Cyber security

HackTools – All-in-one Red Team Browser Extension For Web Pentesters

The primary responsibility of red teaming is to assess malicious actors and attempt to breach the system genuinely.

Red teaming’s motto is to mitigate cognitive errors such as groupthink and confirmation bias, which can impede an organization’s or individual’s decision-making ability.

Red teaming is a cybersecurity training approach commonly utilized by private and public sectors.

The primary role of the red team is to identify the risks in your organization through conventional penetration testing.

Red Team Browser Extension – HackTools

HackTools is a red team web extension developed by Ludovic COULON & Riadh BOUCHAHOUA. The tool simplifies web application penetration testing by providing cheat sheets.

Also, it offers a variety of tools commonly used during a test, including XSS payloads, reverse shells, and other resources.

The extension eliminates the need to search for payloads on various websites or your local storage, as most tools are conveniently accessible with a single click.

You can access HackTools in either pop-up mode or a separate tab in the DevTools section of your browser using F12.

Functions:

  • Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)
  • Shell Spawning (TTY Shell Spawning)
  • MSF Venom Builder
  • XSS Payloads
  • Basic SQLi payloads
  • Local file inclusion payloads (LFI)
  • Data Encoding
  • Obfuscated Files or Information
  • Hash Generator (MD5, SHA1, SHA256, SHA512, SM3)
  • Useful Linux commands (Port Forwarding, SUID)
  • RSS Feed (Exploit DB, Cisco Security Advisories, CXSECURITY)
  • CVE Search Engine
  • Various methods of data exfiltration and download from a remote machine
XSS Detection
Reverse shell

For Chromium Based Browser

The download Google Chrome Extension

For Firefox Browser

To download Firefox browser add-ons

For Safari

Create a Safari web extension project using the command below. This is to be run once.

xcrun safari-web-extension-coverter [path_to_dist_folder]

Follow the instructions to create the project. The default language should be Swift.

  • Build project.
  • Open Safari and enable unsigned extensions; Develop → Allow Unsigned Extensions.
  • Open Safari → Preferences → Extensions and enable Hack-Tools
  • Click on the extension icon and switch to full-screen mode.

Please consider following and supporting us to stay updated with the latest information.

Linumonk

Leave a Comment
Share
Published by
Linumonk
Tags: kali linuxRed Team
2 years ago

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago