[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-1021":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":25,"readmeContent":26,"aiSummary":27,"trendingCount":15,"starSnapshotCount":15,"syncStatus":28,"lastSyncTime":29,"discoverSource":30},1021,"hackingtool-plugin","AKCodez\u002Fhackingtool-plugin","AKCodez","Claude Code plugin: 183+ pentesting & OSINT tools from Z4nzu\u002Fhackingtool. Auto-runs what it can, hands off the rest.",null,"Python",756,178,18,1,0,12,31,297,36,93.26,false,"main",true,[],"2026-06-12 04:00:07","\u003Cdiv align=\"center\">\n\n\u003Cimg src=\"images\u002Flogo.svg\" alt=\"HackingTool\" width=\"600\">\n\n# hackingtool — Claude Code plugin\n\n**183 pentesting & OSINT tools at Claude's fingertips.** Plugin-skill wrapper around [Z4nzu\u002Fhackingtool](https:\u002F\u002Fgithub.com\u002FZ4nzu\u002Fhackingtool). Runs locally on any OS — native Bash on Linux\u002FmacOS, WSL on Windows, or purpose-built Docker images (`instrumentisto\u002Fnmap`, `projectdiscovery\u002Fnuclei`, `caffix\u002Famass`, and 20+ more). The skill picks the right backend and image automatically.\n\n![Plugin](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FClaude_Code-Plugin-7B61FF?style=for-the-badge)\n![Tools](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F183_Tools-00FF88?style=for-the-badge)\n![Categories](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F20+_Categories-FF61DC?style=for-the-badge)\n![OS](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLinux_%7C_macOS_%7C_Windows-FFA116?style=for-the-badge&logo=linux&logoColor=white)\n\nBuilt by [ariacodez](https:\u002F\u002Fgithub.com\u002FAKCODEZ) · wraps [Z4nzu\u002Fhackingtool](https:\u002F\u002Fgithub.com\u002FZ4nzu\u002Fhackingtool) (MIT)\n\n\u003C\u002Fdiv>\n\n# See it in Action \n\n\u003Cimg width=\"1194\" height=\"49\" alt=\"image\" src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F9a573541-eabb-4996-b305-c2c1f240cceb\" \u002F>\n\u003Cimg width=\"1152\" height=\"396\" alt=\"image\" src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F77b75859-7733-4807-9005-6bfcdd3340f5\" \u002F>\n\u003Cimg width=\"1196\" height=\"750\" alt=\"image\" src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F86c3b5a0-a016-4159-8580-9b96e5418e20\" \u002F>\n\n---\n\n## Install\n\n```\n\u002Fplugin marketplace add AKCODEZ\u002Fhackingtool-plugin\n\u002Fplugin install hackingtool@hackingtool-marketplace\n```\n\nThen point Claude at a target:\n\n```\n\"recon example.com\"\n\"hunt the username johndoe\"\n\"scan my repo for vulnerabilies\"\n\"crack my own wifi before my neighbor does\"\n```\n\nClaude picks the tools. You read the output.\n\n---\n\n## How it works\n\nEvery tool invocation goes through `ht_run.py`, which:\n\n1. Picks a backend: **native** (Linux\u002FmacOS), **WSL** (Windows + real distro), or **Docker** (anywhere Docker Desktop runs).\n2. Maps known tools to **purpose-built Docker images** — fast pulls, clean ENTRYPOINTs, no `apt install` dance:\n\n   | Category | Images |\n   |---|---|\n   | Port scanning | `instrumentisto\u002Fnmap`, `ilyaglow\u002Fmasscan`, `rustscan\u002Frustscan` |\n   | Subdomain recon | `projectdiscovery\u002Fsubfinder`, `caffix\u002Famass`, `projectdiscovery\u002Fhttpx` |\n   | Vuln scanning | `projectdiscovery\u002Fnuclei`, `projectdiscovery\u002Fkatana` |\n   | OSINT | `megadose\u002Fholehe`, `soxoj\u002Fmaigret`, `spiderfoot\u002Fspiderfoot`, `secsi\u002Ftheharvester` |\n   | Secrets | `trufflesecurity\u002Ftrufflehog`, `zricethezav\u002Fgitleaks` |\n   | Web attack | `secsi\u002Fffuf`, `devopsworks\u002Fgobuster`, `drwetter\u002Ftestssl.sh`, `0xsauby\u002Fwafw00f` |\n   | SQL injection | `paoloo\u002Fsqlmap` |\n   | Active Directory | `rflathers\u002Fimpacket`, `byt3bl33d3r\u002Fnetexec` |\n   | Phishing recon | `elceef\u002Fdnstwist` |\n   | Fallback | `kalilinux\u002Fkali-rolling` (for anything not in the override map) |\n\n3. Runs the command, auto-retries with elevated privileges on permission errors (native\u002FWSL), and surfaces the actual tool output as structured JSON.\n\nThe 🟢\u002F🟡 icons in the inventory below are quick indicators of how the tool usually behaves — 🟢 for \"plug-and-play\" invocations, 🟡 for tools whose behavior depends on the backend and environment (adapter hardware, sudo config, etc.). Either way, the skill runs it and tells you what happened.\n\nCurrent breakdown: **56 🟢 · 127 🟡 · 183 total**.