AKCodez/hackingtool-plugin

Claude Code plugin: 183+ pentesting & OSINT tools from Z4nzu/hackingtool. Auto-runs what it can, hands off the rest.

MIT 已发布

Python 247 stars 59 forks 2.8 综合评分

README AKCodez/hackingtool-plugin

hackingtool — Claude Code plugin

183 pentesting & OSINT tools at Claude's fingertips. Plugin-skill wrapper around Z4nzu/hackingtool. Runs locally on any OS — native Bash on Linux/macOS, WSL on Windows, or purpose-built Docker images (instrumentisto/nmap, projectdiscovery/nuclei, caffix/amass, and 20+ more). The skill picks the right backend and image automatically.

Built by ariacodez · wraps Z4nzu/hackingtool (MIT)

See it in Action

Install

/plugin marketplace add AKCODEZ/hackingtool-plugin
/plugin install hackingtool@hackingtool-marketplace

Then point Claude at a target:

"recon example.com"
"hunt the username johndoe"
"scan my repo for vulnerabilies"
"crack my own wifi before my neighbor does"

Claude picks the tools. You read the output.

How it works

Every tool invocation goes through ht_run.py, which:

Picks a backend: native (Linux/macOS), WSL (Windows + real distro), or Docker (anywhere Docker Desktop runs).

Maps known tools to purpose-built Docker images — fast pulls, clean ENTRYPOINTs, no apt install dance:

Category	Images
Port scanning	`instrumentisto/nmap`, `ilyaglow/masscan`, `rustscan/rustscan`
Subdomain recon	`projectdiscovery/subfinder`, `caffix/amass`, `projectdiscovery/httpx`
Vuln scanning	`projectdiscovery/nuclei`, `projectdiscovery/katana`
OSINT	`megadose/holehe`, `soxoj/maigret`, `spiderfoot/spiderfoot`, `secsi/theharvester`
Secrets	`trufflesecurity/trufflehog`, `zricethezav/gitleaks`
Web attack	`secsi/ffuf`, `devopsworks/gobuster`, `drwetter/testssl.sh`, `0xsauby/wafw00f`
SQL injection	`paoloo/sqlmap`
Active Directory	`rflathers/impacket`, `byt3bl33d3r/netexec`
Phishing recon	`elceef/dnstwist`
Fallback	`kalilinux/kali-rolling` (for anything not in the override map)

Runs the command, auto-retries with elevated privileges on permission errors (native/WSL), and surfaces the actual tool output as structured JSON.

The 🟢/🟡 icons in the inventory below are quick indicators of how the tool usually behaves — 🟢 for "plug-and-play" invocations, 🟡 for tools whose behavior depends on the backend and environment (adapter hardware, sudo config, etc.). Either way, the skill runs it and tells you what happened.

Current breakdown: 56 🟢 · 127 🟡 · 183 total.

OS support

The plugin picks a backend automatically via ht_env.py:

Host	Backend
Linux / macOS native	`bash -lc <cmd>`
Windows + real WSL distro (Ubuntu, Kali, etc.)	`wsl -d <distro> -- bash -lc <cmd>`
Windows + Docker Desktop	`docker run --rm <image> <args>`
Anywhere Docker is running	Docker backend (preferred when available)

Docker images in the override map are pulled on first use and cached. ht_run.py <tool_id> --install runs the install commands for native/WSL when you need the binary on the host itself.

Master tool inventory

Legend: 🟢 plug-and-play · 🟡 depends on backend / environment

183 tools total — 🟢 56 plug-and-play · 🟡 127 environment-dependent

🛡 Anonymously Hiding (2)

Tool	What it does	Claude	Flags
Anonymously Surf	It automatically overwrites the RAM when the system shuts down	🟡	`sudo`
Multitor	How to stay in multi places at the same time.	🟡	`sudo`

🔍 Information Gathering (26)

Tool	What it does	Claude	Flags
Amass (Attack Surface Mapping)	In-depth subdomain enumeration and attack surface mapping.	🟢	—
Breacher	An advanced multithreaded admin panel finder written in python.	🟡	`interactive`
Dracnmap	Open source program using nmap to exploit the network and gather information.	🟡	`sudo`
Find Info Using Shodan	Get ports, vulnerabilities, information, banners.	🟡	—
Gitleaks (Git Secret Scanner)	Fast secret scanner for git repos — detects hardcoded passwords, API keys, tokens.	🟢	—
Holehe (Email → Social Accounts)	Check if an email address is registered on 120+ websites.	🟢	—
Host to IP	Resolve hostname to IP.	🟡	`interactive`
httpx (HTTP Toolkit)	Fast multi-purpose HTTP probing tool.	🟢	—
Infoga - Email OSINT	Gathers email account information (ip, hostname, country) from public sources.	🟢	—
IsItDown (Check Website Down/Up)	Check Website Is Online or Not.	🟡	—
Maigret (Username OSINT)	Collect a dossier on a person by username across 3000+ sites.	🟢	—
Masscan (Fast Port Scanner)	Fastest internet port scanner — 10 million packets/sec.	🟡	`sudo`
Network Map (nmap)	Free utility for network discovery and security auditing.	🟡	`sudo`
Port Scanner - rang3r	Python script for multi-threaded port scanning.	🟡	`interactive`
Port scanning	Basic port scan wrapper.	🟡	`interactive`
ReconDog	ReconDog Information Gathering Suite.	🟡	`sudo`
ReconSpider (For All Scanning)	Advanced OSINT Framework for IPs, Emails, Websites, Organizations.	🟡	`sudo`
RED HAWK (All In One Scanning)	All in one tool for Information Gathering and Vulnerability Scanning.	🟢	—
RustScan (Modern Port Scanner)	Scans all 65k ports in 3 seconds, passes results to nmap automatically.	🟡	`sudo`
SecretFinder (like API & etc)	Python script for finding sensitive data like API keys.	🟡	`sudo`
SpiderFoot (OSINT Automation)	Automates OSINT collection for threat intelligence and attack surface mapping.	🟢	—
Striker	Recon & Vulnerability Scanning Suite.	🟡	`interactive`
Subfinder (Subdomain Enumeration)	Fast passive subdomain enumeration using multiple sources.	🟢	—
theHarvester (OSINT)	Gather emails, names, subdomains, IPs and URLs from public sources.	🟢	—
TruffleHog (Secret Scanner)	Find, verify, and analyze leaked credentials across git repos, S3 buckets, filesystems.	🟢	—
Xerosploit	Penetration testing toolkit to perform MITM attacks.	🟡	`sudo`

📚 Wordlist Generator (7)

Tool	What it does	Claude	Flags
Cupp	Common User Passwords Profiler — generates personalized wordlists.	🟡	`interactive` `long`
Goblin WordGenerator	Goblin WordGenerator.	🟢	`long`
haiti (Hash Type Identifier)	Identify hash types — supports 300+ algorithms.	🟢	`long`
Hashcat (Password Cracker)	World's fastest GPU/CPU password recovery tool — 300+ hash types.	🟡	`sudo` `long`
John the Ripper	Open-source password security auditing and recovery tool.	🟡	`sudo` `long`
Password list (1.4B Clear Text)	Search 1.4 Billion clear text credentials from BreachCompilation leak.	🟢	`long`
WordlistCreator	C program that generates all possibilities of passwords.	🟡	`sudo` `long`

📶 Wireless Attack (13)

Tool	What it does	Claude	Flags
Airgeddon	Multi-use bash script for auditing wireless networks.	🟡	`sudo` `hw`
Bettercap	Swiss army knife for WiFi, BLE, HID, and Ethernet recon and MITM.	🟡	`sudo` `hw`
Bluetooth Honeypot (bluepot)	Bluetooth receiver honeypot.	🟡	`sudo` `hw`
EvilTwin	Evil Twin attack via fake page and fake Access Point.	🟡	`sudo` `hw`
Fastssh	Multi-threaded scan and brute force against SSH.	🟡	`sudo` `hw`
Fluxion	Remake of linset — automated MITM wifi attack.	🟡	`interactive` `sudo` `hw`
hcxdumptool	Capture packets and PMKID hashes from WLAN devices.	🟡	`sudo` `hw`
hcxtools	Convert captured WLAN packets to hashcat/JtR-compatible format.	🟡	`sudo` `hw`
Howmanypeople	Count people around you by monitoring wifi signals.	🟡	`sudo` `hw`
pixiewps	Brute force offline WPS pin (pixie-dust attack).	🟡	`sudo` `hw` `long`
WiFi-Pumpkin	Rogue AP framework for creating fake networks.	🟡	`sudo` `hw`
Wifiphisher	Rogue Access Point framework for red team engagements.	🟡	`sudo` `hw`
Wifite	Automated wireless attack tool.	🟡	`sudo` `hw`

