Share
## https://sploitus.com/exploit?id=5650C3B4-FE0C-5F33-AE97-C8572C9ADB03
# HOV4X
HOVAX - 45 Modules Security Toolkit for Penetration Testing. Features: OSINT, Web Vuln Scanner (SQLi/XSS/LFI/RCE), WAF Bypass, JWT Cracker, GraphQL Exploit, Spring4Shell, HTTP Smuggling, Parameter Miner, DDOS, Google Dork. For educational use only. Authorized testing only.
# HOV4X - Ultimate Security Toolkit
**Author:** karbitzz/kingmu
**Version:** 1.0
**Modules:** 45
## Description
HOV4X is a comprehensive security testing framework with 45 modules for penetration testing, OSINT, vulnerability assessment, and exploitation.
## Features
- OSINT (Phone, IP, Domain tracking)
- Web vulnerability scanners (SQLi, XSS, LFI, RCE, SSTI, SSRF)
- Network penetration tools
- WordPress scanner & brute force
- WAF bypass & CloudFlare bypass
- JWT token cracker & forger
- HTTP request smuggling exploit
- GraphQL introspection exploit
- Spring4Shell (CVE-2022-22965)
- Parameter miner (ParamSpider style)
- DDOS brutal
- 45+ total modules
## Installation
### Termux
```bash
pkg update && pkg upgrade
pkg install python git
pip install requests dnspython beautifulsoup4 cloudscraper pynput pyjwt
git clone https://github.com/karbitzz/HOV4X
cd HOV4X
python hovax.py
```
### LINUX
``` bash
Install dependencies
sudo apt update
sudo apt install python3 python3-pip git -y
Clone repository
git clone https://github.com/karbitzz/HOV4X
cd HOV4X
Install Python packages
pip3 install requests dnspython beautifulsoup4 cloudscraper pynput pyjwt
Run
python3 hovax.py
```
Menu List (45 Modules)
Menu Function
1 Phone OSINT
2 IP Tracker
3 Domain OSINT
4 JS Secret Harvester
5 SSRF Probe Chain
6 Port Scanner
7 Subdomain Enum
8 Network Scanner
9 DNS Lookup
10 XSS Scanner
11 WPScan
12 CVE Scanner
13 Directory Buster
14 Admin Finder
15 Cloud Metadata
16 API Discovery
17 GraphQL Scanner
18 Websocket Scanner
19 XXE Scanner
20 SSTI Scanner
21 LFI/RFI Scanner
22 RCE Scanner
23 Open Redirect
24 CORS Scanner
25 CSRF Detector
26 Rate Limit Tester
27 Telegram Report
28 Auto IP Changer
29 AutoRecon
30 Web Deface
31 Email Bomber
32 Cloud Shell
33 PHPInfo Finder
34 DDOS Brutal
35 WAF Bypass
36 Crawler Extractor
37 JWT Cracker
38 Config Finder
39 HTTP Smuggling
40 Google Dork
41 Robots.txt Analyzer
42 CRLF Injection
43 GraphQL Exploit
44 Spring4Shell
45 Parameter Miner
Disclaimer
For educational purposes only. Use only on authorized systems. The author is not responsible for any misuse.
created by karbitzz/kingmu