-detect OS/distro/package manager,
CURRENT_OS singleton, per-OS install command maps
- config.py: get_tools_dir(), load()/save() config.json, get_sudo_cmd()
- tools/__init__.py, tools/others/__init__.py: make proper Python packages
- IMPLEMENTATION.md: full 18-section restructuring plan (2350+ lines)
- LOG.md: 13-phase progress tracker
* Phase 1+2: Fix all 30 critical bugs and 4 security vulnerabilities
* Phase 3: Installation & path overhaul
* Phase 4+5: Core architecture + shared console across all tool files
Phase 4 (core.py — largely done in Phase 1, completed here):
- HackingTool: add ARCHIVED, ARCHIVED_REASON, SUPPORTED_OS, REQUIRES_* fields
- HackingTool: remove INSTALLATION_DIR (unused)
- HackingToolsCollection: add _active_tools(), _archived_tools(), _incompatible_tools()
- HackingToolsCollection: add _show_archived_tools() (option 98 sub-menu)
- HackingToolsCollection.show_options(): filter by OS and ARCHIVED flag
- OS-incompatible tools show count but are hidden from menu
- Archived tools accessible via option 98 with reason displayed
Phase 5 (all 22 remaining tool files):
- Remove local console = Console() and _theme = Theme() from all 22 files
- Remove P_COLOR and PURPLE_STYLE local constants
- Add `from core import HackingTool, HackingToolsCollection, console` everywhere
- Remove show_options() overrides from all collection classes (500+ lines deleted)
- Remove pretty_print() overrides from all collection classes
- Remove _get_attr() / _get_attr_fallback() helpers from all collection classes
- Replace super(ClassName, self).__init__() → super().__init__() in all files
- Remove # coding=utf-8 headers from all files
- Fix remaining PURPLE_STYLE usages → "bold magenta" literal
All 28 tool modules import cleanly. Zero local console instances remain.
* Phase 6: Naming & structure cleanup
- Rename tools/phising_attack.py → phishing_attack.py (fix typo)
- Rename tools/information_gathering_tools.py → information_gathering.py
- Rename tools/wireless_attack_tools.py → wireless_attack.py
- Rename tools/forensic_tools.py → forensics.py
- Rename tools/sql_tools.py → sql_injection.py
- Rename tools/webattack.py → web_attack.py
- Rename class autophisher → Autophisher (PEP-8 CapWords)
- Rename class ddos → DDoSTool (PEP-8 CapWords), TITLE "ddos" → "DDoS"
- Update all imports in hackingtool.py and exploit_frameworks.py
* Phase 7: Tool install command fixes
- Replace setup.py install → pip install --user . (explo, takeover, reconspider, infoga)
- Mark Blazy as ARCHIVED: Python 2 only (pip2.7/python2.7)
- Replace sudo git clone → git clone everywhere (no root needed for user tools dir)
- Replace sudo pip install → pip install --user everywhere
- Fix dalfox: git clone + cd approach → go install github.com/hahwul/dalfox/v2@latest
- Add apt -y flag to ReconSpider apt install
* Phase 8: Mark archived tools and add SUPPORTED_OS flags
- Remove stale sys.path.append hack from forensics.py (unused since package structure)
- Add SUPPORTED_OS = ["linux"] to BulkExtractor, Guymager (apt/Linux-only)
- Add SUPPORTED_OS = ["linux"] to all android_attack.py tools (bash scripts)
- Add SUPPORTED_OS = ["linux"], REQUIRES_WIFI = True to wifi_jamming.py tools
- Fix WifiJammerNG RUN_COMMANDS: python → python3, remove boxes/lolcat pipe
* Phase 11: requirements.txt and Dockerfile cleanup
- requirements.txt: remove boxes, lolcat (system CLI tools not pip packages),
flask (unused), requests (unused at runtime); pin rich>=13.0.0
- Dockerfile: add --break-system-packages to pip3 install (PEP 668 compliance
on Kali/Debian externally-managed Python environments)
* Phase 13: Python 3 modernization and os.system cleanup
- Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...)
