├── AutoHackTools.png ├── AutoHackTools.py ├── README.md ├── requirements.txt └── tools.png /AutoHackTools.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DroidKali/AutoHackTools/2f947e917697c47914d9ace5ff1f29777c6d0a6f/AutoHackTools.png -------------------------------------------------------------------------------- /AutoHackTools.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: utf-8 -*- 3 | import os 4 | import re 5 | import sys 6 | import wget 7 | import json 8 | import glob 9 | import click 10 | import shutil 11 | import requests 12 | from bs4 import BeautifulSoup 13 | from art import text2art 14 | banner = text2art("AutoHackTools") 15 | print(banner) 16 | print("\033[32m作者: \033[33m记忆里的纯真\033[0m") 17 | print("\033[31mVersion: \033[34mv0.0.1\033[0m\n") 18 | 19 | def download_and_extract_utils(output): 20 | try: 21 | wget.download("https://ghproxy.com/https://github.com/aria2/aria2/releases/download/release-1.36.0/aria2-1.36.0-win-64bit-build1.zip", out=output) 22 | except Exception: 23 | print("Aria2下载失败!请检查网络连接。") 24 | sys.exit(0) 25 | if os.path.exists(os.path.join(output, "aria2-1.36.0-win-64bit-build1.zip")): 26 | shutil.unpack_archive(os.path.join(output, "aria2-1.36.0-win-64bit-build1.zip"), output) 27 | os.remove(os.path.join(output, "aria2-1.36.0-win-64bit-build1.zip")) 28 | print("\nAria2下载和解压缩完成。\n") 29 | try: 30 | # wget.download("https://mirrors.bfsu.edu.cn/github-release/cmderdev/cmder/LatestRelease/cmder.zip", out=output) 31 | os.system("{} {} -s 64 -d {}".format(os.path.join(output, r"aria2-1.36.0-win-64bit-build1\aria2c.exe"), "https://mirrors.bfsu.edu.cn/github-release/cmderdev/cmder/LatestRelease/cmder.zip", output)) 32 | except Exception: 33 | print("Cmder最新版下载失败!请检查网络连接。") 34 | return 35 | if os.path.exists(os.path.join(output, "cmder.zip")): 36 | target_dir = os.path.join(output, "cmder") 37 | if not os.path.exists(target_dir): 38 | os.mkdir(target_dir) 39 | shutil.unpack_archive(os.path.join(output, "cmder.zip"), os.path.join(output, "cmder")) 40 | os.remove(os.path.join(output, "cmder.zip")) 41 | print("\nCmder下载和解压缩完成。\n") 42 | 43 | def download_and_extract_antsword(output): 44 | try: 45 | # wget.download("https://ghproxy.com/https://github.com/AntSwordProject/AntSword-Loader/releases/download/4.0.3/AntSword-Loader-v4.0.3-win32-x64.zip", out=output) 46 | os.system("{} {} -s 64 -d {}".format(os.path.join(output, r"aria2-1.36.0-win-64bit-build1\aria2c.exe"), "https://ghproxy.com/https://github.com/AntSwordProject/AntSword-Loader/releases/download/4.0.3/AntSword-Loader-v4.0.3-win32-x64.zip", output)) 47 | except Exception as e: 48 | print("下载AntSword-Loader 失败!请检查网络连接。") 49 | return 50 | shutil.unpack_archive(os.path.join(output, "AntSword-Loader-v4.0.3-win32-x64.zip"), output) 51 | os.remove(os.path.join(output, "AntSword-Loader-v4.0.3-win32-x64.zip")) 52 | print("\nAntSword-Loader下载和解压缩完成。\n") 53 | 54 | def download_and_extract_behinder(output, token): 55 | headers = {"Authorization": f"token {token}"} if token else None 56 | resp = requests.get("https://api.github.com/repos/rebeyond/Behinder/releases/latest", headers=headers) 57 | if resp.status_code != 200: 58 | print("获取 Behinder 最新版本信息失败!