\n\n---\n\n## OS support\n\nThe plugin picks a backend automatically via `ht_env.py`:\n\n| Host | Backend |\n|---|---|\n| Linux \u002F macOS native | `bash -lc \u003Ccmd>` |\n| Windows + real WSL distro (Ubuntu, Kali, etc.) | `wsl -d \u003Cdistro> -- bash -lc \u003Ccmd>` |\n| Windows + Docker Desktop | `docker run --rm \u003Cimage> \u003Cargs>` |\n| Anywhere Docker is running | Docker backend (preferred when available) |\n\nDocker images in the override map are pulled on first use and cached. `ht_run.py \u003Ctool_id> --install` runs the install commands for native\u002FWSL when you need the binary on the host itself.\n\n---\n\n## Master tool inventory\n\nLegend: 🟢 plug-and-play · 🟡 depends on backend \u002F environment\n\n**183 tools total** — 🟢 56 plug-and-play · 🟡 127 environment-dependent\n\n\n### 🛡 Anonymously Hiding (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Anonymously Surf](https:\u002F\u002Fgithub.com\u002FUnd3rf10w\u002Fkali-anonsurf) | It automatically overwrites the RAM when the system shuts down | 🟡 | `sudo` |\n| [Multitor](https:\u002F\u002Fgithub.com\u002Ftrimstray\u002Fmultitor) | How to stay in multi places at the same time. | 🟡 | `sudo` |\n\n### 🔍 Information Gathering (26)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Amass (Attack Surface Mapping)](https:\u002F\u002Fgithub.com\u002Fowasp-amass\u002Famass) | In-depth subdomain enumeration and attack surface mapping. | 🟢 | — |\n| [Breacher](https:\u002F\u002Fgithub.com\u002Fs0md3v\u002FBreacher) | An advanced multithreaded admin panel finder written in python. | 🟡 | `interactive` |\n| [Dracnmap](https:\u002F\u002Fgithub.com\u002FScreetsec\u002FDracnmap) | Open source program using nmap to exploit the network and gather information. | 🟡 | `sudo` |\n| [Find Info Using Shodan](https:\u002F\u002Fgithub.com\u002Fm4ll0k\u002FShodanfy.py) | Get ports, vulnerabilities, information, banners. | 🟡 | — |\n| [Gitleaks (Git Secret Scanner)](https:\u002F\u002Fgithub.com\u002Fgitleaks\u002Fgitleaks) | Fast secret scanner for git repos — detects hardcoded passwords, API keys, tokens. | 🟢 | — |\n| [Holehe (Email → Social Accounts)](https:\u002F\u002Fgithub.com\u002Fmegadose\u002Fholehe) | Check if an email address is registered on 120+ websites. | 🟢 | — |\n| Host to IP | Resolve hostname to IP. | 🟡 | `interactive` |\n| [httpx (HTTP Toolkit)](https:\u002F\u002Fgithub.com\u002Fprojectdiscovery\u002Fhttpx) | Fast multi-purpose HTTP probing tool. | 🟢 | — |\n| [Infoga - Email OSINT](https:\u002F\u002Fgithub.com\u002Fm4ll0k\u002FInfoga) | Gathers email account information (ip, hostname, country) from public sources. | 🟢 | — |\n| IsItDown (Check Website Down\u002FUp) | Check Website Is Online or Not. | 🟡 | — |\n| [Maigret (Username OSINT)](https:\u002F\u002Fgithub.com\u002Fsoxoj\u002Fmaigret) | Collect a dossier on a person by username across 3000+ sites. | 🟢 | — |\n| [Masscan (Fast Port Scanner)](https:\u002F\u002Fgithub.com\u002Frobertdavidgraham\u002Fmasscan) | Fastest internet port scanner — 10 million packets\u002Fsec. | 🟡 | `sudo` |\n| [Network Map (nmap)](https:\u002F\u002Fgithub.com\u002Fnmap\u002Fnmap) | Free utility for network discovery and security auditing. | 🟡 | `sudo` |\n| [Port Scanner - rang3r](https:\u002F\u002Fgithub.com\u002Ffloriankunushevci\u002Frang3r) | Python script for multi-threaded port scanning. | 🟡 | `interactive` |\n| Port scanning | Basic port scan wrapper. | 🟡 | `interactive` |\n| [ReconDog](https:\u002F\u002Fgithub.com\u002Fs0md3v\u002FReconDog) | ReconDog Information Gathering Suite. | 🟡 | `sudo` |\n| [ReconSpider (For All Scanning)](https:\u002F\u002Fgithub.com\u002Fbhavsec\u002Freconspider) | Advanced OSINT Framework for IPs, Emails, Websites, Organizations. | 🟡 | `sudo` |\n| [RED HAWK (All In One Scanning)](https:\u002F\u002Fgithub.com\u002FTuhinshubhra\u002FRED_HAWK) | All in one tool for Information Gathering and Vulnerability Scanning. | 🟢 | — |\n| [RustScan (Modern Port Scanner)](https:\u002F\u002Fgithub.com\u002FRustScan\u002FRustScan) | Scans all 65k ports in 3 seconds, passes results to nmap automatically. | 🟡 | `sudo` |\n| [SecretFinder (like API & etc)](https:\u002F\u002Fgithub.com\u002Fm4ll0k\u002FSecretFinder) | Python script for finding sensitive data like API keys. | 🟡 | `sudo` |\n| [SpiderFoot (OSINT Automation)](https:\u002F\u002Fgithub.com\u002Fsmicallef\u002Fspiderfoot) | Automates OSINT collection for threat intelligence and attack surface mapping. | 🟢 | — |\n| [Striker](https:\u002F\u002Fgithub.com\u002Fs0md3v\u002FStriker) | Recon & Vulnerability Scanning Suite. | 🟡 | `interactive` |\n| [Subfinder (Subdomain Enumeration)](https:\u002F\u002Fgithub.com\u002Fprojectdiscovery\u002Fsubfinder) | Fast passive subdomain enumeration using multiple sources. | 🟢 | — |\n| [theHarvester (OSINT)](https:\u002F\u002Fgithub.com\u002Flaramies\u002FtheHarvester) | Gather emails, names, subdomains, IPs and URLs from public sources. | 🟢 | — |\n| [TruffleHog (Secret Scanner)](https:\u002F\u002Fgithub.com\u002Ftrufflesecurity\u002Ftrufflehog) | Find, verify, and analyze leaked credentials across git repos, S3 buckets, filesystems. | 🟢 | — |\n| [Xerosploit](https:\u002F\u002Fgithub.com\u002FLionSec\u002Fxerosploit) | Penetration testing toolkit to perform MITM attacks. | 🟡 | `sudo` |\n\n### 📚 Wordlist Generator (7)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Cupp](https:\u002F\u002Fgithub.com\u002FMebus\u002Fcupp) | Common User Passwords Profiler — generates personalized wordlists. | 🟡 | `interactive` `long` |\n| [Goblin WordGenerator](https:\u002F\u002Fgithub.com\u002FUndeadSec\u002FGoblinWordGenerator.git) | Goblin WordGenerator. | 🟢 | `long` |\n| [haiti (Hash Type Identifier)](https:\u002F\u002Fgithub.com\u002Fnoraj\u002Fhaiti) | Identify hash types — supports 300+ algorithms. | 🟢 | `long` |\n| [Hashcat (Password Cracker)](https:\u002F\u002Fgithub.com\u002Fhashcat\u002Fhashcat) | World's fastest GPU\u002FCPU password recovery tool — 300+ hash types. | 🟡 | `sudo` `long` |\n| [John the Ripper](https:\u002F\u002Fgithub.com\u002Fopenwall\u002Fjohn) | Open-source password security auditing and recovery tool. | 🟡 | `sudo` `long` |\n| [Password list (1.4B Clear Text)](https:\u002F\u002Fgithub.com\u002FViralmaniar\u002FSMWYG-Show-Me-What-You-Got) | Search 1.4 Billion clear text credentials from BreachCompilation leak. | 🟢 | `long` |\n| [WordlistCreator](https:\u002F\u002Fgithub.com\u002FZ4nzu\u002Fwlcreator) | C program that generates all possibilities of passwords. | 🟡 | `sudo` `long` |\n\n### 📶 Wireless Attack (13)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Airgeddon](https:\u002F\u002Fgithub.com\u002Fv1s1t0r1sh3r3\u002Fairgeddon) | Multi-use bash script for auditing wireless networks. | 🟡 | `sudo` `hw` |\n| [Bettercap](https:\u002F\u002Fgithub.com\u002Fbettercap\u002Fbettercap) | Swiss army knife for WiFi, BLE, HID, and Ethernet recon and MITM. | 🟡 | `sudo` `hw` |\n| [Bluetooth Honeypot (bluepot)](https:\u002F\u002Fgithub.com\u002Fandrewmichaelsmith\u002Fbluepot) | Bluetooth receiver honeypot. | 🟡 | `sudo` `hw` |\n| [EvilTwin](https:\u002F\u002Fgithub.com\u002FZ4nzu\u002Ffakeap) | Evil Twin attack via fake page and fake Access Point. | 🟡 | `sudo` `hw` |\n| [Fastssh](https:\u002F\u002Fgithub.com\u002FZ4nzu\u002Ffastssh) | Multi-threaded scan and brute force against SSH. | 🟡 | `sudo` `hw` |\n| [Fluxion](https:\u002F\u002Fgithub.com\u002FFluxionNetwork\u002Ffluxion) | Remake of linset — automated MITM wifi attack. | 🟡 | `interactive` `sudo` `hw` |\n| [hcxdumptool](https:\u002F\u002Fgithub.com\u002FZerBea\u002Fhcxdumptool) | Capture packets and PMKID hashes from WLAN devices. | 🟡 | `sudo` `hw` |\n| [hcxtools](https:\u002F\u002Fgithub.com\u002FZerBea\u002Fhcxtools) | Convert captured WLAN packets to hashcat\u002FJtR-compatible format. | 🟡 | `sudo` `hw` |\n| Howmanypeople | Count people around you by monitoring wifi signals. | 🟡 | `sudo` `hw` |\n| [pixiewps](https:\u002F\u002Fgithub.com\u002Fwiire\u002Fpixiewps) | Brute force offline WPS pin (pixie-dust attack). | 🟡 | `sudo` `hw` `long` |\n| [WiFi-Pumpkin](https:\u002F\u002Fgithub.com\u002FP0cL4bs\u002Fwifipumpkin3) | Rogue AP framework for creating fake networks. | 🟡 | `sudo` `hw` |\n| [Wifiphisher](https:\u002F\u002Fgithub.com\u002Fwifiphisher\u002Fwifiphisher) | Rogue Access Point framework for red team engagements. | 🟡 | `sudo` `hw` |\n| [Wifite](https:\u002F\u002Fgithub.com\u002Fderv82\u002Fwifite2) | Automated wireless attack tool. | 🟡 | `sudo` `hw` |\n\n### 🧩 SQL Injection (7)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Blisqy](https:\u002F\u002Fgithub.com\u002FJohnTroony\u002FBlisqy) | Find time-based blind SQL injections on HTTP headers. | 🟡 | — |\n| [DSSS](https:\u002F\u002Fgithub.com\u002Fstamparm\u002FDSSS) | Damn Small SQLi Scanner — GET and POST parameters. | 🟡 | — |\n| [Explo](https:\u002F\u002Fgithub.com\u002Fdtag-dev-sec\u002Fexplo) | Describe web security issues in human and machine readable format. | 🟡 | — |\n| [Leviathan](https:\u002F\u002Fgithub.com\u002Fleviathan-framework\u002Fleviathan) | Mass