Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/francescodisalesgithub/hobo-hacker
hacking tools using basic linux command line tools instead of complex frameworks
https://github.com/francescodisalesgithub/hobo-hacker
bash bash-script bash-scripting challenge curl hacking netcat network
Last synced: 14 days ago
JSON representation
hacking tools using basic linux command line tools instead of complex frameworks
- Host: GitHub
- URL: https://github.com/francescodisalesgithub/hobo-hacker
- Owner: FrancescoDiSalesGithub
- License: gpl-3.0
- Created: 2024-09-28T17:14:37.000Z (about 1 month ago)
- Default Branch: main
- Last Pushed: 2024-10-21T18:03:26.000Z (15 days ago)
- Last Synced: 2024-10-22T05:52:12.044Z (15 days ago)
- Topics: bash, bash-script, bash-scripting, challenge, curl, hacking, netcat, network
- Language: Shell
- Homepage:
- Size: 172 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# hobo-hacker
hacking tools using basic linux command and bash shell scripting instead of complex frameworks
# Summary
* Introduction
* fuzzing tools
* ip sweep
* port scanning
* Rest api calls
* Cracking hash
* Donation
## Introduction
Since most commons frameworks are easily detectable by siem investigation, the goal of this repository is to implement hacking techniques using basic linux command tools like: netcat, curl, ping.
## Fuzzing tools
Is it possible with curl to create a simple web fuzzer. Here the bash scripts:
* hostfuzzing
* subdomainfuzzing
* virtualhostfuzzing
For these scripts pass:
* as first argument the host
* as second argument the fuzz file
Example:
```
bash hostfuzzing.sh google.it seclists/Discovery/Web-Content/directory-list-2.3-small.txt
```
## IP sweep
Is it possible to enumerate a LAN network by simply using the ip utils. The bash script that does this functionality is **pingsweep.sh*.
Example usage:
```
bash pingsweep.sh 192.168.40
```
## Port scanning
With netcat is it possible to create a simple port scanning. The bash scripting strategy uses two solutions:
* A full port scanning => it iterates until the last port passed
* A selected port range => it iterates in a text file selected ports
In the first solution the bash script is the following:
```
bash portscanning.sh 127.0.0.1 80
```
For the second solution the bash script is the following:
```
bash portspecificscanning.sh 127.0.0.1 ports.txt
```
## Rest api calls
With curl is possible to do rest api calls, the bash script here do a get call and a json request rest api call:
* get.sh
* jsonpost.sh
For get.sh it's enough to pass only as paramter the URL without http or https:
```
bash get.sh google.it/images
```
For jsonpost.sh for first parameter it's mandatory the host, and as the second paramter the json body:
```
bash jsonpost.sh myvulnsite.com {"value":1}
```
## Cracking hash
The following bash scripts crack the following hash algorithm using dictionary attack:
* md5cracker.sh => cracks md5 hashes
* sha1cracker.sh => cracks sha1 hashes
* sha256cracker.sh => cracks sha256 hashes
For each of these bash scripts pass as first argument the hash and as second argument the dictionary file:
```
bash md5cracker.sh b1946ac92492d2347c6235b4d2611184 dictionary.txt
```
# Donation
I hope you found this experiment interesting. I love creating open-source projects and sharing knowledge with the community. If you’d like to support my future work, you can do so in a couple of ways:
* 💰 Donate Monero (XMR): ```4B9WQivaHfd3miDfPKEfCianocGpBx9d8FXycz2vmNW3aBDVKHgkBd9Gmapt4RBVEpTwnehujsiUBBehUiLvnEHs7VFstCC```
* 💵 Donate via PayPal: https://www.paypal.me/francescodisales
Every donation helps me continue building tools, research, and experiments for the benefit of the community. Thank you for your support!