{"id":50118403,"url":"https://github.com/AKCodez/hackingtool-plugin","last_synced_at":"2026-05-25T13:01:42.289Z","repository":{"id":353395087,"uuid":"1219230064","full_name":"AKCodez/hackingtool-plugin","owner":"AKCodez","description":"Claude Code plugin: 183+ pentesting \u0026 OSINT tools from Z4nzu/hackingtool. Auto-runs what it can, hands off the rest.","archived":false,"fork":false,"pushed_at":"2026-04-23T19:13:25.000Z","size":1019,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-23T19:25:00.525Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AKCodez.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-23T17:01:04.000Z","updated_at":"2026-04-23T19:13:30.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/AKCodez/hackingtool-plugin","commit_stats":null,"previous_names":["akcodez/hackingtool-plugin"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/AKCodez/hackingtool-plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKCodez%2Fhackingtool-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKCodez%2Fhackingtool-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKCodez%2Fhackingtool-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKCodez%2Fhackingtool-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AKCodez","download_url":"https://codeload.github.com/AKCodez/hackingtool-plugin/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKCodez%2Fhackingtool-plugin/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33475746,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-25T06:32:55.349Z","status":"ssl_error","status_checked_at":"2026-05-25T06:32:35.322Z","response_time":57,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-05-23T17:00:24.785Z","updated_at":"2026-05-25T13:01:42.282Z","avatar_url":"https://github.com/AKCodez.png","language":"Python","funding_links":[],"categories":["Python","🔌 Claude Plugins"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"images/logo.svg\" alt=\"HackingTool\" width=\"600\"\u003e\n\n# hackingtool — Claude Code plugin\n\n**183 pentesting \u0026 OSINT tools at Claude's fingertips.** Plugin-skill wrapper around [Z4nzu/hackingtool](https://github.com/Z4nzu/hackingtool). Runs locally on any OS — native Bash on Linux/macOS, WSL on Windows, or purpose-built Docker images (`instrumentisto/nmap`, `projectdiscovery/nuclei`, `caffix/amass`, and 20+ more). The skill picks the right backend and image automatically.\n\n![Plugin](https://img.shields.io/badge/Claude_Code-Plugin-7B61FF?style=for-the-badge)\n![Tools](https://img.shields.io/badge/183_Tools-00FF88?style=for-the-badge)\n![Categories](https://img.shields.io/badge/20+_Categories-FF61DC?style=for-the-badge)\n![OS](https://img.shields.io/badge/Linux_%7C_macOS_%7C_Windows-FFA116?style=for-the-badge\u0026logo=linux\u0026logoColor=white)\n\nBuilt by [ariacodez](https://github.com/AKCODEZ) · wraps [Z4nzu/hackingtool](https://github.com/Z4nzu/hackingtool) (MIT)\n\n\u003c/div\u003e\n\n# See it in Action \n\n\u003cimg width=\"1194\" height=\"49\" alt=\"image\" src=\"https://github.com/user-attachments/assets/9a573541-eabb-4996-b305-c2c1f240cceb\" /\u003e\n\u003cimg width=\"1152\" height=\"396\" alt=\"image\" src=\"https://github.com/user-attachments/assets/77b75859-7733-4807-9005-6bfcdd3340f5\" /\u003e\n\u003cimg width=\"1196\" height=\"750\" alt=\"image\" src=\"https://github.com/user-attachments/assets/86c3b5a0-a016-4159-8580-9b96e5418e20\" /\u003e\n\n---\n\n## Install\n\n```\n/plugin marketplace add AKCODEZ/hackingtool-plugin\n/plugin install hackingtool@hackingtool-marketplace\n```\n\nThen point Claude at a target:\n\n```\n\"recon example.com\"\n\"hunt the username johndoe\"\n\"scan my repo for vulnerabilies\"\n\"crack my own wifi before my neighbor does\"\n```\n\nClaude picks the tools. You read the output.\n\n---\n\n## How it works\n\nEvery tool invocation goes through `ht_run.py`, which:\n\n1. Picks a backend: **native** (Linux/macOS), **WSL** (Windows + real distro), or **Docker** (anywhere Docker Desktop runs).