in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot),
forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update)
- Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print
- Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print
- Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form
* Phase 13 (cont): Final os.system cleanup
- anonsurf.py: os.system("sudo anonsurf stop") → subprocess.run list form
- tool_manager.py: os.system(f"{priv}{cmd}") → subprocess.run(shell=True)
(shell=True justified: cmd is from hardcoded PACKAGE_UPDATE_CMDS dict, not user input)
* Phase 9: Add SUPPORTED_OS flags to remaining Linux-only tools
Mark bash-script and apt-dependent tools as linux-only so they are
hidden automatically on macOS via _active_tools() filter in core.py:
- phishing_attack.py: 14 tools (all bash-script based)
- ddos.py: all 6 tools (Linux network stack required)
- post_exploitation.py: Vegile, ChromeKeyLogger
- payload_creator.py: all 7 tools (bash setup scripts)
- exploit_frameworks.py: WebSploit (bash install)
- reverse_engineering.py: Apk2Gold (bash build)
- xss_attack.py: RVuln (Rust + apt deps)
* Phase 10: Add modern tools across 6 categories
Information Gathering (+7):
theHarvester, Amass, Masscan, RustScan, Holehe, Maigret, httpx
Web Attack (+6):
Nuclei, ffuf, Feroxbuster, Nikto, wafw00f, Katana
Wordlist/Password (+3):
Hashcat, John the Ripper, haiti
Wireless Attack (+3):
Airgeddon, hcxdumptool, hcxtools
Forensics (+2):
Volatility3, Binwalk
Post Exploitation (+1):
pwncat-cs
* Phase 12: Update README for v2.0.0
- Version badge: v1.2.0 -> v2.0.0
- Python badge: Python-3 -> Python-3.10+
- Add macOS to platform badge
- Add 'What's new in v2.0.0' section replacing stale v1.2.0 notes
- Regenerate full tool list — 22 new tools marked with new
- Fix docker build typo: 'docker buitl' -> 'docker build'
- Add Requirements section (Python 3.10+, Go 1.21+, Ruby)
- Remove stale 'To do' checklist and old Docker output block
* Redesign README, templates, and update .github workflows
README.md:
- Modern centered header with full badge row
- Stats banner: 17 categories, 150+ tools
- What's new as a comparison table
- Tool category table with per-category counts
- Complete tool listing with star markers for new tools
- Contributing section with enforced title formats for issues and PRs
- Star History chart (Z4nzu/hackingtool)
- Cleaned up Installation, Requirements, Social sections
README_template.md:
- Full redesign matching README.md layout
- {{toc}} and {{tools}} placeholders preserved for generate_readme.py
- Contributing section with title format rules embedded in template
.github/ISSUE_TEMPLATE/bug_report.md:
- Remove irrelevant browser/smartphone sections
- Add tool name, category, error output, environment table
.github/ISSUE_TEMPLATE/feature_request.md:
- Tighten to 4 focused fields, note tool additions use separate template
.github/ISSUE_TEMPLATE/tool_request.md (new):
- Structured template for new tool suggestions
- Required fields: name, URL, category, OS, install/run commands, reason
- Enforced title format: [Tool Request] ToolName - Category
.github/PULL_REQUEST_TEMPLATE.md (new):
- PR checklist for new tool additions and other change types
- Enforced title format: [New Tool] / [Fix] / [Improve]
- All required class fields listed as checklist items
.github/workflows/lint_python.yml:
- actions/checkout v3 -> v4, setup-python v4 -> v5
- python-version: 3.x -> 3.12 (project requires 3.10+)
- ruff target-version: py37 -> py310
- ruff --show-source -> --output-format=full (updated flag name)
- Remove deprecated safety check command
.github/workflows/test_install.yml:
- actions/checkout v3 -> v4, setup-python v4 -> v5
- python-version: 3.x -> 3.12
- Replace fragile matrix of hard-coded menu numbers with
two simple smoke tests: launch+quit, and navigate+back
* Improve Dockerfile, docker-compose, add .dockerignore
Dockerfile:
- Add '# syntax=docker/dockerfile:1' to enable BuildKit features
- Add LABEL metadata (OCI image spec)
- Remove unused apt packages: sudo, python3-venv