audit toolkit — service discovery, brute force, SQLi detection. | 🟢 | — |\n| [NoSqlMap](https:\u002F\u002Fgithub.com\u002Fcodingo\u002FNoSQLMap) | Audit and automate injection attacks on NoSQL databases. | 🟢 | — |\n| [Sqlmap](https:\u002F\u002Fgithub.com\u002Fsqlmapproject\u002Fsqlmap) | Automate detection and exploitation of SQL injection flaws. | 🟡 | `interactive` |\n| [SQLScan](https:\u002F\u002Fgithub.com\u002FCvar1984\u002Fsqlscan) | Quick web scanner to find SQL injection points. | 🟡 | `sudo` |\n\n### 🎣 Phishing Attack (17)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [AdvPhishing](https:\u002F\u002Fgithub.com\u002FIgnitetch\u002FAdvPhishing) | Advance Phishing Tool — OTP phishing. | 🟡 | `sudo` |\n| [Autophisher](https:\u002F\u002Fgithub.com\u002FCodingRanjith\u002Fautophisher) | Automated Phishing Toolkit. | 🟡 | `sudo` |\n| [BlackEye](https:\u002F\u002Fgithub.com\u002FAn0nUD4Y\u002Fblackeye) | Phishing tool with 38 website templates. | 🟡 | `sudo` |\n| [BlackPhish](https:\u002F\u002Fgithub.com\u002Fiinc0gnit0\u002FBlackPhish) | Phishing toolkit. | 🟡 | `sudo` |\n| [dnstwist](https:\u002F\u002Fgithub.com\u002Felceef\u002Fdnstwist) | Domain name permutation engine — typosquatting and brand impersonation. | 🟢 | — |\n| [Evilginx3](https:\u002F\u002Fgithub.com\u002Fkgretzky\u002Fevilginx2) | MITM attack framework for phishing login credentials. | 🟡 | `sudo` |\n| [HiddenEye](https:\u002F\u002Fgithub.com\u002FMorsmalleo\u002FHiddenEye) | Modern phishing tool with multi-tunnelling. | 🟡 | `sudo` |\n| [I-See-You](https:\u002F\u002Fgithub.com\u002FViralmaniar\u002FI-See-You) | Find the exact location of a target via social engineering. | 🟡 | `sudo` |\n| [Maskphish](https:\u002F\u002Fgithub.com\u002Fjaykali\u002Fmaskphish) | Hide phishing URL under a normal looking URL. | 🟡 | `sudo` |\n| [Pyphisher](https:\u002F\u002Fgithub.com\u002FKasRoudra\u002FPyPhisher) | Easy to use phishing tool with 77 website templates. | 🟡 | `sudo` |\n| [QR Code Jacking](https:\u002F\u002Fgithub.com\u002Fcryptedwolf\u002Fohmyqr) | QR Code Jacking (Any Website). | 🟡 | `sudo` |\n| [QRLJacking](https:\u002F\u002Fgithub.com\u002FOWASP\u002FQRLJacking) | Session hijacking against QR-code-based login. | 🟡 | `sudo` |\n| [SayCheese](https:\u002F\u002Fgithub.com\u002Fhangetzzu\u002Fsaycheese) | Grab webcam shots from target via malicious link. | 🟡 | `sudo` |\n| [Setoolkit](https:\u002F\u002Fgithub.com\u002Ftrustedsec\u002Fsocial-engineer-toolkit) | Social-Engineer Toolkit. | 🟡 | `sudo` |\n| [ShellPhish](https:\u002F\u002Fgithub.com\u002FAn0nUD4Y\u002Fshellphish) | Phishing tool for 18 social media. | 🟡 | `sudo` |\n| [SocialFish](https:\u002F\u002Fgithub.com\u002FUndeadSec\u002FSocialFish) | Automated Phishing Tool & Information Collector. | 🟡 | `sudo` |\n| [Thanos](https:\u002F\u002Fgithub.com\u002FTridevReddy\u002FThanos) | Browser to Browser Phishing toolkit. | 🟡 | `sudo` |\n\n### 🌐 Web Attack (20)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Arjun](https:\u002F\u002Fgithub.com\u002Fs0md3v\u002FArjun) | HTTP parameter discovery — finds hidden GET\u002FPOST parameters. | 🟢 | — |\n| [Blazy](https:\u002F\u002Fgithub.com\u002FUltimateHackers\u002FBlazy) | Modern login page bruteforcer (also clickjacking). | 🟡 | `archived` |\n| [Caido](https:\u002F\u002Fgithub.com\u002Fcaido\u002Fcaido) | Lightweight web security auditing toolkit — Burp alternative in Rust. | 🟡 | `sudo` |\n| [CheckURL](https:\u002F\u002Fgithub.com\u002FUndeadSec\u002FcheckURL) | Detect evil URLs that use IDN Homograph Attack. | 🟢 | — |\n| [Dirb](https:\u002F\u002Fgitlab.com\u002Fkalilinux\u002Fpackages\u002Fdirb) | Web Content Scanner — existing and hidden Web Objects. | 🟡 | `interactive` `sudo` |\n| [Dirsearch](https:\u002F\u002Fgithub.com\u002Fmaurosoria\u002Fdirsearch) | Web path brute-forcing — directories and files on web servers. | 🟢 | — |\n| [Feroxbuster](https:\u002F\u002Fgithub.com\u002Fepi052\u002Fferoxbuster) | Fast, recursive content discovery tool in Rust. | 🟡 | `sudo` `long` |\n| [ffuf](https:\u002F\u002Fgithub.com\u002Fffuf\u002Fffuf) | Fast web fuzzer — content, parameter, vhost discovery. | 🟢 | `long` |\n| [Gobuster](https:\u002F\u002Fgithub.com\u002FOJ\u002Fgobuster) | Directory\u002Ffile, DNS, and vhost brute-forcing in Go. | 🟢 | — |\n| [Katana](https:\u002F\u002Fgithub.com\u002Fprojectdiscovery\u002Fkatana) | Next-generation crawling and spidering framework. | 🟢 | — |\n| [mitmproxy](https:\u002F\u002Fgithub.com\u002Fmitmproxy\u002Fmitmproxy) | Interactive TLS-capable intercepting HTTP proxy. | 🟢 | — |\n| [Nikto](https:\u002F\u002Fgithub.com\u002Fsullo\u002Fnikto) | Scan web servers for dangerous files, outdated software, misconfig. | 🟡 | `sudo` |\n| [Nuclei](https:\u002F\u002Fgithub.com\u002Fprojectdiscovery\u002Fnuclei) | Fast, template-based vulnerability scanner used by 50k+ teams. | 🟢 | — |\n| [OWASP ZAP](https:\u002F\u002Fgithub.com\u002Fzaproxy\u002Fzaproxy) | Full-featured web application security scanner. | 🟡 | `sudo` `gui` |\n| Skipfish | Automated active web application security reconnaissance. | 🟡 | `sudo` |\n| [Sub-Domain TakeOver](https:\u002F\u002Fgithub.com\u002Fedoardottt\u002Ftakeover) | Sub-domain takeover scanner. | 🟡 | — |\n| [Sublist3r](https:\u002F\u002Fgithub.com\u002Faboul3la\u002FSublist3r) | Enumerate subdomains of websites using OSINT. | 🟡 | `sudo` |\n| [testssl.sh](https:\u002F\u002Fgithub.com\u002Fdrwetter\u002Ftestssl.sh) | Check TLS\u002FSSL ciphers, protocols, and cryptographic flaws. | 🟢 | — |\n| [wafw00f](https:\u002F\u002Fgithub.com\u002FEnableSecurity\u002Fwafw00f) | Fingerprint and identify Web Application Firewalls (WAF). | 🟢 | — |\n| [Web2Attack](https:\u002F\u002Fgithub.com\u002Fsantatic\u002Fweb2attack) | Web hacking framework with tools and exploits. | 🟡 | `sudo` |\n\n### 🔧 Post Exploitation (10)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Chisel](https:\u002F\u002Fgithub.com\u002Fjpillora\u002Fchisel) | Fast TCP\u002FUDP tunnel over HTTP — pivoting and port forwarding. | 🟢 | — |\n| [Chrome Keylogger](https:\u002F\u002Fgithub.com\u002FUndeadSec\u002FHeraKeylogger) | Hera Chrome Keylogger. | 🟡 | `sudo` |\n| [Evil-WinRM](https:\u002F\u002Fgithub.com\u002FHackplayers\u002Fevil-winrm) | Ultimate WinRM shell for Windows pentesting. | 🟢 | — |\n| [Havoc](https:\u002F\u002Fgithub.com\u002FHavocFramework\u002FHavoc) | Modern post-exploitation C2 framework with EDR evasion. | 🟢 | — |\n| [Ligolo-ng](https:\u002F\u002Fgithub.com\u002Fnicocha30\u002Fligolo-ng) | Advanced tunneling\u002Fpivoting via TUN interfaces. | 🟢 | — |\n| [Mythic](https:\u002F\u002Fgithub.com\u002Fits-a-feature\u002FMythic) | Collaborative multi-payload C2 platform for red team ops. | 🟡 | `sudo` |\n| [PEASS-ng (LinPEAS\u002FWinPEAS)](https:\u002F\u002Fgithub.com\u002Fpeass-ng\u002FPEASS-ng) | Privilege escalation enumeration for Linux and Windows. | 🟢 | — |\n| [pwncat-cs](https:\u002F\u002Fgithub.com\u002Fcalebstewart\u002Fpwncat) | Post-exploitation platform — manages reverse\u002Fbind shells. | 🟢 | — |\n| [Sliver](https:\u002F\u002Fgithub.com\u002FBishopFox\u002Fsliver) | Cross-platform adversary emulation \u002F red team C2. | 🟡 | `sudo` |\n| [Vegile (Ghost In The Shell)](https:\u002F\u002Fgithub.com\u002FScreetsec\u002FVegile) | Set up backdoor\u002Frootkits when a backdoor is already set up. | 🟡 | `sudo` |\n\n### 🕵 Forensics (8)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| Autopsy | Forensic investigation platform. | 🟡 | `sudo` `gui` |\n| [Binwalk](https:\u002F\u002Fgithub.com\u002FReFirmLabs\u002Fbinwalk) | Analyze, reverse engineer, and extract firmware images. | 🟢 | — |\n| [Bulk extractor](https:\u002F\u002Fgithub.com\u002Fsimsong\u002Fbulk_extractor) | Extract useful information without parsing the file system. | 🟡 | — |\n| [Guymager (Disk Clone \u002F ISO)](https:\u002F\u002Fguymager.sourceforge.io\u002F) | Free forensic imager for media acquisition. | 🟡 | `sudo` |\n| [pspy](https:\u002F\u002Fgithub.com\u002FDominicBreuker\u002Fpspy) | Monitor Linux processes without root — cron jobs, scheduled tasks. | 🟢 | — |\n| [Toolsley](https:\u002F\u002Fwww.toolsley.com\u002F) | Ten-plus useful tools for investigation. | 🟡 | — |\n| [Volatility 3](https:\u002F\u002Fgithub.com\u002Fvolatilityfoundation\u002Fvolatility3) | World's most widely used memory forensics framework. | 🟡 | `interactive` |\n| Wireshark | Network capture and analyzer. | 🟡 | `sudo` `gui` |\n\n### 📦 Payload Creation (8)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Brutal](https:\u002F\u002Fgithub.com\u002FScreetsec\u002FBrutal) | Toolkit for payloads, powershell attacks, HID attacks. | 🟡 | `sudo` |\n| [Enigma](https:\u002F\u002Fgithub.com\u002FUndeadSec\u002FEnigma) | Multiplatform payload dropper. | 🟡 | `sudo` |\n| [Mob-Droid](https:\u002F\u002Fgithub.com\u002Fkinghacker0\u002FMob-Droid) | Generate metasploit payloads easily. | 🟡 | `sudo` |\n| [MSFvenom Payload Creator](https:\u002F\u002Fgithub.com\u002Fg0tmi1k\u002Fmsfpc) | Wrapper to generate multiple types of payloads. | 🟡 | `sudo` |\n| [Spycam](https:\u002F\u002Fgithub.com\u002Findexnotfound404\u002Fspycam) | Win32 payload that captures webcam images every minute. | 🟢 | — |\n| [Stitch](https:\u002F\u002Fnathanlopez.github.io\u002FStitch) | Cross Platform Python Remote Administrator Tool. | 🟡 | `sudo` |\n| [The FatRat](https:\u002F\u002Fgithub.com\u002FScreetsec\u002FTheFatRat) | Backdoor\u002Fpayload generation that can bypass most AV. | 🟡 | `sudo` |\n| [Venom Shellcode Generator](https:\u002F\u002Fgithub.com\u002Fr00t-3xp10it\u002Fvenom) | Exploits apache2 to deliver LAN payloads via fake webpages. | 🟡 | `sudo` |\n\n### 🧰 Exploit Framework (3)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Commix](https:\u002F\u002Fgithub.com\u002Fcommixproject\u002Fcommix) | Automated OS command injection and exploitation tool. | 🟡 | `interactive` `sudo` |\n| [RouterSploit](https:\u002F\u002Fgithub.com\u002Fthreat9\u002Froutersploit) | Exploitation framework dedicated to embedded devices. | 🟡 | `sudo` |\n| [WebSploit](https:\u002F\u002Fgithub.com\u002FThe404Hacking\u002Fwebsploit) | Advanced MITM framework. | 🟡 | `sudo` |\n\n### 🔁 Reverse Engineering (5)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Androguard](https:\u002F\u002Fgithub.com\u002Fandroguard\u002Fandroguard) | Reverse engineering and malware analysis of Android apps. | 🟡 | `sudo` |\n| [Apk2Gold](https:\u002F\u002Fgithub.com\u002Flxdvs\u002Fapk2gold) | CLI tool for decompiling Android apps to Java. | 🟡 | `interactive` `sudo` |\n| [Ghidra](https:\u002F\u002Fgithub.com\u002FNationalSecurityAgency\u002Fghidra) | NSA's software reverse engineering framework. | 🟡 | `sudo` `gui` |\n| [JadX](https:\u002F\u002Fgithub.com\u002Fskylot\u002Fjadx) | Dex to Java decompiler. | 🟡 | `sudo` |\n| [Radare2](https:\u002F\u002Fgithub.com\u002Fradareorg\u002Fradare2) | Portable UNIX-like reverse engineering framework. | 🟢 | — |\n\n### ⚡ DDOS (6)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Asyncrone (SYN Flood)](https:\u002F\u002Fgithub.com\u002Ffatihsnsy\u002FaSYNcrone) | C-based multifunction SYN Flood weapon. | 🟡 | `interactive` `sudo` `long` |\n| [DDoS Script](https:\u002F\u002Fgithub.com\u002Fthe-deepnet\u002Fddos) | DDoS attack script — 36+ methods. | 🟡 | `interactive` `sudo` `long` |\n| [GoldenEye](https:\u002F\u002Fgithub.com\u002Fjseidl\u002FGoldenEye) | Python3 stress testing app. | 🟡 | `interactive` `long` |\n| [SaphyraDDoS](https:\u002F\u002Fgithub.com\u002Fanonymous24x7\u002FSaphyra-DDoS) | Python DDoS script. | 🟡 | `interactive` `long` |\n| SlowLoris | HTTP Denial of Service attack. | 🟡 | `interactive` `sudo` `long` |\n| [UFOnet](https:\u002F\u002Fgithub.com\u002Fepsylon\u002Fufonet) | P2P cryptographic disruptive toolkit for DoS\u002FDDoS. | 🟡 | `gui` `long` |\n\n### 🖥 RAT (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Pyshell](https:\u002F\u002Fgithub.com\u002Fknassar702\u002Fpyshell) | RAT with file upload\u002Fdownload. | 🟢 | — |\n\n### 💥 XSS (9)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [XSStrike](https:\u002F\u002Fgithub.com\u002FUltimateHackers\u002FXSStrike) | Python-based XSS detection and exploitation tool. | 🟡 | `sudo` |\n| [DalFox](https:\u002F\u002Fgithub.com\u002Fhahwul\u002Fdalfox) | XSS scanning and parameter analysis tool. | 🟡 | `sudo` |\n| [Extended XSS Searcher](https:\u002F\u002Fgithub.com\u002FDamian89\u002Fextended-xss-search) | Extended XSS searcher and finder. | 🟡 | `interactive` |\n| [RVuln](https:\u002F\u002Fgithub.com\u002Fiinc0gnit0\u002FRVuln) | Multi-threaded web vulnerability scanner in Rust. | 🟡 | `sudo` |\n| [XanXSS](https:\u002F\u002Fgithub.com\u002FEkultek\u002FXanXSS) | Reflected XSS searching tool with template-based payloads. | 🟡 | — |\n| [XSpear](https:\u002F\u002Fgithub.com\u002Fhahwul\u002FXSpear) | XSS scanner built on Ruby Gems. | 🟢 | — |\n| [XSS Payload Generator](https:\u002F\u002Fgithub.com\u002Fcapture0x\u002FXSS-LOADER.git) | XSS payload generator, scanner, and dork finder. | 🟡 | `sudo` |\n| [XSS-Freak](https:\u002F\u002Fgithub.com\u002FPR0PH3CY33\u002FXSS-Freak) | XSS scanner written in Python 3. | 🟡 | `sudo` |\n| [XSSCon](https:\u002F\u002Fgithub.com\u002Fmenkrep1337\u002FXSSCon) | XSS scanner. | 🟡 | `interactive` `sudo` |\n\n### 🖼 Steganography (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| SteganoHide | Hide\u002Fretrieve data in image or audio files. | 🟡 | `interactive` `sudo` |\n| StegnoCracker | Brute force hidden data inside files. | 🟡 | `interactive` `long` |\n| [StegoCracker](https:\u002F\u002Fgithub.com\u002FW1LDN16H7\u002FStegoCracker) | Hide and retrieve data in image or audio files. | 🟡 | `sudo` |\n| [Whitespace](https:\u002F\u002Fgithub.com\u002Fbeardog108\u002Fsnow10) | Steganography via whitespace and unicode. | 🟡 | `sudo` |\n\n### 🏢 Active Directory (6)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [BloodHound](https:\u002F\u002Fgithub.com\u002FBloodHoundAD\u002FBloodHound) | Graph theory to reveal hidden attack paths in AD\u002FAzure. | 🟡 | `sudo` |\n| [Certipy](https:\u002F\u002Fgithub.com\u002Fly4k\u002FCertipy) | Active Directory Certificate Services enumeration and abuse. | 🟢 | — |\n| [Impacket](https:\u002F\u002Fgithub.com\u002Ffortra\u002Fimpacket) | Python classes for SMB, MSRPC, Kerberos, LDAP. | 🟢 | — |\n| [Kerbrute](https:\u002F\u002Fgithub.com\u002Fropnop\u002Fkerbrute) | Kerberos pre-auth brute-forcer — enumeration and spraying. | 🟢 | — |\n| [NetExec (nxc)](https:\u002F\u002Fgithub.com\u002FPennyw0rth\u002FNetExec) | Swiss army knife for Windows\u002FAD pentesting — CrackMapExec successor. | 🟢 | — |\n| [Responder](https:\u002F\u002Fgithub.com\u002Flgandx\u002FResponder) | LLMNR\u002FNBT-NS\u002FMDNS poisoner for credential capture. | 🟡 | `sudo` |\n\n### ☁ Cloud Security (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Pacu](https:\u002F\u002Fgithub.com\u002FRhinoSecurityLabs\u002Fpacu) | AWS exploitation framework for offensive security testing. | 🟢 | — |\n| [Prowler](https:\u002F\u002Fgithub.com\u002Fprowler-cloud\u002Fprowler) | Security tool for AWS, Azure, GCP, Kubernetes. | 🟢 | — |\n| [ScoutSuite](https:\u002F\u002Fgithub.com\u002Fnccgroup\u002FScoutSuite) | Multi-cloud security auditing tool. | 🟢 | — |\n| [Trivy](https:\u002F\u002Fgithub.com\u002Faquasecurity\u002Ftrivy) | Vulnerability scanner for containers, Kubernetes, IaC. | 🟡 | `sudo` |\n\n### 📱 Mobile Security (3)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Frida](https:\u002F\u002Fgithub.com\u002Ffrida\u002Ffrida) | Dynamic instrumentation toolkit for runtime hooking. | 🟢 | — |\n| [MobSF](https:\u002F\u002Fgithub.com\u002FMobSF\u002FMobile-Security-Framework-MobSF) | All-in-one mobile app pentesting and malware analysis. | 🟢 | — |\n| [Objection](https:\u002F\u002Fgithub.com\u002Fsensepost\u002Fobjection) | Runtime mobile exploration powered by Frida. | 🟢 | — |\n\n### ✨ Other (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [HatCloud](https:\u002F\u002Fgithub.com\u002FHatBashBR\u002FHatCloud) | Ruby tool to bypass CloudFlare and discover real IP. | 🟡 | `interactive` |\n\n### 📱 Android Attack (5)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [DroidCam (Capture Image)](https:\u002F\u002Fgithub.com\u002Fkinghacker0\u002FWishFish) | Grab front camera snap using a link. | 🟡 | `sudo` |\n| [EvilApp](https:\u002F\u002Fgithub.com\u002Fcrypticterminal\u002FEvilApp) | Android App that hijacks authenticated sessions in cookies. | 🟢 | — |\n| [Keydroid](https:\u002F\u002Fgithub.com\u002FF4dl0\u002Fkeydroid) | Android Keylogger + Reverse Shell. | 🟢 | — |\n| [Lockphish](https:\u002F\u002Fgithub.com\u002FJasonJerry\u002Flockphish) | Lock-screen phishing. | 🟢 | — |\n| [MySMS](https:\u002F\u002Fgithub.com\u002Fpapusingh2sms\u002Fmysms) | Android App that hacks SMS through WAN. | 🟢 | — |\n\n### 📧 Email Verifier (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Knockmail](https:\u002F\u002Fgithub.com\u002Fheywoodlh\u002FKnockMail) | Verify if an email exists. | 🟡 | `sudo` |\n\n### 🔑 Hash Crack (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Hash Buster](https:\u002F\u002Fgithub.com\u002Fs0md3v\u002FHash-Buster) | Hash cracking via public hash databases. | 🟢 | — |\n\n### 🎭 Homograph (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [EvilURL](https:\u002F\u002Fgithub.com\u002FUndeadSec\u002FEvilURL) | Unicode evil domains for IDN Homograph Attack. | 🟢 | — |\n\n### 🧪 Mix Tools (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Crivo](https:\u002F\u002Fgithub.com\u002FGMDSantana\u002Fcrivo) | Extract and filter URLs, IPs, domains, and subdomains. | 🟡 | — |\n| Terminal Multiplexer | Tilix — tiling terminal emulator. | 🟡 | `sudo` |\n\n### 💉 Payload Injection (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Debinject](https:\u002F\u002Fgithub.com\u002FUndeadSec\u002FDebinject) | Inject malicious code into *.debs. | 🟢 | — |\n| [Pixload](https:\u002F\u002Fgithub.com\u002Fchinarulezzz\u002Fpixload) | Image