\n2. Maps known tools to **purpose-built Docker images** — fast pulls, clean ENTRYPOINTs, no `apt install` dance:\n\n   | Category | Images |\n   |---|---|\n   | Port scanning | `instrumentisto/nmap`, `ilyaglow/masscan`, `rustscan/rustscan` |\n   | Subdomain recon | `projectdiscovery/subfinder`, `caffix/amass`, `projectdiscovery/httpx` |\n   | Vuln scanning | `projectdiscovery/nuclei`, `projectdiscovery/katana` |\n   | OSINT | `megadose/holehe`, `soxoj/maigret`, `spiderfoot/spiderfoot`, `secsi/theharvester` |\n   | Secrets | `trufflesecurity/trufflehog`, `zricethezav/gitleaks` |\n   | Web attack | `secsi/ffuf`, `devopsworks/gobuster`, `drwetter/testssl.sh`, `0xsauby/wafw00f` |\n   | SQL injection | `paoloo/sqlmap` |\n   | Active Directory | `rflathers/impacket`, `byt3bl33d3r/netexec` |\n   | Phishing recon | `elceef/dnstwist` |\n   | Fallback | `kalilinux/kali-rolling` (for anything not in the override map) |\n\n3. Runs the command, auto-retries with elevated privileges on permission errors (native/WSL), and surfaces the actual tool output as structured JSON.\n\nThe 🟢/🟡 icons in the inventory below are quick indicators of how the tool usually behaves — 🟢 for \"plug-and-play\" invocations, 🟡 for tools whose behavior depends on the backend and environment (adapter hardware, sudo config, etc.). Either way, the skill runs it and tells you what happened.\n\nCurrent breakdown: **56 🟢 · 127 🟡 · 183 total**.\n\n---\n\n## OS support\n\nThe plugin picks a backend automatically via `ht_env.py`:\n\n| Host | Backend |\n|---|---|\n| Linux / macOS native | `bash -lc \u003ccmd\u003e` |\n| Windows + real WSL distro (Ubuntu, Kali, etc.) | `wsl -d \u003cdistro\u003e -- bash -lc \u003ccmd\u003e` |\n| Windows + Docker Desktop | `docker run --rm \u003cimage\u003e \u003cargs\u003e` |\n| Anywhere Docker is running | Docker backend (preferred when available) |\n\nDocker images in the override map are pulled on first use and cached. `ht_run.py \u003ctool_id\u003e --install` runs the install commands for native/WSL when you need the binary on the host itself.\n\n---\n\n## Master tool inventory\n\nLegend: 🟢 plug-and-play · 🟡 depends on backend / environment\n\n**183 tools total** — 🟢 56 plug-and-play · 🟡 127 environment-dependent\n\n\n### 🛡 Anonymously Hiding (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Anonymously Surf](https://github.com/Und3rf10w/kali-anonsurf) | It automatically overwrites the RAM when the system shuts down | 🟡 | `sudo` |\n| [Multitor](https://github.com/trimstray/multitor) | How to stay in multi places at the same time. | 🟡 | `sudo` |\n\n### 🔍 Information Gathering (26)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Amass (Attack Surface Mapping)](https://github.com/owasp-amass/amass) | In-depth subdomain enumeration and attack surface mapping. | 🟢 | — |\n| [Breacher](https://github.com/s0md3v/Breacher) | An advanced multithreaded admin panel finder written in python. | 🟡 | `interactive` |\n| [Dracnmap](https://github.com/Screetsec/Dracnmap) | Open source program using nmap to exploit the network and gather information. | 🟡 | `sudo` |\n| [Find Info Using Shodan](https://github.com/m4ll0k/Shodanfy.py) | Get ports, vulnerabilities, information, banners. | 🟡 | — |\n| [Gitleaks (Git Secret Scanner)](https://github.com/gitleaks/gitleaks) | Fast secret scanner for git repos — detects hardcoded passwords, API keys, tokens. | 🟢 | — |\n| [Holehe (Email → Social Accounts)](https://github.com/megadose/holehe) | Check if an email address is registered on 120+ websites. | 🟢 | — |\n| Host to IP | Resolve hostname to IP. | 🟡 | `interactive` |\n| [httpx (HTTP Toolkit)](https://github.com/projectdiscovery/httpx) | Fast multi-purpose HTTP probing tool. | 🟢 | — |\n| [Infoga - Email OSINT](https://github.com/m4ll0k/Infoga) | Gathers email account information (ip, hostname, country) from public sources. | 🟢 | — |\n| IsItDown (Check Website Down/Up) | Check Website Is Online or Not. | 🟡 | — |\n| [Maigret (Username OSINT)](https://github.com/soxoj/maigret) | Collect a dossier on a person by username across 3000+ sites. | 🟢 | — |\n| [Masscan (Fast Port Scanner)](https://github.com/robertdavidgraham/masscan) | Fastest internet port scanner — 10 million packets/sec. | 🟡 | `sudo` |\n| [Network Map (nmap)](https://github.com/nmap/nmap) | Free utility for network discovery and security auditing. | 🟡 | `sudo` |\n| [Port Scanner - rang3r](https://github.com/floriankunushevci/rang3r) | Python script for multi-threaded port scanning. | 🟡 | `interactive` |\n| Port scanning | Basic port scan wrapper. | 🟡 | `interactive` |\n| [ReconDog](https://github.com/s0md3v/ReconDog) | ReconDog Information Gathering Suite. | 🟡 | `sudo` |\n| [ReconSpider (For All Scanning)](https://github.com/bhavsec/reconspider) | Advanced OSINT Framework for IPs, Emails, Websites, Organizations. | 🟡 | `sudo` |\n| [RED HAWK (All In One Scanning)](https://github.com/Tuhinshubhra/RED_HAWK) | All in one tool for Information Gathering and Vulnerability Scanning. | 🟢 | — |\n| [RustScan (Modern Port Scanner)](https://github.com/RustScan/RustScan) | Scans all 65k ports in 3 seconds, passes results to nmap automatically. | 🟡 | `sudo` |\n| [SecretFinder (like API \u0026 etc)](https://github.com/m4ll0k/SecretFinder) | Python script for finding sensitive data like API keys. | 🟡 | `sudo` |\n| [SpiderFoot (OSINT Automation)](https://github.com/smicallef/spiderfoot) | Automates OSINT collection for threat intelligence and attack surface mapping. | 🟢 | — |\n| [Striker](https://github.com/s0md3v/Striker) | Recon \u0026 Vulnerability Scanning Suite. | 🟡 | `interactive` |\n| [Subfinder (Subdomain Enumeration)](https://github.com/projectdiscovery/subfinder) | Fast passive subdomain enumeration using multiple sources. | 🟢 | — |\n| [theHarvester (OSINT)](https://github.com/laramies/theHarvester) | Gather emails, names, subdomains, IPs and URLs from public sources. | 🟢 | — |\n| [TruffleHog (Secret Scanner)](https://github.com/trufflesecurity/trufflehog) | Find, verify, and analyze leaked credentials across git repos, S3 buckets, filesystems. | 🟢 | — |\n| [Xerosploit](https://github.com/LionSec/xerosploit) | Penetration testing toolkit to perform MITM attacks. | 🟡 | `sudo` |\n\n### 📚 Wordlist Generator (7)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Cupp](https://github.com/Mebus/cupp) | Common User Passwords Profiler — generates personalized wordlists. | 🟡 | `interactive` `long` |\n| [Goblin WordGenerator](https://github.com/UndeadSec/GoblinWordGenerator.git) | Goblin WordGenerator. | 🟢 | `long` |\n| [haiti (Hash Type Identifier)](https://github.com/noraj/haiti) | Identify hash types — supports 300+ algorithms. | 🟢 | `long` |\n| [Hashcat (Password Cracker)](https://github.com/hashcat/hashcat) | World's fastest GPU/CPU password recovery tool — 300+ hash types. | 🟡 | `sudo` `long` |\n| [John the Ripper](https://github.com/openwall/john) | Open-source password security auditing and recovery tool. | 🟡 | `sudo` `long` |\n| [Password list (1.4B Clear Text)](https://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got) | Search 1.4 Billion clear text credentials from BreachCompilation leak. | 🟢 | `long` |\n| [WordlistCreator](https://github.com/Z4nzu/wlcreator) | C program that generates all possibilities of passwords. | 🟡 | `sudo` `long` |\n\n### 📶 Wireless Attack (13)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Airgeddon](https://github.com/v1s1t0r1sh3r3/airgeddon) | Multi-use bash script for auditing wireless networks. | 🟡 | `sudo` `hw` |\n| [Bettercap](https://github.com/bettercap/bettercap) | Swiss army knife for WiFi, BLE, HID, and Ethernet recon and MITM. | 🟡 | `sudo` `hw` |\n| [Bluetooth Honeypot (bluepot)](https://github.com/andrewmichaelsmith/bluepot) | Bluetooth receiver honeypot. | 🟡 | `sudo` `hw` |\n| [EvilTwin](https://github.com/Z4nzu/fakeap) | Evil Twin attack via fake page and fake Access Point. | 🟡 | `sudo` `hw` |\n| [Fastssh](https://github.com/Z4nzu/fastssh) | Multi-threaded scan and brute force against SSH. | 🟡 | `sudo` `hw` |\n| [Fluxion](https://github.com/FluxionNetwork/fluxion) | Remake of linset — automated MITM wifi attack. | 🟡 | `interactive` `sudo` `hw` |\n| [hcxdumptool](https://github.com/ZerBea/hcxdumptool) | Capture packets and PMKID hashes from WLAN devices. | 🟡 | `sudo` `hw` |\n| [hcxtools](https://github.com/ZerBea/hcxtools) | Convert captured WLAN packets to