- Replace --no-cache-dir with --mount=type=cache for pip (faster rebuilds)
- Add comments explaining each decision
docker-compose.yml:
- Remove deprecated 'version:' field (Compose v2 ignores it, shows warning)
- Add 'image: hackingtool:latest' tag for clarity
- Add 'restart: unless-stopped' for production service
- Add 'hackingtool-dev' profile service with live source volume mount
so dev workflow (edit without rebuild) is separate from default run
- Clarify volume purpose in comments
.dockerignore (new):
- Exclude .git/, images/, __pycache__/, .github/, *.md, tests/
- Prevents multi-hundred-MB build context; dramatically reduces image size
- Keeps layer cache more stable (README changes no longer bust COPY layer)
README.md / README_template.md:
- Replace single-line Docker snippet with 3-option step-by-step guide:
Option A: docker run -it --rm (no Compose)
Option B: docker compose up -d + exec (recommended)
Option C: docker compose --profile dev (live source mount)
- Add docker compose down / down -v stop instructions
* Fix Docker sudo error, 99 back navigation, and empty input exit
install.py:
- sudo prefix now determined by euid (== 0 means root) not by OS name
- Previously used 'sudo ' for all Linux — breaks inside Docker where we
run as root but sudo is not installed
- Single priv variable computed once at top of install_system_packages()
Dockerfile:
- Add python3-venv back to apt installs
- Was removed as 'unused' but install.py uses 'python3 -m venv' to create
the virtualenv in APP_INSTALL_DIR; missing package caused venv failure
core.py (HackingTool.show_options + HackingToolsCollection.show_options):
- 99 always returns now instead of sys.exit() when parent is None
Previously: sub-menus with no parent called sys.exit() — since
interact_menu() never passes parent, pressing 99 in any category
exited the entire program instead of returning to the main menu
- Empty Enter (blank input) now continues the loop instead of
defaulting to "99" and triggering exit
Previously: Prompt default="99" meant pressing Enter without typing
anything was treated as choosing exit
- "Exit" label on 99 row changed to "Main Menu" since it now returns
* Restore Description column and 1-based numbering in collection menus
HackingToolsCollection.show_options():
- Add Description column back (was dropped during restructure)
- Show first line of description; '—' for tools with no description
- Switch to box.SIMPLE_HEAD with show_lines=True for row separators
- Numbering changed from 0-based to 1-based (index 1..N)
- Input validation updated: 1 <= choice <= len(active) with active[choice-1]
* Redesign main menu: compact header, 2-column grid, 1-based numbering, ? help
Header:
- Replace 8-line pixelated ASCII logo with a compact 9-line styled panel
- Shows tool name, version, repo URL, and legal warning in one block
- Screen is now cleared inside build_menu() on each main menu render
Menu layout:
- Single narrow column → 2-column grid (9 left / 8 right)
- Full terminal width is used; short display labels prevent truncation
- tool_definitions gains a third field (menu_label) for the grid;
full TITLE is still used when entering a category
Numbering:
- 0-based → 1-based throughout interact_menu()
- ToolManager is item 18 (was mislabeled 99, conflicting with exit)
- Input validation: 1 <= choice <= len(all_tools) → all_tools[choice - 1]
Commands:
- Add ? / help → show Quick Help overlay (main/category/tool reference)
- Add q / quit / exit → clean exit with goodbye message
- Remove Confirm.ask("Return to main menu?") — pressing 99 in any
sub-menu already returns here; the extra prompt was redundant friction
- Ctrl+C still works as force quit
Error messages updated to reflect new command set
* Redesign header: hacker split-layout with ASCII art + live system info
Replace compact text panel with a Metasploit-style split header:
- Left: "HT" block-letter ASCII art in bright green
- Vertical │ separator that runs the full height of the art block
- Right: live system stats — os, kernel, user@host, ip, tool count, session time