请检查网络连接和 token 设置。") 59 | return 60 | repo_json_obj = resp.json() 61 | tools_version = str(repo_json_obj["tag_name"]) 62 | assets_lists = repo_json_obj["assets"] 63 | zipball_url = repo_json_obj["zipball_url"] 64 | if not tools_version or not assets_lists or not zipball_url: 65 | print(f"\n解析 Behinder 最新版本信息失败,请检查 GitHub API 返回数据。") 66 | return 67 | for assets in assets_lists: 68 | browser_download_url = assets["browser_download_url"] 69 | if "Behinder" in browser_download_url: 70 | try: 71 | filename = browser_download_url.split("/")[-1] 72 | url = "https://ghproxy.com/" + browser_download_url 73 | # wget.download(url, out=output) 74 | os.system("{} {} -s 64 -d {}".format(os.path.join(output, r"aria2-1.36.0-win-64bit-build1\aria2c.exe"), url, output)) 75 | except Exception as e: 76 | print("下载 Behinder 最新版本失败!请检查网络连接。") 77 | return 78 | if os.path.exists(os.path.join(output, filename)): 79 | if not os.path.exists(os.path.join(output, "Behinder")): 80 | os.mkdir(os.path.join(output, "Behinder")) 81 | shutil.unpack_archive(os.path.join(output, filename), os.path.join(output, "Behinder")) 82 | os.remove(os.path.join(output, filename)) 83 | print("\nBehinder下载和解压缩完成。\n") 84 | 85 | def download_yakit(output): 86 | resp = requests.get("https://yaklang.oss-cn-beijing.aliyuncs.com/yak/latest/yakit-version.txt") 87 | if resp.status_code != 200: 88 | print("获取Yakit 最新版本信息失败!请检查网络连接。") 89 | return 90 | yakit_version = resp.text.replace("\n", "") 91 | try: 92 | # wget.download("https://yaklang.oss-cn-beijing.aliyuncs.com/yak/" + yakit_version + "/Yakit-" + yakit_version + "-windows-amd64.exe", out=output) 93 | os.system("{} {} -s 64 -d {}".format(os.path.join(output, r"aria2-1.36.0-win-64bit-build1\aria2c.exe"), "https://yaklang.oss-cn-beijing.aliyuncs.com/yak/" + yakit_version + "/Yakit-" + yakit_version + "-windows-amd64.exe", output)) 94 | except Exception: 95 | print("下载Yakit最新版本失败!请检查网络连接。") 96 | return 97 | filename = "Yakit-" + yakit_version + "-windows-amd64.exe" 98 | if os.path.exists(os.path.join(output, filename)): 99 | print("\nYakit最新版本下载完成。") 100 | 101 | def download_and_extract_goby(output): 102 | resp = requests.get("https://gobies.cn/api/version-list") 103 | if resp.status_code != 200: 104 | print("获取Goby最新版本信息失败!请检查网络连接。") 105 | return 106 | json_obj = json.loads(resp.text) 107 | json_str = json.dumps(json_obj) 108 | win_download_url = re.findall(r'"win_download_url": "(.+?)"', json_str)[0] 109 | try: 110 | # wget.download(win_download_url, out=os.path.join(output, "goby.zip")) 111 | os.system("{} {} -s 64 -d {}".format(os.path.join(output, r"aria2-1.36.0-win-64bit-build1\aria2c.exe"), '"' + win_download_url + '"', output)) 112 | except Exception: 113 | print("下载Goby最新版本失败!请检查网络连接。") 114 | return 115 | current_dir = os.getcwd() 116 | for file in os.listdir(current_dir): 117 | if file.startswith('goby-win-x64-') and file.endswith('zip'): 118 | shutil.unpack_archive(os.path.join(output, file), output) 119 | os.remove(os.path.join(output, file)) 120 | print("\nGoby下载和解压缩完成。