🧩 SQL Injection (7)

Tool	What it does	Claude	Flags
Blisqy	Find time-based blind SQL injections on HTTP headers.	🟡	—
DSSS	Damn Small SQLi Scanner — GET and POST parameters.	🟡	—
Explo	Describe web security issues in human and machine readable format.	🟡	—
Leviathan	Mass audit toolkit — service discovery, brute force, SQLi detection.	🟢	—
NoSqlMap	Audit and automate injection attacks on NoSQL databases.	🟢	—
Sqlmap	Automate detection and exploitation of SQL injection flaws.	🟡	`interactive`
SQLScan	Quick web scanner to find SQL injection points.	🟡	`sudo`

🎣 Phishing Attack (17)

Tool	What it does	Claude	Flags
AdvPhishing	Advance Phishing Tool — OTP phishing.	🟡	`sudo`
Autophisher	Automated Phishing Toolkit.	🟡	`sudo`
BlackEye	Phishing tool with 38 website templates.	🟡	`sudo`
BlackPhish	Phishing toolkit.	🟡	`sudo`
dnstwist	Domain name permutation engine — typosquatting and brand impersonation.	🟢	—
Evilginx3	MITM attack framework for phishing login credentials.	🟡	`sudo`
HiddenEye	Modern phishing tool with multi-tunnelling.	🟡	`sudo`
I-See-You	Find the exact location of a target via social engineering.	🟡	`sudo`
Maskphish	Hide phishing URL under a normal looking URL.	🟡	`sudo`
Pyphisher	Easy to use phishing tool with 77 website templates.	🟡	`sudo`
QR Code Jacking	QR Code Jacking (Any Website).	🟡	`sudo`
QRLJacking	Session hijacking against QR-code-based login.	🟡	`sudo`
SayCheese	Grab webcam shots from target via malicious link.	🟡	`sudo`
Setoolkit	Social-Engineer Toolkit.	🟡	`sudo`
ShellPhish	Phishing tool for 18 social media.	🟡	`sudo`
SocialFish	Automated Phishing Tool & Information Collector.	🟡	`sudo`
Thanos	Browser to Browser Phishing toolkit.	🟡	`sudo`

🌐 Web Attack (20)

Tool	What it does	Claude	Flags
Arjun	HTTP parameter discovery — finds hidden GET/POST parameters.	🟢	—
Blazy	Modern login page bruteforcer (also clickjacking).	🟡	`archived`
Caido	Lightweight web security auditing toolkit — Burp alternative in Rust.	🟡	`sudo`
CheckURL	Detect evil URLs that use IDN Homograph Attack.	🟢	—
Dirb	Web Content Scanner — existing and hidden Web Objects.	🟡	`interactive` `sudo`
Dirsearch	Web path brute-forcing — directories and files on web servers.	🟢	—
Feroxbuster	Fast, recursive content discovery tool in Rust.	🟡	`sudo` `long`
ffuf	Fast web fuzzer — content, parameter, vhost discovery.	🟢	`long`
Gobuster	Directory/file, DNS, and vhost brute-forcing in Go.	🟢	—
Katana	Next-generation crawling and spidering framework.	🟢	—
mitmproxy	Interactive TLS-capable intercepting HTTP proxy.	🟢	—
Nikto	Scan web servers for dangerous files, outdated software, misconfig.	🟡	`sudo`
Nuclei	Fast, template-based vulnerability scanner used by 50k+ teams.	🟢	—
OWASP ZAP	Full-featured web application security scanner.	🟡	`sudo` `gui`
Skipfish	Automated active web application security reconnaissance.	🟡	`sudo`
Sub-Domain TakeOver	Sub-domain takeover scanner.	🟡	—
Sublist3r	Enumerate subdomains of websites using OSINT.	🟡	`sudo`
testssl.sh	Check TLS/SSL ciphers, protocols, and cryptographic flaws.	🟢	—
wafw00f	Fingerprint and identify Web Application Firewalls (WAF).	🟢	—
Web2Attack	Web hacking framework with tools and exploits.	🟡	`sudo`

