Share
## https://sploitus.com/exploit?id=C76AE793-C3CC-561C-8033-9D2DEB938625
# HackerAI Tools Collection

Koleksi lengkap **85 tools** hacking dan penetration testing yang ditulis dalam Python. Mencakup **13 kategori**: network scanning, web application security, exploitation, OSINT, wireless, spoofing, post-exploitation, cloud security, container security, forensics, tunneling, dan lain-lain.

## Quick Start

```bash
# Install dependencies
pip install -r requirements.txt

# Run master menu (interactive with sub-menu)
python hackerai.py

# List semua 84 tools
python hackerai.py --list

# Check dependencies
python hackerai.py  (lalu pilih D)

# Web Dashboard
python hackerai.py  (lalu pilih W)  →  browse http://localhost:8080
```

## Struktur Folder

```
tools-hacking/
 01-network/        - Network scanning & reconnaissance (8 tools)
 02-webapp/         - Web application security testing (10 tools)
 03-password/       - Password cracking & bruteforce (5 tools)
 04-exploitation/   - Exploitation & payload generation (17 tools)
 05-osint/          - Open Source Intelligence (4 tools)
 06-wireless/       - Wireless & packet analysis (5 tools)
 07-spoofing/       - ARP/DNS/MITM attacks (4 tools)
 08-postexploit/    - Post-exploitation & privesc (7 tools)
 09-misc/           - Miscellaneous tools (6 tools)
 10-cloud/          - Cloud security enumeration (3 tools) ⭐NEW
 11-containers/     - Container & K8s security (2 tools) ⭐NEW
 12-forensics/      - Digital forensics tools (3 tools) ⭐NEW
 13-tunnel/         - Tunneling & data exfil (3 tools) ⭐NEW
 wordlists/         - Custom wordlists (common, subdomains, passwords, users)
 reports/templates/ - Pentest report templates (HTML & Markdown)
 hackerai.py        - Master launcher (77+ tools)
 requirements.txt   - Python dependencies
```

## Daftar Tools (85 tools)

### 01 - Network Recon (9 tools)
- **network_scanner.py** - ARP-based host discovery pada subnet
- **port_scanner.py** - Multi-threaded TCP port scanner dengan banner grabbing
- **subdomain_enum.py** - DNS-based subdomain enumerator
- **banner_grabber.py** - Service version detection via banner
- **dns_zone_transfer.py** - DNS AXFR zone transfer tester
- **smb_scanner.py** - SMB enumeration & share listing
- **snmp_scanner.py** - SNMP community string brute + info extraction
- **ldap_scanner.py** - LDAP enumeration & anonymous bind
- **reverse_proxy_analyzer.py** - CDN & reverse proxy detector ⭐

### 02 - Web Application Security (10 tools)
- **web_scanner.py** - Comprehensive web security scanner
- **sqli_tester.py** - SQL injection detection (error-based & time-based)
- **xss_scanner.py** - XSS detection (reflected)
- **directory_bruteforce.py** - Hidden directory/file discovery
- **cms_detector.py** - CMS & technology identification
- **wordpress_scanner.py** - WordPress vulnerability & user enumeration
- **backup_finder.py** - Backup/recovery file scanner
- **git_exposure.py** - Git/SVN/DVCS config exposure scanner
- **api_fuzzer.py** - REST API & GraphQL endpoint fuzzer
- **cookie_analyzer.py** - Cookie security analyzer & JWT inspector ⭐

### 03 - Password & Bruteforce (7 tools)
- **hash_cracker.py** - Multi-algorithm hash cracker (MD5/SHA/NTLM)
- **hash_identifier.py** - Hash type detection (20+ algorithms) ⭐
- **http_bruteforce.py** - HTTP login bruteforcer (Basic/Digest/Form)
- **ssh_bruteforce.py** - SSH login bruteforcer
- **ftp_bruteforce.py** - FTP login bruteforcer
- **rdp_bruteforce.py** - RDP login bruteforcer ⭐
- **password_generator.py** - Strong password generator & strength checker

### 04 - Exploitation (18 tools)
- **listener.py** - Multi-client reverse shell listener
- **msfvenom_helper.py** - msfvenom command generator untuk 30+ payloads
- **payload_generator.py** - Encoded payload (XOR/base64/hex/unicode)
- **shellcode_encoder.py** - Shellcode encoding (XOR/alpha-mixed/NOP sled)
- **cve_finder.py** - CVE database search via NVD API
- **exploit_finder.py** - Exploit search di Exploit-DB & GitHub
- **persistence.py** - Persistence script generator (Windows/Linux)
- **lfi_tester.py** - LFI/RFI scanner (path traversal + wrappers)
- **command_injection.py** - OS command injection tester
- **ssti_scanner.py** - Server-Side Template Injection scanner
- **xxe_tester.py** - XML External Entity vulnerability tester
- **file_upload_tester.py** - File upload bypass & shell upload
- **cors_tester.py** - CORS misconfiguration checker
- **idor_tester.py** - IDOR (Insecure Direct Object Reference) scanner
- **csrf_tester.py** - CSRF vulnerability tester + PoC generator
- **jwt_analyzer.py** - JWT token decode/attack/bruteforce
- **waf_detector.py** - WAF detection with bypass encoding tests
- **web_shell_generator.py** - PHP/ASP/JSP web shell generator ⭐