\n") 121 | 122 | @click.command() 123 | @click.option("-o", "--output", required=True, type=click.Path(exists=False), help="请输入要安装的工具目录。") 124 | @click.option("-t", "--token", type=str, help="请输入GitHub Token,用以突破GitHub API速率限制。") 125 | def download_extract_hacktools(output, token=None): 126 | if not os.path.exists(output): 127 | os.mkdir(output) 128 | download_and_extract_utils(output) 129 | download_and_extract_antsword(output) 130 | download_and_extract_behinder(output, token) 131 | download_yakit(output) 132 | download_and_extract_goby(output) 133 | tools_list = [ 134 | "https://github.com/projectdiscovery/dnsx", 135 | "https://github.com/projectdiscovery/naabu", 136 | "https://github.com/projectdiscovery/subfinder", 137 | "https://github.com/projectdiscovery/httpx", 138 | "https://github.com/projectdiscovery/katana", 139 | "https://github.com/projectdiscovery/uncover", 140 | "https://github.com/projectdiscovery/nuclei", 141 | "https://github.com/projectdiscovery/notify", 142 | "https://github.com/projectdiscovery/pdtm", 143 | "https://github.com/projectdiscovery/proxify", 144 | "https://github.com/ffuf/ffuf", 145 | "https://github.com/chaitin/xray" 146 | ] 147 | 148 | for url in tools_list: 149 | api_url = "https://api.github.com/repos/" + url.split("/")[-2] + "/" + url.split("/")[-1] + "/releases/latest" 150 | headers = {"Authorization": f"token {token}"} if token else None 151 | resp = requests.get(api_url, headers=headers) 152 | if resp.status_code != 200: 153 | print(f"\n获取 {url} 最新版本信息失败,状态码为 {resp.status_code}, 请检查网络连接和 token 设置。") 154 | continue 155 | 156 | repos_json_obj = resp.json() 157 | tools_version = str(repos_json_obj["tag_name"]) 158 | assets_lists = repos_json_obj["assets"] 159 | zipball_url = repos_json_obj["zipball_url"] 160 | if not tools_version or not assets_lists or not zipball_url: 161 | print(f"\n解析 {url} 最新版本信息失败,请检查 GitHub API 返回数据。") 162 | continue 163 | 164 | print(f"\n{url} 工具的版本为: \n{tools_version}") 165 | for assets in assets_lists: 166 | browser_download_url = assets["browser_download_url"] 167 | if "windows_amd64" in browser_download_url: 168 | if not os.path.exists(output): 169 | os.mkdir(output) 170 | file_name = browser_download_url.split("/")[-1] 171 | file_path = os.path.join(output, file_name) 172 | if os.path.exists(file_path): 173 | print(f"\n文件 {file_name} 已经存在,跳过下载。") 174 | continue 175 | 176 | if not os.path.exists(file_path): 177 | tools_download_url = "https://ghproxy.com/" + browser_download_url 178 | print(f"\n正在下载 {url} 的 {tools_version} 版本...\n") 179 | try: 180 | # wget.download(tools_download_url, out=output) 181 | os.system("{} {} -s 64 -d {}".format(os.path.join(output, r"aria2-1.36.0-win-64bit-build1\aria2c.exe"), tools_download_url, output)) 182 | except Exception as e: 183 | print(f"\n下载 {url} 的 {tools_version} 版本失败: {str(e)}") 184 | 185 | for file in os.listdir(output): 186 | file_path = os.path.join(output, file) 187 | if os.path.isfile(file_path) and file.endswith(".zip"): 188 | shutil.unpack_archive(file_path, output) 189 | 190 | zip_files = glob.glob(os.path.join(output, "*.zip")) 191 | md_files = glob.glob(os.path.join(output, "*.md")) 192 | license_files = glob.glob(os.path.join(output, "LICENSE")) 193 | files_to_delete = [] 194 | files_to_delete.extend(zip_files) 195 | files_to_delete.extend(md_files) 196 | files_to_delete.extend(license_files) 197 | for file_path in files_to_delete: 198 | os.remove(file_path) 199 | 200 | git_source = [ 201 | "https://github.com/sqlmapproject/sqlmap", 202 | "https://github.com/AntSwordProject/antSword", 203 | "https://github.com/shadow1ng/fscan", 204 | "https://github.com/pingc0y/URLFinder", 205 | "https://github.com/projectdiscovery/fuzzing-templates", 206 | "https://github.com/projectdiscovery/nuclei-templates", 207 | "https://github.com/maurosoria/dirsearch", 208 | "https://github.com/kelvinBen/AppInfoScanner", 209 | "https://github.com/rootclay/WMIHACKER", 210 | "https://github.com/XiaoliChan/wmiexec-Pro", 211 | "https://github.com/xmendez/wfuzz", 212 | "https://github.com/shmilylty/OneForAll" 213 | ] 214 | 215 | for url in git_source: 216 | url = "https://ghproxy.com/" + url 217 | git = os.path.join(output, r"cmder\vendor\git-for-windows\bin\git.exe") 218 | path = os.path.join(output, url.split("/")[-1]) 219 | os.system("{} clone --depth=1 {} {}".format(git, url, path)) 220 | 221 | if __name__ == "__main__": 222 | download_extract_hacktools() 223 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ![License](https://img.shields.io/badge/Version-V0.0.1-red) ![Language](https://img.shields.io/badge/Language-Python3-blue) ![License](https://img.shields.io/badge/License-GPL3.0-orange) 2 | 3 | ## AutoHackTools 4 | 5 | AutoHackTools是一个用于快速部署常用安全渗透工具的轻量级脚本。 6 | 7 | 旨在帮助安全从业者快速搭建常用渗透测试环境,方便快速开展安全渗透测试任务,节约软件的安装部署时间,从而提升工作效率。 8 | 9 | ## 免责声明 10 | 11 | 请勿将本项目技术或代码应用在恶意软件制作、软件著作权/知识产权盗取或不当牟利等非法用途中。实施上述行为或利用本项目对非自己著作权所有的程序进行数据嗅探将涉嫌违反《中华人民共和国刑法》第二百一十七条、第二百八十六条,《中华人民共和国网络安全法》《中华人民共和国计算机软件保护条例》等法律规定。本项目提及的技术仅可用于私人学习测试等合法场景中,任何不当利用该技术所造成的刑事、民事责任均与本项目作者无关。 12 | 13 | ## 环境说明 14 | 15 | - Python3及以上版本 (无Python环境可以从[releases](https://github.com/DroidKali/AutoHackTools/releases)页面下载打包好的EXE文件运行。) 16 | - GitHub Token 17 | 18 | ## 使用方法 19 | 20 | ```bash 21 | git clone https://github.com/DroidKali/AutoHackTools.git 22 | cd AutoHackTools 23 | python -m pip install -r requirements.txt 24 | python AutoHackTools.py -o HackTools 25 | ``` 26 | ## 参数说明 27 | 28 | ```txt 29 | -o 指定要安装的工具目录,必填。 30 | -t 指定GitHub Token, 未登录GitHub时,每小时只能请求60次,可能会导致部分工具下载失败,建议配置 31 | ``` 32 | 33 | ## 已支持的工具列表 34 | - AntSword 35 | - AppInfoScanner 36 | - Behinder 37 | - dirsearch 38 | - ffuf 39 | - fscan 40 | - goby 41 | - OneForAll 42 | - ProjectDiscovery Tools (全家桶) 43 | - sqlmap 44 | - URLFinder 45 | - wfuzz 46 | - wmiexec-Pro 47 | - WMIHACKER 48 | - xray 49 | - Yakit 50 | 51 | ## 效果展示 52 | ![效果展示](AutoHackTools.png) 53 | 54 | ![tools](tools.png) -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | art 2 | bs4 3 | click 4 | requests 5 | wget -------------------------------------------------------------------------------- /tools.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DroidKali/AutoHackTools/2f947e917697c47914d9ace5ff1f29777c6d0a6f/tools.png --------------------------------------------------------------------------------