🔧 Post Exploitation (10)

Tool	What it does	Claude	Flags
Chisel	Fast TCP/UDP tunnel over HTTP — pivoting and port forwarding.	🟢	—
Chrome Keylogger	Hera Chrome Keylogger.	🟡	`sudo`
Evil-WinRM	Ultimate WinRM shell for Windows pentesting.	🟢	—
Havoc	Modern post-exploitation C2 framework with EDR evasion.	🟢	—
Ligolo-ng	Advanced tunneling/pivoting via TUN interfaces.	🟢	—
Mythic	Collaborative multi-payload C2 platform for red team ops.	🟡	`sudo`
PEASS-ng (LinPEAS/WinPEAS)	Privilege escalation enumeration for Linux and Windows.	🟢	—
pwncat-cs	Post-exploitation platform — manages reverse/bind shells.	🟢	—
Sliver	Cross-platform adversary emulation / red team C2.	🟡	`sudo`
Vegile (Ghost In The Shell)	Set up backdoor/rootkits when a backdoor is already set up.	🟡	`sudo`

🕵 Forensics (8)

Tool	What it does	Claude	Flags
Autopsy	Forensic investigation platform.	🟡	`sudo` `gui`
Binwalk	Analyze, reverse engineer, and extract firmware images.	🟢	—
Bulk extractor	Extract useful information without parsing the file system.	🟡	—
Guymager (Disk Clone / ISO)	Free forensic imager for media acquisition.	🟡	`sudo`
pspy	Monitor Linux processes without root — cron jobs, scheduled tasks.	🟢	—
Toolsley	Ten-plus useful tools for investigation.	🟡	—
Volatility 3	World's most widely used memory forensics framework.	🟡	`interactive`
Wireshark	Network capture and analyzer.	🟡	`sudo` `gui`

📦 Payload Creation (8)

Tool	What it does	Claude	Flags
Brutal	Toolkit for payloads, powershell attacks, HID attacks.	🟡	`sudo`
Enigma	Multiplatform payload dropper.	🟡	`sudo`
Mob-Droid	Generate metasploit payloads easily.	🟡	`sudo`
MSFvenom Payload Creator	Wrapper to generate multiple types of payloads.	🟡	`sudo`
Spycam	Win32 payload that captures webcam images every minute.	🟢	—
Stitch	Cross Platform Python Remote Administrator Tool.	🟡	`sudo`
The FatRat	Backdoor/payload generation that can bypass most AV.	🟡	`sudo`
Venom Shellcode Generator	Exploits apache2 to deliver LAN payloads via fake webpages.	🟡	`sudo`

🧰 Exploit Framework (3)

Tool	What it does	Claude	Flags
Commix	Automated OS command injection and exploitation tool.	🟡	`interactive` `sudo`
RouterSploit	Exploitation framework dedicated to embedded devices.	🟡	`sudo`
WebSploit	Advanced MITM framework.	🟡	`sudo`

🔁 Reverse Engineering (5)

Tool	What it does	Claude	Flags
Androguard	Reverse engineering and malware analysis of Android apps.	🟡	`sudo`
Apk2Gold	CLI tool for decompiling Android apps to Java.	🟡	`interactive` `sudo`
Ghidra	NSA's software reverse engineering framework.	🟡	`sudo` `gui`
JadX	Dex to Java decompiler.	🟡	`sudo`
Radare2	Portable UNIX-like reverse engineering framework.	🟢	—