hashcat/JtR-compatible format. | 🟡 | `sudo` `hw` |\n| Howmanypeople | Count people around you by monitoring wifi signals. | 🟡 | `sudo` `hw` |\n| [pixiewps](https://github.com/wiire/pixiewps) | Brute force offline WPS pin (pixie-dust attack). | 🟡 | `sudo` `hw` `long` |\n| [WiFi-Pumpkin](https://github.com/P0cL4bs/wifipumpkin3) | Rogue AP framework for creating fake networks. | 🟡 | `sudo` `hw` |\n| [Wifiphisher](https://github.com/wifiphisher/wifiphisher) | Rogue Access Point framework for red team engagements. | 🟡 | `sudo` `hw` |\n| [Wifite](https://github.com/derv82/wifite2) | Automated wireless attack tool. | 🟡 | `sudo` `hw` |\n\n### 🧩 SQL Injection (7)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Blisqy](https://github.com/JohnTroony/Blisqy) | Find time-based blind SQL injections on HTTP headers. | 🟡 | — |\n| [DSSS](https://github.com/stamparm/DSSS) | Damn Small SQLi Scanner — GET and POST parameters. | 🟡 | — |\n| [Explo](https://github.com/dtag-dev-sec/explo) | Describe web security issues in human and machine readable format. | 🟡 | — |\n| [Leviathan](https://github.com/leviathan-framework/leviathan) | Mass audit toolkit — service discovery, brute force, SQLi detection. | 🟢 | — |\n| [NoSqlMap](https://github.com/codingo/NoSQLMap) | Audit and automate injection attacks on NoSQL databases. | 🟢 | — |\n| [Sqlmap](https://github.com/sqlmapproject/sqlmap) | Automate detection and exploitation of SQL injection flaws. | 🟡 | `interactive` |\n| [SQLScan](https://github.com/Cvar1984/sqlscan) | Quick web scanner to find SQL injection points. | 🟡 | `sudo` |\n\n### 🎣 Phishing Attack (17)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [AdvPhishing](https://github.com/Ignitetch/AdvPhishing) | Advance Phishing Tool — OTP phishing. | 🟡 | `sudo` |\n| [Autophisher](https://github.com/CodingRanjith/autophisher) | Automated Phishing Toolkit. | 🟡 | `sudo` |\n| [BlackEye](https://github.com/An0nUD4Y/blackeye) | Phishing tool with 38 website templates. | 🟡 | `sudo` |\n| [BlackPhish](https://github.com/iinc0gnit0/BlackPhish) | Phishing toolkit. | 🟡 | `sudo` |\n| [dnstwist](https://github.com/elceef/dnstwist) | Domain name permutation engine — typosquatting and brand impersonation. | 🟢 | — |\n| [Evilginx3](https://github.com/kgretzky/evilginx2) | MITM attack framework for phishing login credentials. | 🟡 | `sudo` |\n| [HiddenEye](https://github.com/Morsmalleo/HiddenEye) | Modern phishing tool with multi-tunnelling. | 🟡 | `sudo` |\n| [I-See-You](https://github.com/Viralmaniar/I-See-You) | Find the exact location of a target via social engineering. | 🟡 | `sudo` |\n| [Maskphish](https://github.com/jaykali/maskphish) | Hide phishing URL under a normal looking URL. | 🟡 | `sudo` |\n| [Pyphisher](https://github.com/KasRoudra/PyPhisher) | Easy to use phishing tool with 77 website templates. | 🟡 | `sudo` |\n| [QR Code Jacking](https://github.com/cryptedwolf/ohmyqr) | QR Code Jacking (Any Website). | 🟡 | `sudo` |\n| [QRLJacking](https://github.com/OWASP/QRLJacking) | Session hijacking against QR-code-based login. | 🟡 | `sudo` |\n| [SayCheese](https://github.com/hangetzzu/saycheese) | Grab webcam shots from target via malicious link. | 🟡 | `sudo` |\n| [Setoolkit](https://github.com/trustedsec/social-engineer-toolkit) | Social-Engineer Toolkit. | 🟡 | `sudo` |\n| [ShellPhish](https://github.com/An0nUD4Y/shellphish) | Phishing tool for 18 social media. | 🟡 | `sudo` |\n| [SocialFish](https://github.com/UndeadSec/SocialFish) | Automated Phishing Tool \u0026 Information Collector. | 🟡 | `sudo` |\n| [Thanos](https://github.com/TridevReddy/Thanos) | Browser to Browser Phishing toolkit. | 🟡 | `sudo` |\n\n### 🌐 Web Attack (20)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery — finds hidden GET/POST parameters. | 🟢 | — |\n| [Blazy](https://github.com/UltimateHackers/Blazy) | Modern login page bruteforcer (also clickjacking). | 🟡 | `archived` |\n| [Caido](https://github.com/caido/caido) | Lightweight web security auditing toolkit — Burp alternative in Rust. | 🟡 | `sudo` |\n| [CheckURL](https://github.com/UndeadSec/checkURL) | Detect evil URLs that use IDN Homograph Attack. | 🟢 | — |\n| [Dirb](https://gitlab.com/kalilinux/packages/dirb) | Web Content Scanner — existing and hidden Web Objects. | 🟡 | `interactive` `sudo` |\n| [Dirsearch](https://github.com/maurosoria/dirsearch) | Web path brute-forcing — directories and files on web servers. | 🟢 | — |\n| [Feroxbuster](https://github.com/epi052/feroxbuster) | Fast, recursive content discovery tool in Rust. | 🟡 | `sudo` `long` |\n| [ffuf](https://github.com/ffuf/ffuf) | Fast web fuzzer — content, parameter, vhost discovery. | 🟢 | `long` |\n| [Gobuster](https://github.com/OJ/gobuster) | Directory/file, DNS, and vhost brute-forcing in Go. | 🟢 | — |\n| [Katana](https://github.com/projectdiscovery/katana) | Next-generation crawling and spidering framework. | 🟢 | — |\n| [mitmproxy](https://github.com/mitmproxy/mitmproxy) | Interactive TLS-capable intercepting HTTP proxy. | 🟢 | — |\n| [Nikto](https://github.com/sullo/nikto) | Scan web servers for dangerous files, outdated software, misconfig. | 🟡 | `sudo` |\n| [Nuclei](https://github.com/projectdiscovery/nuclei) | Fast, template-based vulnerability scanner used by 50k+ teams. | 🟢 | — |\n| [OWASP ZAP](https://github.com/zaproxy/zaproxy) | Full-featured web application security scanner. | 🟡 | `sudo` `gui` |\n| Skipfish | Automated active web application security reconnaissance. | 🟡 | `sudo` |\n| [Sub-Domain TakeOver](https://github.com/edoardottt/takeover) | Sub-domain takeover scanner. | 🟡 | — |\n| [Sublist3r](https://github.com/aboul3la/Sublist3r) | Enumerate subdomains of websites using OSINT. | 🟡 | `sudo` |\n| [testssl.sh](https://github.com/drwetter/testssl.sh) | Check TLS/SSL ciphers, protocols, and cryptographic flaws. | 🟢 | — |\n| [wafw00f](https://github.com/EnableSecurity/wafw00f) | Fingerprint and identify Web Application Firewalls (WAF). | 🟢 | — |\n| [Web2Attack](https://github.com/santatic/web2attack) | Web hacking framework with tools and exploits. | 🟡 | `sudo` |\n\n### 🔧 Post Exploitation (10)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Chisel](https://github.com/jpillora/chisel) | Fast TCP/UDP tunnel over HTTP — pivoting and port forwarding. | 🟢 | — |\n| [Chrome Keylogger](https://github.com/UndeadSec/HeraKeylogger) | Hera Chrome Keylogger. | 🟡 | `sudo` |\n| [Evil-WinRM](https://github.com/Hackplayers/evil-winrm) | Ultimate WinRM shell for Windows pentesting. | 🟢 | — |\n| [Havoc](https://github.com/HavocFramework/Havoc) | Modern post-exploitation C2 framework with EDR evasion. | 🟢 | — |\n| [Ligolo-ng](https://github.com/nicocha30/ligolo-ng) | Advanced tunneling/pivoting via TUN interfaces. | 🟢 | — |\n| [Mythic](https://github.com/its-a-feature/Mythic) | Collaborative multi-payload C2 platform for red team ops. | 🟡 | `sudo` |\n| [PEASS-ng (LinPEAS/WinPEAS)](https://github.com/peass-ng/PEASS-ng) | Privilege escalation enumeration for Linux and Windows. | 🟢 | — |\n| [pwncat-cs](https://github.com/calebstewart/pwncat) | Post-exploitation platform — manages reverse/bind shells. | 🟢 | — |\n| [Sliver](https://github.com/BishopFox/sliver) | Cross-platform adversary emulation / red team C2. | 🟡 | `sudo` |\n| [Vegile (Ghost In The Shell)](https://github.com/Screetsec/Vegile) | Set up backdoor/rootkits when a backdoor is already set up. | 🟡 | `sudo` |\n\n### 🕵 Forensics (8)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| Autopsy | Forensic investigation platform. | 🟡 | `sudo` `gui` |\n| [Binwalk](https://github.com/ReFirmLabs/binwalk) | Analyze, reverse engineer, and extract firmware images. | 🟢 | — |\n| [Bulk extractor](https://github.com/simsong/bulk_extractor) | Extract useful information without parsing the file system. | 🟡 | — |\n| [Guymager (Disk Clone / ISO)](https://guymager.sourceforge.io/) | Free forensic imager for media acquisition. | 🟡 | `sudo` |\n| [pspy](https://github.com/DominicBreuker/pspy) | Monitor Linux processes without root — cron jobs, scheduled tasks. | 🟢 | — |\n| [Toolsley](https://www.toolsley.com/) | Ten-plus useful tools for investigation. | 🟡 | — |\n| [Volatility 3](https://github.com/volatilityfoundation/volatility3) | World's most widely used memory forensics framework. | 🟡 | `interactive` |\n| Wireshark | Network capture and analyzer. | 🟡 | `sudo` `gui` |\n\n### 📦 Payload Creation (8)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Brutal](https://github.com/Screetsec/Brutal) | Toolkit for payloads, powershell attacks, HID attacks. | 🟡 | `sudo` |\n| [Enigma](https://github.com/UndeadSec/Enigma) | Multiplatform payload dropper. | 🟡 | `sudo` |\n| [Mob-Droid](https://github.com/kinghacker0/Mob-Droid) | Generate metasploit payloads easily. | 🟡 | `sudo` |\n| [MSFvenom Payload Creator](https://github.com/g0tmi1k/msfpc) | Wrapper to generate multiple types of payloads. | 🟡 | `sudo` |\n| [Spycam](https://github.com/indexnotfound404/spycam) | Win32 payload that captures webcam images every minute. | 🟢 | — |\n| [Stitch](https://nathanlopez.github.io/Stitch) | Cross Platform Python Remote Administrator Tool. | 🟡 | `sudo` |\n| [The FatRat](https://github.com/Screetsec/TheFatRat) | Backdoor/payload generation that can bypass most AV. | 🟡 | `sudo` |\n| [Venom Shellcode Generator](https://github.com/r00t-3xp10it/venom) | Exploits apache2 to deliver LAN payloads via fake webpages. | 🟡 | `sudo` |\n\n### 🧰 Exploit Framework (3)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Commix](https://github.com/commixproject/commix) | Automated OS command injection and exploitation tool. | 🟡 | `interactive` `sudo` |\n| [RouterSploit](https://github.com/threat9/routersploit) | Exploitation framework dedicated to embedded devices. | 🟡 | `sudo` |\n| [WebSploit](https://github.com/The404Hacking/websploit) | Advanced MITM framework. | 🟡 | `sudo` |\n\n### 🔁 Reverse Engineering (5)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Androguard](https://github.com/androguard/androguard) | Reverse engineering and malware analysis of Android apps. | 🟡 | `sudo` |\n| [Apk2Gold](https://github.com/lxdvs/apk2gold) | CLI tool for decompiling Android apps to Java. | 🟡 | `interactive` `sudo` |\n| [Ghidra](https://github.com/NationalSecurityAgency/ghidra) | NSA's software reverse engineering framework. | 🟡 | `sudo` `gui` |\n| [JadX](https://github.com/skylot/jadx) | Dex to Java decompiler. | 🟡 | `sudo` |\n| [Radare2](https://github.com/radareorg/radare2) | Portable UNIX-like reverse engineering framework. | 🟢 | — |\n\n### ⚡ DDOS (6)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Asyncrone (SYN Flood)](https://github.com/fatihsnsy/aSYNcrone) | C-based multifunction SYN Flood weapon. | 🟡 | `interactive` `sudo` `long` |\n| [DDoS Script](https://github.com/the-deepnet/ddos) | DDoS attack script — 36+ methods. | 🟡 | `interactive` `sudo` `long` |\n| [GoldenEye](https://github.com/jseidl/GoldenEye) | Python3 stress testing app. | 🟡 | `interactive` `long` |\n| [SaphyraDDoS](https://github.com/anonymous24x7/Saphyra-DDoS) | Python DDoS script. | 🟡 | `interactive` `long` |\n| SlowLoris | HTTP Denial of Service attack. | 🟡 | `interactive` `sudo` `long` |\n| [UFOnet](https://github.com/epsylon/ufonet) | P2P cryptographic disruptive toolkit for DoS/DDoS. | 🟡 | `gui` `long` |\n\n### 🖥 RAT (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Pyshell](https://github.com/knassar702/pyshell) | RAT with file upload/download. | 🟢 | — |\n\n### 💥 XSS (9)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [XSStrike](https://github.com/UltimateHackers/XSStrike) | Python-based XSS detection and exploitation tool. | 🟡 | `sudo` |\n| [DalFox](https://github.com/hahwul/dalfox) | XSS scanning and parameter analysis tool. | 🟡 | `sudo` |\n| [Extended XSS Searcher](https://github.com/Damian89/extended-xss-search) | Extended XSS searcher and finder. | 🟡 | `interactive` |\n| [RVuln](https://github.com/iinc0gnit0/RVuln) | Multi-threaded web vulnerability scanner in Rust. | 🟡 | `sudo` |\n| [XanXSS](https://github.com/Ekultek/XanXSS) | Reflected XSS searching tool with template-based payloads. | 🟡 | — |\n| [XSpear](https://github.com/hahwul/XSpear) | XSS scanner built on Ruby Gems. | 🟢 | — |\n| [XSS Payload Generator](https://github.com/capture0x/XSS-LOADER.git) | XSS payload generator, scanner, and dork finder. | 🟡 | `sudo` |\n| [XSS-Freak](https://github.com/PR0PH3CY33/XSS-Freak) | XSS scanner written in Python 3. | 🟡 | `sudo` |\n| [XSSCon](https://github.com/menkrep1337/XSSCon) | XSS scanner. | 🟡 | `interactive` `sudo` |\n\n### 🖼 Steganography (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| SteganoHide | Hide/retrieve data in image or audio files. | 🟡 | `interactive` `sudo` |\n| StegnoCracker | Brute force hidden data inside files. | 🟡 | `interactive` `long` |\n| [StegoCracker](https://github.com/W1LDN16H7/StegoCracker) | Hide and retrieve data in image or audio files. | 🟡 | `sudo` |\n| [Whitespace](https://github.com/beardog108/snow10) | Steganography via whitespace and unicode. | 🟡 | `sudo` |\n\n### 🏢 Active Directory (6)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [BloodHound](https://github.com/BloodHoundAD/BloodHound) | Graph theory to reveal hidden attack paths in AD/Azure. | 🟡 | `sudo` |\n| [Certipy](https://github.com/ly4k/Certipy) | Active Directory Certificate Services enumeration and abuse. | 🟢 | — |\n| [Impacket](https://github.com/fortra/impacket) | Python classes for SMB, MSRPC, Kerberos, LDAP. | 🟢 | — |\n| [Kerbrute](https://github.com/ropnop/kerbrute) | Kerberos pre-auth brute-forcer — enumeration and spraying. | 🟢 | — |\n| [NetExec (nxc)](https://github.com/Pennyw0rth/NetExec) | Swiss army knife for Windows/AD pentesting — CrackMapExec successor. | 🟢 | — |\n| [Responder](https://github.com/lgandx/Responder) | LLMNR/NBT-NS/MDNS poisoner for credential capture. | 🟡 | `sudo` |\n\n### ☁ Cloud Security (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Pacu](https://github.com/RhinoSecurityLabs/pacu) | AWS exploitation framework for offensive security testing. | 🟢 | — |\n| [Prowler](https://github.com/prowler-cloud/prowler) | Security tool for AWS, Azure, GCP, Kubernetes. | 🟢 | — |\n| [ScoutSuite](https://github.com/nccgroup/ScoutSuite) | Multi-cloud security auditing tool. | 🟢 | — |\n| [Trivy](https://github.com/aquasecurity/trivy) | Vulnerability scanner for containers, Kubernetes, IaC. | 🟡 | `sudo` |\n\n### 📱 Mobile Security (3)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Frida](https://github.com/frida/frida) | Dynamic instrumentation toolkit for runtime hooking. | 🟢 | — |\n| [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) | All-in-one mobile app pentesting and malware analysis. | 🟢 | — |\n| [Objection](https://github.com/sensepost/objection) | Runtime mobile exploration powered by Frida. | 🟢 | — |\n\n### ✨ Other (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [HatCloud](https://github.com/HatBashBR/HatCloud) | Ruby tool to bypass CloudFlare and discover real IP. | 🟡 | `interactive` |\n\n### 📱 Android Attack (5)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [DroidCam (Capture Image)](https://github.com/kinghacker0/WishFish) | Grab front camera snap using a link. | 🟡 | `sudo` |\n| [EvilApp](https://github.com/crypticterminal/EvilApp) | Android App that hijacks authenticated sessions in cookies. | 🟢 | — |\n| [Keydroid](https://github.com/F4dl0/keydroid) | Android Keylogger + Reverse Shell. | 🟢 | — |\n| [Lockphish](https://github.com/JasonJerry/lockphish) | Lock-screen phishing. | 🟢 | — |\n| [MySMS](https://github.com/papusingh2sms/mysms) | Android App that hacks SMS through WAN. | 🟢 | — |\n\n### 📧 Email Verifier (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Knockmail](https://github.com/heywoodlh/KnockMail) | Verify if an email exists. | 🟡 | `sudo` |\n\n### 🔑 Hash Crack (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Hash Buster](https://github.com/s0md3v/Hash-Buster) | Hash cracking via public hash databases. | 🟢 | — |\n\n### 🎭 Homograph (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [EvilURL](https://github.com/UndeadSec/EvilURL) | Unicode evil domains for IDN Homograph Attack. | 🟢 | — |\n\n### 🧪 Mix Tools (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Crivo](https://github.com/GMDSantana/crivo) | Extract and filter URLs, IPs, domains, and subdomains. | 🟡 | — |\n| Terminal Multiplexer | Tilix — tiling terminal emulator. | 🟡 | `sudo` |\n\n### 💉 Payload Injection (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Debinject](https://github.com/UndeadSec/Debinject) | Inject