- Bottom: random hacker quote (10 options, changes on each launch)
- Bottom: authorized-use warning in dim red
- Panel title: '[ HackingTool v2.0.0 ]' left-aligned (terminal bracket style)
- Panel subtitle: '[ timestamp ]' right-aligned
- Border: bright_magenta HEAVY box
Live info gathered via platform, socket, os.getlogin() with fallbacks:
- OS: platform.freedesktop_os_release() → PRETTY_NAME, else platform.system()
- IP: UDP connect trick (no data sent, gets local outbound IP)
- User: os.getlogin() → USER env → LOGNAME env → 'root'
* Redesign header: full HACKING TOOL art + ? and q in all sub-menus
hackingtool.py:
- Replace 6-line "HT" art with full 12-line "HACKING TOOL" block letters
- Right side gains 3 more info lines: python version, arch, status
- 12 art lines paired with 12 stat lines for consistent separator
- Layout optimized for wide terminals (100+ chars); gracefully
truncates on narrow ones
core.py — ? and q support in all sub-menus:
- Add _show_inline_help() function: compact navigation reference
(1-N select, 99 back, 98 project page, ? help, q quit)
- HackingTool.show_options(): parse ? → inline help, q → SystemExit
- HackingToolsCollection.show_options(): same ? and q handling
- Both menus now show hint bar: "Enter number · ? help · q quit"
- Prompt changed from "[?] Select" to ">" for consistency with main menu
- q/quit/exit raises SystemExit(0) to cleanly exit from any depth
* Add install.sh one-liner and fix install.py to detect local source
install.sh (new):
- Standalone bash installer for curl | sudo bash one-liner
- Detects package manager (apt-get, pacman, dnf, brew)
- Installs prerequisites: git, python3, pip, venv
- Checks Python >= 3.10
- Clones repo with --depth 1 (shallow, faster)
- Creates venv + installs requirements
- Creates /usr/bin/hackingtool launcher
- Creates ~/.hackingtool/ dirs with correct ownership (SUDO_USER)
install.py:
- Add _is_source_dir() — detects if install.py is being run from a local
clone (hackingtool.py exists alongside it)
- install_source() replaces git_clone() — copies source to /usr/share/
instead of re-cloning when running from a local clone
- Falls back to git clone --depth 1 when not in a source directory
- Eliminates the redundant clone-after-clone pattern
README.md / README_template.md:
- Add one-liner install as primary method
- Keep manual git clone + install.py as alternative
- Remove sudo from hackingtool run command (launcher handles it)
* Add 35 new tools across 3 new + 6 existing categories
New categories:
- tools/active_directory.py: BloodHound, NetExec (nxc), Impacket,
Responder, Certipy, Kerbrute (6 tools)
- tools/cloud_security.py: Prowler, ScoutSuite, Pacu, Trivy (4 tools)
- tools/mobile_security.py: MobSF, Frida, Objection (3 tools)
Existing categories expanded:
- information_gathering.py: +SpiderFoot, Subfinder, TruffleHog, Gitleaks (4)
- web_attack.py: +Gobuster, Dirsearch, OWASP ZAP, testssl.sh, Arjun,
Caido, mitmproxy (7)
- post_exploitation.py: +Sliver, Havoc, PEASS-ng, Ligolo-ng, Chisel,
Evil-WinRM, Mythic (7)
- reverse_engineering.py: +Ghidra, Radare2 (2)
- forensics.py: +pspy (1)
- wireless_attack.py: +Bettercap (1)
hackingtool.py:
- Import 3 new category modules
- Add 3 new entries to tool_definitions (AD, Cloud, Mobile)
- Add 3 new instances to all_tools list
- Categories: 17 -> 20, total tools: 150+ -> 185+
- Help overlay updated for new range (1-20, 21=Update)
* Feature: Search tools by name or keyword (/ or s)
- Add _collect_all_tools() — walks all collections recursively and
returns (tool_instance, category_name) pairs for 185 tools
- Add search_tools() — prompts for query, matches against TITLE and
DESCRIPTION (case-insensitive), shows results table with category,
user selects a result number to jump directly into tool.show_options()
- Wire / and s commands into interact_menu()
- Add / search to help overlay and hint bar
- Fix ToolManager row number: was hardcoded 18, now computed dynamically
from len(categories) + 1 (currently 21)
* Feature: Show installed status (✔/✘) next to each tool
core.py:
- Add is_installed property to HackingTool class
Checks: (1) shutil.which() for binary from first RUN_COMMAND,
(2) os.path.isdir() for git clone target directory
Handles "cd foo && binary" and "sudo binary" patterns
- Add status column to HackingToolsCollection.show_options() table
✔ (green) = installed, ✘ (dim) = not installed
- Archived/back rows updated for extra column
* Feature: Tag-based filtering with auto-derived tags (t command)
core.py:
- Add TAGS field to HackingTool class (list[str], default empty)
- Allows manual tag override per tool
hackingtool.py:
- Add _get_all_tags() — builds tag index from 19 regex rules that
auto-derive tags from tool TITLE + DESCRIPTION (osint, scanner, c2,
web, cloud, mobile, wireless, forensics, reversing, etc.)
- Manual TAGS on a tool class take priority over auto-derived
- Add filter_by_tag() — shows all available tags with tool counts,
user picks a tag, results shown with installed status, select to
jump directly into tool.show_options()
- Wire t/tag/tags/filter commands into interact_menu()
- Search also matches against TAGS field
- Updated hint bar: / search · t tags · ? help · q quit
- Updated help overlay with tag filter entry
* Feature: Install all tools in a category (option 97)
HackingToolsCollection.show_options():
- Count not-installed tools using is_installed property
- Show option 97 'Install all (N not installed)' when N > 0
- On select: iterates all not-installed tools, calls tool.install()
with progress counter (1/N, 2/N, ...) and error handling per tool
- Hidden when all tools are already installed
- Updated inline help to mention option 97
* Feature: Update command for each tool (option 3 in tool menu)
HackingTool:
- Add update() method — detects install method from INSTALL_COMMANDS
and runs the appropriate update:
git clone → git -C <dir> pull
pip install → pip install --upgrade
go install → re-runs go install (fetches latest)
gem install → gem update
- Checks is_installed first; shows warning if not installed
- Added as option 3 in every tool's OPTIONS menu (Install, Run, Update)
* Feature: Tool recommendations — "I want to do X" (r command)
- Add _RECOMMENDATIONS dict — maps 22 common tasks to tag names:
"scan a network" → scanner, "crack passwords" → bruteforce/credentials,
"pentest active directory" → active-directory, "pivot through network"
→ network, etc.
- Add recommend_tools() — shows numbered task list, user picks one,
shows all matching tools with installed status, select to jump in
- Wire r/rec/recommend into interact_menu()
- Updated hint bar and help overlay
* Update README with all new features, 3 new categories, 35 new tools
- Stats banner: 17 → 20 categories, 150+ → 185+ tools
- What's New table: add 10 new feature entries (search, tags, recommend,
install status, install all, update, one-liner, new categories/tools)
- Add Quick Commands reference table (/, t, r, ?, q, 97, 99)
- Tool Categories table: add Active Directory, Cloud Security,
Mobile Security rows; update tool counts for expanded categories
- Add 3 new category sections: Active Directory Tools (6), Cloud
Security Tools (4), Mobile Security Tools (3) with GitHub links
- Mark all 35 new tools with ★ in their respective category sections
* UI: Dual-line prompt and inline /query search
Prompt style (all menus):
- Replace bare '>' with '╰─>' connected to the hint bar above
- Hint bar uses Claude CLI style: first letter highlighted in cyan,
rest dimmed (/search tags recommend ?help quit)
- Creates a visual dual-line input area similar to Claude Code CLI
Inline search:
- Typing /subdomain at the main prompt immediately searches and
shows results — no second "enter query" prompt needed
- / (bare slash) still opens the interactive search prompt
- s still works as a search alias
- search_tools() now accepts optional query parameter
core.py sub-menus:
- Same dual-line prompt style: hint bar + ╰─>
- Compact hint: ?help quit 99 back
* Fix is_installed crash on sub-collections (OtherTools)
OtherTools.TOOLS contains HackingToolsCollection instances (like
SocialMediaBruteforceTools) which don't have the is_installed property.