⚡ DDOS (6)

Tool	What it does	Claude	Flags
Asyncrone (SYN Flood)	C-based multifunction SYN Flood weapon.	🟡	`interactive` `sudo` `long`
DDoS Script	DDoS attack script — 36+ methods.	🟡	`interactive` `sudo` `long`
GoldenEye	Python3 stress testing app.	🟡	`interactive` `long`
SaphyraDDoS	Python DDoS script.	🟡	`interactive` `long`
SlowLoris	HTTP Denial of Service attack.	🟡	`interactive` `sudo` `long`
UFOnet	P2P cryptographic disruptive toolkit for DoS/DDoS.	🟡	`gui` `long`

🖥 RAT (1)

Tool	What it does	Claude	Flags
Pyshell	RAT with file upload/download.	🟢	—

💥 XSS (9)

Tool	What it does	Claude	Flags
XSStrike	Python-based XSS detection and exploitation tool.	🟡	`sudo`
DalFox	XSS scanning and parameter analysis tool.	🟡	`sudo`
Extended XSS Searcher	Extended XSS searcher and finder.	🟡	`interactive`
RVuln	Multi-threaded web vulnerability scanner in Rust.	🟡	`sudo`
XanXSS	Reflected XSS searching tool with template-based payloads.	🟡	—
XSpear	XSS scanner built on Ruby Gems.	🟢	—
XSS Payload Generator	XSS payload generator, scanner, and dork finder.	🟡	`sudo`
XSS-Freak	XSS scanner written in Python 3.	🟡	`sudo`
XSSCon	XSS scanner.	🟡	`interactive` `sudo`

🖼 Steganography (4)

Tool	What it does	Claude	Flags
SteganoHide	Hide/retrieve data in image or audio files.	🟡	`interactive` `sudo`
StegnoCracker	Brute force hidden data inside files.	🟡	`interactive` `long`
StegoCracker	Hide and retrieve data in image or audio files.	🟡	`sudo`
Whitespace	Steganography via whitespace and unicode.	🟡	`sudo`

🏢 Active Directory (6)

Tool	What it does	Claude	Flags
BloodHound	Graph theory to reveal hidden attack paths in AD/Azure.	🟡	`sudo`
Certipy	Active Directory Certificate Services enumeration and abuse.	🟢	—
Impacket	Python classes for SMB, MSRPC, Kerberos, LDAP.	🟢	—
Kerbrute	Kerberos pre-auth brute-forcer — enumeration and spraying.	🟢	—
NetExec (nxc)	Swiss army knife for Windows/AD pentesting — CrackMapExec successor.	🟢	—
Responder	LLMNR/NBT-NS/MDNS poisoner for credential capture.	🟡	`sudo`

☁ Cloud Security (4)

Tool	What it does	Claude	Flags
Pacu	AWS exploitation framework for offensive security testing.	🟢	—
Prowler	Security tool for AWS, Azure, GCP, Kubernetes.	🟢	—
ScoutSuite	Multi-cloud security auditing tool.	🟢	—
Trivy	Vulnerability scanner for containers, Kubernetes, IaC.	🟡	`sudo`

📱 Mobile Security (3)

Tool	What it does	Claude	Flags
Frida	Dynamic instrumentation toolkit for runtime hooking.	🟢	—
MobSF	All-in-one mobile app pentesting and malware analysis.	🟢	—
Objection	Runtime mobile exploration powered by Frida.	🟢	—

✨ Other (1)

Tool	What it does	Claude	Flags
HatCloud	Ruby tool to bypass CloudFlare and discover real IP.	🟡	`interactive`

📱 Android Attack (5)

Tool	What it does	Claude	Flags
DroidCam (Capture Image)	Grab front camera snap using a link.	🟡	`sudo`
EvilApp	Android App that hijacks authenticated sessions in cookies.	🟢	—
Keydroid	Android Keylogger + Reverse Shell.	🟢	—
Lockphish	Lock-screen phishing.	🟢	—
MySMS	Android App that hacks SMS through WAN.	🟢	—

📧 Email Verifier (1)

