Hack-Tools:A web extension for web penetration testers

Category: Tag:

Tool introduction

Hack-Tools is a web extension for web application penetration testing, which contains a large number of testing tools, such as XSS Payload and reverse shell. By using web extensions, we don’t need to search for various payloads in different websites or local storage spaces, and most of the tools provided by Hack-Tools can be used with one electric shock. In addition, Hack-Tools can also be accessed in pop-up mode, or used directly in the browser’s console tab.

Features

Dynamic reverse shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)

Shell generation (TTYShell generation)

XSS vulnerability Payload

Basic SQL injection vulnerability Payload

The local file contains the vulnerability Payload (LFI)

Base64 encoder/decoder

Hash generator (MD5, SHA1, SHA256, SHA512)

Integrate various practical Linux commands (port forwarding, SUID)

RSSFeed (Exploit database and Cisco security advice)

CVE vulnerability search engine

Various methods to filter and download data from remote machines

Tool download
Researchers can use the following commands to clone the source code of the project to the local:

git clone https://github.com/LasCC/Hack-Tools.git

Tool installation
Chromium-based browser
Click [here] to get the plug-in release version.

In addition, the majority of researchers can also construct the project source code according to their own needs.

Mozilla Firefox browser
Researchers can click [here] to get the Hack-Tools plug-in version for Firefox browser.

Source code build

yarn install && yarn build

When we finish building the source code, webpack will create a new directory named dist. Next, we also need to open the developer mode of the browser, and then enter the extension/plug-in management interface (Chromium):

Click the “Load unpacked” button in the upper left corner of the interface:

After clicking this button, we need to select the tool to compile the dist folder just generated:

At this point, the tool configuration has been completed, and then we can use Hack-Tools in the penetration test process!

Tool running screenshot

 

Reviews

There are no reviews yet.

Be the first to review “Hack-Tools:A web extension for web penetration testers”

Your email address will not be published. Required fields are marked *