- Guard is_installed access with hasattr() in both the status column
and the not_installed count for Install All
- Sub-collections show blank status; individual tools show ✔/✘
* Add Buy Me a Coffee link to README and FUNDING.yml
- README.md: Add Support section with Buy Me a Coffee button above Social
- .github/FUNDING.yml: Add buy_me_a_coffee: hardikzinzu
(enables GitHub Sponsor button on the repo page)
* Feature: Open Folder option to manually access tool directory
HackingTool:
- Add _get_tool_dir() — finds the tool's local directory by checking:
1. Git clone target dir (from INSTALL_COMMANDS)
2. "cd foo && bar" pattern in RUN_COMMANDS
3. Binary location via shutil.which() → dirname
- Add open_folder() — opens the tool's directory in a new shell ($SHELL)
so the user can inspect files, run manual install steps, or debug
If dir not found: shows a helpful message with git clone command
- Added as option 4 in every tool menu (Install, Run, Update, Open Folder)
- Updated inline help to mention the tool menu options
* Add SVG logo and update README header
images/logo.svg:
- Terminal-style dark background with rounded corners
- Red/yellow/green window dots (macOS style)
- Green shield with skull & crossbones icon
- "HACKING" in purple-to-pink gradient with glow
- "TOOL" in hacker green with glow effect
- Blinking cursor animation, binary numbers, corner brackets
- Monospace font, 600x200 viewport
README.md:
- Replace plain # HackingTool heading with centered logo SVG
* Redesign README with modern GitHub features
Header:
- for-the-badge style badges with logos and custom colors
- Stats counter table (20 categories, 185+ tools, 19 tags, 2 platforms)
- CTA buttons: Install Now, Quick Commands, Suggest a Tool
What's New:
- Wrapped in collapsible <details open> with icon-prefixed table rows
- Each feature has an emoji icon for visual scanning
Quick Commands:
- Centered table with Works-in column showing scope
Tool Categories:
- 2-column table layout showing all 20 categories side by side
- Wrapped in collapsible section
Tool lists:
- Every category wrapped in collapsible <details> sections
- Keeps README scannable — users expand only what they need
- New tools still marked with star
Contributing:
- Side-by-side table: Issue template left, PR template right
Installation:
- Side-by-side table: One-liner left, Manual right
- Docker in collapsible section (not everyone needs it)
Requirements:
- Table format with version, dependency, and "needed for" columns
Support/Social:
- Centered layout with for-the-badge Twitter/GitHub follow buttons
- Larger Buy Me a Coffee button
* Redesign README header, add category emojis, left-align support
Header:
- Consolidate badges into 2 clean rows instead of 4 sparse rows
- Row 1: flat-square badges (license, python, version, stars, forks,
issues, last commit) — compact, inline, no awkward gaps
- Row 2: for-the-badge stat pills (20 Categories, 185+ Tools, 19 Tags,
Linux|Kali|Parrot|macOS) — single row, removes duplicate Platform badge
- CTA buttons tightened with consistent spacing
Category headings:
- Add emoji to every ## category heading throughout the README
(matching the index table emojis)
Support section:
- Left-aligned instead of centered
- Social split into its own heading
Also removes all <details>/<summary> collapse wrappers — all sections
are plain visible as requested
* Fix missing imports: subprocess in payload_creator, Table in wordlist_generator
- payload_creator.py: add 'import subprocess' (used by TheFatRat methods)
- wordlist_generator.py: add 'from rich.table import Table' (used by show_options)
- Fixes 6 ruff F821 'Undefined name' errors
* Fix codespell error: 'ags' flagged as misspelling in hint bar
Restructure the hint bar string so shortcut letters and their labels
are separate tokens ('t' + 'tags') instead of split across Rich markup
tags ('t' + 'ags') which codespell flagged as a misspelling.
