{"id":17626476,"url":"https://github.com/francescodisalesgithub/hobo-hacker","last_synced_at":"2026-05-06T17:33:18.006Z","repository":{"id":259072544,"uuid":"864609708","full_name":"FrancescoDiSalesGithub/hobo-hacker","owner":"FrancescoDiSalesGithub","description":"hacking tools using basic linux command line tools instead of complex frameworks ","archived":false,"fork":false,"pushed_at":"2025-06-27T12:49:26.000Z","size":198,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-06T09:46:34.796Z","etag":null,"topics":["bash","bash-script","bash-scripting","challenge","curl","hacking","netcat","network"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FrancescoDiSalesGithub.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-09-28T17:14:37.000Z","updated_at":"2024-11-01T22:43:49.000Z","dependencies_parsed_at":"2024-12-10T20:41:10.852Z","dependency_job_id":null,"html_url":"https://github.com/FrancescoDiSalesGithub/hobo-hacker","commit_stats":{"total_commits":33,"total_committers":1,"mean_commits":33.0,"dds":0.0,"last_synced_commit":"128211bef29fe6f7e3ac584648ba2779fc133650"},"previous_names":["francescodisalesgithub/hobo-hacker"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/FrancescoDiSalesGithub/hobo-hacker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FrancescoDiSalesGithub%2Fhobo-hacker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FrancescoDiSalesGithub%2Fhobo-hacker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FrancescoDiSalesGithub%2Fhobo-hacker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FrancescoDiSalesGithub%2Fhobo-hacker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FrancescoDiSalesGithub","download_url":"https://codeload.github.com/FrancescoDiSalesGithub/hobo-hacker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FrancescoDiSalesGithub%2Fhobo-hacker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273886640,"owners_count":25185509,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-06T02:00:13.247Z","response_time":2576,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","bash-script","bash-scripting","challenge","curl","hacking","netcat","network"],"created_at":"2024-10-22T23:05:27.378Z","updated_at":"2026-05-06T17:33:17.974Z","avatar_url":"https://github.com/FrancescoDiSalesGithub.png","language":"Shell","funding_links":["https://www.paypal.me/francescodisales"],"categories":[],"sub_categories":[],"readme":"# hobo-hacker\n\n![logo](OIG1.cjr18.jpeg)\n\nhacking tools using basic linux command and bash shell scripting instead of complex frameworks \n\n# Summary \n* Introduction\n* fuzzing tools\n* ip sweep\n* port scanning\n* Rest api calls\n* Cracking hash\n* port forwarding\n* banner-grabbing\n* proxy\n* tracking-open-files\n* logger\n* https dump\n* postgresql bruteforce\n* Donation\n\n## Introduction \nSince most commons frameworks are easily detectable by siem investigation, the goal of this repository is to implement hacking techniques using basic linux command tools like: netcat, curl, ping.\n\n## Fuzzing tools\nIs it possible with curl to create a simple web fuzzer. Here the bash scripts:\n* hostfuzzing \n* subdomainfuzzing\n* virtualhostfuzzing\n\nFor these scripts pass:\n* as first argument the host\n* as second argument the fuzz file\n\nExample:\n```\nbash hostfuzzing.sh google.it seclists/Discovery/Web-Content/directory-list-2.3-small.txt\n```\n\n## IP sweep\nIs it possible to enumerate a LAN network by simply using the ip utils. The bash script that does this functionality is **pingsweep.sh*.\nExample usage:\n```\nbash pingsweep.sh 192.168.40\n```\n\n## Port scanning\nWith netcat is it possible to create a simple port scanning. The bash scripting strategy uses two solutions:\n* A full port scanning =\u003e it iterates until the last port passed\n* A selected port range =\u003e it iterates in a text file selected ports\n\nIn the first solution the bash script is the following:\n```\nbash portscanning.sh 127.0.0.1 80\n```\nFor the second solution the bash script is the following:\n```\nbash portspecificscanning.sh 127.0.0.1 ports.txt\n```\n\n## Rest api calls\nWith curl is possible to do rest api calls, the bash script here do a get call and a json request rest api call:\n* get.sh\n* jsonpost.sh\n\nFor get.sh it's enough to pass only as paramter the URL without http or https:\n```\nbash get.sh google.it/images\n```\nFor jsonpost.sh for first parameter it's mandatory the host, and as the second paramter the json body:\n```\nbash jsonpost.sh myvulnsite.com {\"value\":1}\n```\n\n## Cracking hash\nThe following bash scripts crack the following hash algorithm using dictionary attack:\n* md5cracker.sh =\u003e cracks md5 hashes\n* sha1cracker.sh =\u003e cracks sha1 hashes\n* sha256cracker.sh =\u003e cracks sha256 hashes\n\nFor each of these bash scripts pass as first argument the hash and as second argument the dictionary file:\n```\nbash md5cracker.sh b1946ac92492d2347c6235b4d2611184 dictionary.txt\n```\n\n## Port forwarding\nTo forward the traffic to a port for a specific service you need to launch **portforwarding.sh** as the following:\n```\nbash portforwarding.sh YOUR_LOCAL_PORT SERVICE_IP SERVICE_PORT\n```\nwhere:\n* YOUR_LOCAL_PORT = the port where you want to forward traffic\n* SERVICE_IP = the ip of your service\n* SERVICE_PORT = the port of your service\n\n## Banner grabbing\nJust insert the host where you want to grab the banner\n```\nbash bannergrabbing.sh\n```\n\n## Proxy\n\nJust insert the port where the proxy has to listen:\n```\nbash proxy.sh 1234\n```\n\n## Tracking Open Files\n\nIt tracks the file opened by a specific application. If you don't want to save the logs to a file just run:\n```\nbash tracking-open-file-program.sh /bin/application\n```\nif you want to save the logs to a file just add as second paramter the path where you want to save the dump:\n```\nbash tracking-open-file-program.sh /bin/application /home/user/dump/dump.txt\n```\n\n## Logger\nLogs the content of a specific file by listening on a specific port:\n```\nbash logger.sh /var/log/nginx/access.log 1234\n```\n\n## https dump\nDumps https traffic on client side:\n```\nbash httpsdump.sh /home/myuser wlan0\n```\n\n## Postgresql bruteforce\nRun the pgsql-brute.sh script passing the following arguments:\n* user\n* host\n* dictionary file\n\nIf the password is found the script will print the following output:\n```\nPASSWORD FOUND: [ mypassword ]\n```\n\nWhere the password is in the square brackets\n\n# Donation\n\nI hope you found this experiment interesting. I love creating open-source projects and sharing knowledge with the community. If you’d like to support my future work, you can do so in a couple of ways:\n\n* 💰 Donate Monero (XMR): ```4B9WQivaHfd3miDfPKEfCianocGpBx9d8FXycz2vmNW3aBDVKHgkBd9Gmapt4RBVEpTwnehujsiUBBehUiLvnEHs7VFstCC```\n* 💵 Donate via PayPal: https://www.paypal.me/francescodisales\n\nEvery donation helps me continue building tools, research, and experiments for the benefit of the community. Thank you for your support!\n \n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffrancescodisalesgithub%2Fhobo-hacker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffrancescodisalesgithub%2Fhobo-hacker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffrancescodisalesgithub%2Fhobo-hacker/lists"}