### 05 - OSINT (4 tools)
- **osint_tool.py** - Multi-source OSINT gathering
- **email_harvester.py** - Email harvester dengan crawling
- **username_finder.py** - Username existence di 80+ platform
- **google_dorker.py** - Google dork generator (50+ dorks)

### 06 - Wireless & Sniffing (6 tools)
- **wifi_scanner.py** - WiFi network scanner (Linux)
- **wifi_deauth.py** - WiFi deauthentication attack
- **wifi_cracker.py** - WPA/WPA2 handshake capture & crack
- **packet_sniffer.py** - Network packet sniffer dengan PCAP output
- **bluetooth_scanner.py** - Bluetooth LE scanner
- **mac_changer.py** - MAC address changer (Windows/Linux)

### 07 - Spoofing & MITM (4 tools)
- **arp_spoofer.py** - ARP cache poisoning untuk MITM
- **dns_spoofer.py** - DNS response spoofing
- **dhcp_spoofer.py** - DHCP rogue server
- **netcut.py** - ARP-based network disruptor

### 08 - Post-Exploitation (8 tools)
- **win_privesc.py** - Windows privilege escalation checker
- **lin_privesc.py** - Linux privilege escalation checker
- **kernel_exploit_checker.py** - Kernel exploit suggester (60+ CVEs)
- **keylogger.py** - Keylogger (educational/authorized)
- **screenshot.py** - Screenshot tool
- **credential_harvester.py** - Credential search di host
- **log_cleaner.py** - Event logs & trace cleaner (Win/Linux)
- **dll_hijacker.py** - DLL hijacking opportunity finder ⭐

### 09 - Miscellaneous (7 tools)
- **steganography.py** - LSB steganography di image
- **stego_detector.py** - Steganalysis & detection ⭐
- **http_fuzzer.py** - HTTP parameter/path fuzzer
- **ddos_tool.py** - Authorized HTTP load tester
- **ssl_scanner.py** - SSL/TLS configuration scanner
- **network_discovery.py** - Multi-protocol network discovery
- **report_generator.py** - Export scan results to HTML/JSON/Markdown

### 10 - Cloud Security (3 tools) ⭐NEW
- **aws_enum.py** - AWS S3/IAM/EC2 enumeration
- **azure_enum.py** - Azure AD/Storage enumeration
- **gcp_enum.py** - GCP bucket/IAM/VM enumeration

### 11 - Container Security (2 tools) ⭐NEW
- **docker_enum.py** - Docker daemon enumeration & escape checks
- **k8s_enum.py** - Kubernetes RBAC/pod/secret enumeration

### 12 - Forensics (3 tools) ⭐NEW
- **memory_dump.py** - Memory acquisition & analysis
- **disk_analyzer.py** - MBR/GPT partition & file recovery
- **registry_reader.py** - Offline registry hive parser

### 13 - Tunneling (3 tools)
- **port_forward.py** - TCP port forwarder / SOCKS relay
- **dns_tunnel.py** - DNS tunneling (server + client)
- **icmp_tunnel.py** - ICMP tunneling (server + client)

### Bonus - OCySec OSINT Framework (`ocysint/`)
- **run.py** - Standalone OSINT framework (email, username, phone, domain, IP, dork)
- 9 modul + 3 format report (TXT/JSON/HTML)

## Cara Penggunaan

### Mode Interaktif (Sub-Menu)
```bash
python hackerai.py
```
Akan muncul menu utama 13 kategori → pilih kategori → pilih tool.

### Quick Actions
```bash
python hackerai.py --list    # List semua 84 tools
python hackerai.py           # lalu pilih D = Check dependencies
python hackerai.py           # lalu pilih W = Web Dashboard (port 8080)
```

### Mode Langsung
```bash
# Contoh: SQL injection test
python 02-webapp/sqli_tester.py -u "http://target.com/page?id=1"

# Contoh: Port scan
python 01-network/port_scanner.py -t 192.168.1.1 -p 1-1000

# Contoh: Generate hash cracker
python 03-password/hash_cracker.py -H 5f4dcc3b5aa765d61d8327deb882cf99 -t md5 -w wordlist.txt
```

## Tools yang Butuh Root/Admin

Tools berikut butuh privilege tinggi:
- network_scanner.py, wifi_scanner.py, wifi_deauth.py, wifi_cracker.py
- packet_sniffer.py, mac_changer.py, arp_spoofer.py
- dns_spoofer.py, dhcp_spoofer.py, netcut.py
- icmp_tunnel.py, dns_tunnel.py

Jalankan dengan:
- **Linux**: `sudo python .py`
- **Windows**: Buka CMD/PowerShell sebagai Administrator

## Dependencies

Install semua dependencies:
```bash
pip install -r requirements.txt
```

Atau install sesuai kebutuhan:
```bash
pip install scapy requests paramiko beautifulsoup4 Pillow pynput
```

## Tips

1. **Selalu dapatkan authorization** sebelum testing sistem apapun
2. **Gunakan VPN/proxy** saat testing untuk anonimitas
3. **Update wordlist** dari SecLists untuk hasil terbaik
4. **Kombinasikan tools** - recon dulu, baru targeted exploit
5. **Backup data** sebelum melakukan exploitation

## Legal Disclaimer

Tools ini dibuat untuk:
- Authorized penetration testing
- Educational purposes
- Security research
- CTF competitions
- Bug bounty programs

Penyalahgunaan tools ini untuk aktivitas ilegal adalah tanggung jawab pengguna sepenuhnya. Selalu dapatkan izin tertulis sebelum melakukan testing.