* Fix 12 issues from Copilot PR review (#590)
post_exploitation.py:
- Rename INSTALL_OS -> SUPPORTED_OS in Havoc class (typo, field was ignored)
- Sliver: replace curl|sudo bash pipe with download-then-execute pattern
ddos.py:
- Add DDoSTool() to DDOSTools.TOOLS list (was defined but unreachable)
phishing_attack.py:
- Rename class Evilginx2 -> Evilginx3 (installs v3 via go install)
- Update instance in TOOLS list to match
- Fix stale comment: wireless_attack_tools.py -> wireless_attack.py
forensics.py:
- Remove installable=False from Guymager (conflicted with INSTALL_COMMANDS)
tool_manager.py:
- Skip sudo prefix when already root (os.geteuid() == 0), matching
the pattern already used in install.py
install.py:
- Add chown -R root:root after cp -a to prevent git "dubious ownership"
errors when the source clone has different ownership
update.sh:
- Add git config safe.directory before pull to prevent dubious ownership
- Add --upgrade flag to pip install so dependencies actually update
os_detect.py:
- Add pkg (FreeBSD) entries to PACKAGE_INSTALL_CMDS, PACKAGE_UPDATE_CMDS,
and REQUIRED_PACKAGES — was detected but had no command mappings (KeyError)
Skipped (not applicable):
- #1 subprocess import: already fixed in prior commit
- #11 Path.home() under sudo: by design (installer runs as root)
All-in-One Hacking Tool for Security Researchers & Pentesters
What's New in v2.0.0
|
Quick Commands
| Command | Action | Works in |
|---|---|---|
/query |
Search — find tools instantly by keyword | Main menu |
t |
Tags — filter by osint, scanner, c2, cloud, mobile... | Main menu |
r |
Recommend — "I want to do X" → matching tools | Main menu |
? |
Help — quick reference card | Everywhere |
q |
Quit — exit from any depth | Everywhere |
97 |
Install All — batch install all tools in category | Category |
99 |
Back — return to previous menu | Everywhere |
Tool Categories
| # | Category | Tools | # | Category | Tools | |
|---|---|---|---|---|---|---|
| 1 | 🛡 Anonymously Hiding | 2 | 11 | 🧰 Exploit Framework | 4 | |
| 2 | 🔍 Information Gathering | 26 | 12 | 🔁 Reverse Engineering | 5 | |
| 3 | 📚 Wordlist Generator | 7 | 13 | ⚡ DDOS Attack | 5 | |
| 4 | 📶 Wireless Attack | 13 | 14 | 🖥 RAT | 1 | |
| 5 | 🧩 SQL Injection | 7 | 15 | 💥 XSS Attack | 9 | |
| 6 | 🎣 Phishing Attack | 17 | 16 | 🖼 Steganography | 4 | |
| 7 | 🌐 Web Attack | 20 | 17 | 🏢 Active Directory | 6 | |
| 8 | 🔧 Post Exploitation | 10 | 18 | ☁ Cloud Security | 4 | |
| 9 | 🕵 Forensics | 8 | 19 | 📱 Mobile Security | 3 | |
| 10 | 📦 Payload Creation | 8 | 20 | ✨ Other Tools | 24 |
🛡 Anonymously Hiding Tools
🔍 Information Gathering Tools
- Network Map (nmap)
- Dracnmap
- Port scanning
- Host to IP
- Xerosploit
- RED HAWK
- ReconSpider
- IsItDown
- Infoga
- ReconDog
- Striker
- SecretFinder
- Shodanfy
- rang3r
- Breacher
- theHarvester ★
- Amass ★
- Masscan ★
- RustScan ★
- Holehe ★
- Maigret ★
- httpx ★
- SpiderFoot ★
- Subfinder ★
- TruffleHog ★
- Gitleaks ★
📚 Wordlist Generator