Tool	What it does	Claude	Flags
Knockmail	Verify if an email exists.	🟡	`sudo`

🔑 Hash Crack (1)

Tool	What it does	Claude	Flags
Hash Buster	Hash cracking via public hash databases.	🟢	—

🎭 Homograph (1)

Tool	What it does	Claude	Flags
EvilURL	Unicode evil domains for IDN Homograph Attack.	🟢	—

🧪 Mix Tools (2)

Tool	What it does	Claude	Flags
Crivo	Extract and filter URLs, IPs, domains, and subdomains.	🟡	—
Terminal Multiplexer	Tilix — tiling terminal emulator.	🟡	`sudo`

💉 Payload Injection (2)

Tool	What it does	Claude	Flags
Debinject	Inject malicious code into *.debs.	🟢	—
Pixload	Image Payload Creating tools.	🟡	`sudo`

📱 Social Media (4)

Tool	What it does	Claude	Flags
AllinOne SocialMedia Attack	Brute-force Gmail, Hotmail, Twitter, Facebook, Netflix.	🟡	`sudo`
Application Checker	Check if an app is installed on the target via link.	🟡	`sudo`
Facebook Attack	Facebook BruteForcer.	🟡	`interactive` `sudo`
Instagram Attack	Brute force attack against Instagram.	🟡	`archived`

🔎 Social Media Finder (4)

Tool	What it does	Claude	Flags
Find SocialMedia By Facial Recognition	Social Media Mapping Tool that correlates profiles.	🟡	`sudo`
Find SocialMedia By UserName	Find usernames across 75+ social networks.	🟡	`sudo`
Sherlock	Hunt down social media accounts by username.	🟡	`interactive` `sudo`
SocialScan	Check email and username availability on online platforms.	🟡	`interactive`

🕸 Web Crawling (1)

Tool	What it does	Claude	Flags
Gospider	Fast web spider written in Go.	🟡	`sudo`

📡 Wifi Jamming (2)

Tool	What it does	Claude	Flags
KawaiiDeauther	Pentest toolkit for wifi deauthentication.	🟡	`sudo` `hw`
WifiJammer-NG	Continuously jam all wifi clients and APs within range.	🟡	`sudo` `hw`

Refreshing the tool index

When upstream hackingtool adds tools, regenerate data/tools.json and the README table:

python ${CLAUDE_PLUGIN_ROOT}/scripts/ht_index.py --hackingtool-path /path/to/hackingtool
python ${CLAUDE_PLUGIN_ROOT}/scripts/build_readme_table.py > new_table.md

If hackingtool is a sibling directory of this repo, --hackingtool-path isn't needed — the script auto-detects.

Directory layout

hackingtool-plugin/
├── .claude-plugin/
│   └── marketplace.json          # marketplace entry
├── images/                       # screenshots + logo
├── README.md                     # this file
└── plugins/hackingtool/
    ├── .claude-plugin/plugin.json
    ├── data/tools.json           # generated index
    ├── scripts/
    │   ├── ht_index.py           # (dev) regenerate tools.json
    │   ├── build_readme_table.py # (dev) regenerate the table above
    │   ├── ht_search.py          # query index
    │   ├── ht_env.py             # detect backend
    │   └── ht_run.py             # backend-aware tool runner
    └── skills/pentest/
        ├── SKILL.md
        └── reference/
            ├── workflows.md
            └── runtime-fallbacks.md

Limitations

Python 3.10+ required.
No async tool streaming. Long-running tools block until they finish or timeout.
Docker backend pulls kalilinux/kali-rolling on first use.
Capability flags are heuristics. If you find a mis-tagged tool, fix it in data/tools.json or open an issue.

Credits

Upstream toolkit: Z4nzu/hackingtool — all tool metadata, categorization, and screenshots originate from this project.
Plugin wrapper: ariacodez (AKCodez on GitHub).

License

MIT. Upstream Z4nzu/hackingtool is also MIT-licensed.

For authorized security testing, bug bounty, CTFs, and research only.

社区评分

文档质量

3.0

★★★☆☆

活跃度

4.0

★★★★☆

易用性

3.0