malicious code into *.debs. | 🟢 | — |\n| [Pixload](https://github.com/chinarulezzz/pixload) | Image Payload Creating tools. | 🟡 | `sudo` |\n\n### 📱 Social Media (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [AllinOne SocialMedia Attack](https://github.com/Matrix07ksa/Brute_Force) | Brute-force Gmail, Hotmail, Twitter, Facebook, Netflix. | 🟡 | `sudo` |\n| [Application Checker](https://github.com/jakuta-tech/underhanded) | Check if an app is installed on the target via link. | 🟡 | `sudo` |\n| [Facebook Attack](https://github.com/Matrix07ksa/Brute_Force) | Facebook BruteForcer. | 🟡 | `interactive` `sudo` |\n| [Instagram Attack](https://github.com/chinoogawa/instaBrute) | Brute force attack against Instagram. | 🟡 | `archived` |\n\n### 🔎 Social Media Finder (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Find SocialMedia By Facial Recognition](https://github.com/Greenwolf/social_mapper) | Social Media Mapping Tool that correlates profiles. | 🟡 | `sudo` |\n| [Find SocialMedia By UserName](https://github.com/xHak9x/finduser) | Find usernames across 75+ social networks. | 🟡 | `sudo` |\n| [Sherlock](https://github.com/sherlock-project/sherlock) | Hunt down social media accounts by username. | 🟡 | `interactive` `sudo` |\n| [SocialScan](https://github.com/iojw/socialscan) | Check email and username availability on online platforms. | 🟡 | `interactive` |\n\n### 🕸 Web Crawling (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Gospider](https://github.com/jaeles-project/gospider) | Fast web spider written in Go. | 🟡 | `sudo` |\n\n### 📡 Wifi Jamming (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [KawaiiDeauther](https://github.com/aryanrtm/KawaiiDeauther) | Pentest toolkit for wifi deauthentication. | 🟡 | `sudo` `hw` |\n| [WifiJammer-NG](https://github.com/MisterBianco/wifijammer-ng) | Continuously jam all wifi clients and APs within range. | 🟡 | `sudo` `hw` |\n\n---\n\n## Refreshing the tool index\n\nWhen upstream hackingtool adds tools, regenerate `data/tools.json` and the README table:\n\n```\npython ${CLAUDE_PLUGIN_ROOT}/scripts/ht_index.py --hackingtool-path /path/to/hackingtool\npython ${CLAUDE_PLUGIN_ROOT}/scripts/build_readme_table.py \u003e new_table.md\n```\n\nIf hackingtool is a sibling directory of this repo, `--hackingtool-path` isn't needed — the script auto-detects.\n\n---\n\n## Directory layout\n\n```\nhackingtool-plugin/\n├── .claude-plugin/\n│   └── marketplace.json          # marketplace entry\n├── images/                       # screenshots + logo\n├── README.md                     # this file\n└── plugins/hackingtool/\n    ├── .claude-plugin/plugin.json\n    ├── data/tools.json           # generated index\n    ├── scripts/\n    │   ├── ht_index.py           # (dev) regenerate tools.json\n    │   ├── build_readme_table.py # (dev) regenerate the table above\n    │   ├── ht_search.py          # query index\n    │   ├── ht_env.py             # detect backend\n    │   └── ht_run.py             # backend-aware tool runner\n    └── skills/pentest/\n        ├── SKILL.md\n        └── reference/\n            ├── workflows.md\n            └── runtime-fallbacks.md\n```\n\n---\n\n## Limitations\n\n- **Python 3.10+** required.\n- **No async tool streaming.** Long-running tools block until they finish or timeout.\n- **Docker backend** pulls `kalilinux/kali-rolling` on first use.\n- **Capability flags are heuristics.** If you find a mis-tagged tool, fix it in `data/tools.json` or open an issue.\n\n---\n\n## Credits\n\n- Upstream toolkit: [Z4nzu/hackingtool](https://github.com/Z4nzu/hackingtool) — all tool metadata, categorization, and screenshots originate from this project.\n- Plugin wrapper: [ariacodez](https://github.com/AKCODEZ) (AKCodez on GitHub).\n\n## License\n\nMIT. Upstream Z4nzu/hackingtool is also MIT-licensed.\n\n\u003e **For authorized security testing, bug bounty, CTFs, and research only.**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAKCodez%2Fhackingtool-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FAKCodez%2Fhackingtool-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAKCodez%2Fhackingtool-plugin/lists"}