📶 Wireless Attack Tools
- WiFi-Pumpkin
- pixiewps
- Bluetooth Honeypot (bluepot)
- Fluxion
- Wifiphisher
- Wifite
- EvilTwin
- Fastssh
- Howmanypeople
- Airgeddon ★
- hcxdumptool ★
- hcxtools ★
- Bettercap ★
🧩 SQL Injection Tools
🎣 Phishing Attack Tools
- Autophisher
- PyPhisher
- AdvPhishing
- Setoolkit
- SocialFish
- HiddenEye
- Evilginx3
- I-See-You
- SayCheese
- QR Code Jacking
- BlackEye
- ShellPhish
- Thanos
- QRLJacking
- Maskphish
- BlackPhish
- dnstwist
🌐 Web Attack Tools
- Web2Attack
- Skipfish
- Sublist3r
- CheckURL
- Sub-Domain TakeOver
- Dirb
- Nuclei ★
- ffuf ★
- Feroxbuster ★
- Nikto ★
- wafw00f ★
- Katana ★
- Gobuster ★
- Dirsearch ★
- OWASP ZAP ★
- testssl.sh ★
- Arjun ★
- Caido ★
- mitmproxy ★
🔧 Post Exploitation Tools
- Vegile
- Chrome Keylogger
- pwncat-cs ★
- Sliver ★
- Havoc ★
- PEASS-ng (LinPEAS/WinPEAS) ★
- Ligolo-ng ★
- Chisel ★
- Evil-WinRM ★
- Mythic ★
🕵 Forensic Tools
- Autopsy
- Wireshark
- Bulk extractor
- Guymager
- Toolsley
- Volatility 3 ★
- Binwalk ★
- pspy ★
📦 Payload Creation Tools
🧰 Exploit Framework
🔁 Reverse Engineering Tools
⚡ DDOS Attack Tools
🖥 Remote Administrator Tools (RAT)
💥 XSS Attack Tools
🖼 Steganography Tools
- SteganoHide
- StegoCracker
- Whitespace
🏢 Active Directory Tools
- BloodHound ★
- NetExec (nxc) ★
- Impacket ★
- Responder ★
- Certipy ★
- Kerbrute ★
☁ Cloud Security Tools
- Prowler ★
- ScoutSuite ★
- Pacu ★
- Trivy ★
📱 Mobile Security Tools
✨ Other Tools
SocialMedia Bruteforce
Android Hacking Tools
IDN Homograph Attack
Email Verify Tools
Hash Cracking Tools
Wifi Deauthenticate
SocialMedia Finder
Payload Injector
Web Crawling
Mix Tools
- Terminal Multiplexer (tilix)
- Crivo
Contributing — Add a New Tool
Open an Issue
Use the Tool Request template. Required: tool name, GitHub URL, category, OS, install command, reason. |
Open a Pull Request
Use the PR template checklist. Required: class in |
Issues or PRs that don't follow the title format will be closed without review.
Installation
One-liner (recommended)Handles everything — prerequisites, clone, venv, launcher. |
ManualThen run: |
Docker
# Build
docker build -t hackingtool .
# Run (direct)
docker run -it --rm hackingtool
# Run (Compose — recommended)
docker compose up -d
docker exec -it hackingtool bash
# Dev mode (live source mount)
docker compose --profile dev up
docker exec -it hackingtool-dev bash
# Stop
docker compose down # stop container
docker compose down -v # also remove data volume
Requirements
| Dependency | Version | Needed for |
|---|---|---|
| Python | 3.10+ | Core |
| Go | 1.21+ | nuclei, ffuf, amass, httpx, katana, dalfox, gobuster, subfinder |
| Ruby | any | haiti, evil-winrm |
| Docker | any | Mythic, MobSF (optional) |
pip install -r requirements.txt
Star History
Support
If this project helps you, consider buying me a coffee:
Social
For authorized security testing only. Thanks to all original authors of the tools included in hackingtool.
Your favourite tool is not listed? Suggest it here