Payload Creating tools. | 🟡 | `sudo` |\n\n### 📱 Social Media (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [AllinOne SocialMedia Attack](https:\u002F\u002Fgithub.com\u002FMatrix07ksa\u002FBrute_Force) | Brute-force Gmail, Hotmail, Twitter, Facebook, Netflix. | 🟡 | `sudo` |\n| [Application Checker](https:\u002F\u002Fgithub.com\u002Fjakuta-tech\u002Funderhanded) | Check if an app is installed on the target via link. | 🟡 | `sudo` |\n| [Facebook Attack](https:\u002F\u002Fgithub.com\u002FMatrix07ksa\u002FBrute_Force) | Facebook BruteForcer. | 🟡 | `interactive` `sudo` |\n| [Instagram Attack](https:\u002F\u002Fgithub.com\u002Fchinoogawa\u002FinstaBrute) | Brute force attack against Instagram. | 🟡 | `archived` |\n\n### 🔎 Social Media Finder (4)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Find SocialMedia By Facial Recognition](https:\u002F\u002Fgithub.com\u002FGreenwolf\u002Fsocial_mapper) | Social Media Mapping Tool that correlates profiles. | 🟡 | `sudo` |\n| [Find SocialMedia By UserName](https:\u002F\u002Fgithub.com\u002FxHak9x\u002Ffinduser) | Find usernames across 75+ social networks. | 🟡 | `sudo` |\n| [Sherlock](https:\u002F\u002Fgithub.com\u002Fsherlock-project\u002Fsherlock) | Hunt down social media accounts by username. | 🟡 | `interactive` `sudo` |\n| [SocialScan](https:\u002F\u002Fgithub.com\u002Fiojw\u002Fsocialscan) | Check email and username availability on online platforms. | 🟡 | `interactive` |\n\n### 🕸 Web Crawling (1)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [Gospider](https:\u002F\u002Fgithub.com\u002Fjaeles-project\u002Fgospider) | Fast web spider written in Go. | 🟡 | `sudo` |\n\n### 📡 Wifi Jamming (2)\n\n| Tool | What it does | Claude | Flags |\n|---|---|:---:|---|\n| [KawaiiDeauther](https:\u002F\u002Fgithub.com\u002Faryanrtm\u002FKawaiiDeauther) | Pentest toolkit for wifi deauthentication. | 🟡 | `sudo` `hw` |\n| [WifiJammer-NG](https:\u002F\u002Fgithub.com\u002FMisterBianco\u002Fwifijammer-ng) | Continuously jam all wifi clients and APs within range. | 🟡 | `sudo` `hw` |\n\n---\n\n## Refreshing the tool index\n\nWhen upstream hackingtool adds tools, regenerate `data\u002Ftools.json` and the README table:\n\n```\npython ${CLAUDE_PLUGIN_ROOT}\u002Fscripts\u002Fht_index.py --hackingtool-path \u002Fpath\u002Fto\u002Fhackingtool\npython ${CLAUDE_PLUGIN_ROOT}\u002Fscripts\u002Fbuild_readme_table.py > new_table.md\n```\n\nIf hackingtool is a sibling directory of this repo, `--hackingtool-path` isn't needed — the script auto-detects.\n\n---\n\n## Directory layout\n\n```\nhackingtool-plugin\u002F\n├── .claude-plugin\u002F\n│   └── marketplace.json          # marketplace entry\n├── images\u002F                       # screenshots + logo\n├── README.md                     # this file\n└── plugins\u002Fhackingtool\u002F\n    ├── .claude-plugin\u002Fplugin.json\n    ├── data\u002Ftools.json           # generated index\n    ├── scripts\u002F\n    │   ├── ht_index.py           # (dev) regenerate tools.json\n    │   ├── build_readme_table.py # (dev) regenerate the table above\n    │   ├── ht_search.py          # query index\n    │   ├── ht_env.py             # detect backend\n    │   └── ht_run.py             # backend-aware tool runner\n    └── skills\u002Fpentest\u002F\n        ├── SKILL.md\n        └── reference\u002F\n            ├── workflows.md\n            └── runtime-fallbacks.md\n```\n\n---\n\n## Limitations\n\n- **Python 3.10+** required.\n- **No async tool streaming.** Long-running tools block until they finish or timeout.\n- **Docker backend** pulls `kalilinux\u002Fkali-rolling` on first use.\n- **Capability flags are heuristics.** If you find a mis-tagged tool, fix it in `data\u002Ftools.json` or open an issue.\n\n---\n\n## Credits\n\n- Upstream toolkit: [Z4nzu\u002Fhackingtool](https:\u002F\u002Fgithub.com\u002FZ4nzu\u002Fhackingtool) — all tool metadata, categorization, and screenshots originate from this project.\n- Plugin wrapper: [ariacodez](https:\u002F\u002Fgithub.com\u002FAKCODEZ) (AKCodez on GitHub).\n\n## License\n\nMIT. Upstream Z4nzu\u002Fhackingtool is also MIT-licensed.\n\n> **For authorized security testing, bug bounty, CTFs, and research only.**\n","hackingtool-plugin 是一个为 Claude Code 设计的插件，集成了 183 种渗透测试和开源情报工具。该项目使用 Python 编写，支持在 Linux、macOS 和 Windows（通过 WSL 或 Docker）上运行。它能够自动选择合适的后端环境，并利用预构建的 Docker 镜像来执行任务，从而简化了工具的安装和配置过程。适用于需要快速进行网络安全评估、漏洞扫描以及信息收集等场景的专业人士或团队。",2,"2026-06-11 02:41:07","CREATED_QUERY"]