Most of the part of HconSTF is semi-automated but you still need your brain to work it out.
It can be use in all kind of security testing stages, it has tools for conducting tasks like,
-Web Penetration Testing
-Web Exploits Development
-Web Malware Analysis
-Open Source Intelligence ( Cyber Spying & Doxing )
Features:Hacker Friendly:
Fully Customizable, Versatile in Usage can be used in many Web related hacking needs, Simple and easy to use interface, small in size and light on resources. contains hundreds of features for :
-Web Penetration Testing
-Web Exploits Development
-Web Malware Analysis
-OSINT & Cyber spying
Exploitation ready:
Very comprehensive and plenty of tools for exploitation and supports verbose debugging features for Web Exploit Development.
WebUI:
HconSTF contains blend of online and offline tools for Pentesting called 'WebUI'.
includes scanners, encoders, and much more
IDB:
IDB is Integrated database with huge amount of Web payloads like :
-Xss
-Sqli
-LDAP
-Command execution
Osint Ready:
Helps in many Open source intelligence based tasks like
-Passive Web & Network Reconnaissance
-Doxing
-Cyber Spying
-Hash cracking
Huge amount of Plugins more than 165
Obfuscation Ready:
Encoding / Decoding & hashing Features and tools, supports wide variety of formats, character set and algorithms for making payloads undetectable.
Decoy Ready:
Darknets and proxies integrated, Spoofing tools. supports integration with many decoy options, includes many tools for proxies and anonymizing networks
readily configured for :
-Tor
-AdvOR
-I2P
-Https, Socks 4 / 5
Enhanced Reporting:
Contains many integrated useful reporting features like :
-Screenshots
-Note taking
-Session saving & exporting
-Custom Url Logging
-Automated Request logging
Hacker Helper:
Includes Hackery-Hybrid, collection of huge amount of learning bookmarks for learning any techniques, tools.
Categories of tools : -Recon / Mapping
-Editors / Debuggers
-Exploitation / Audit
-Anonymity
-Passwords
-Cryptography
-Database
-Scripting / Automation
-Network Utilities
-Reporting
Please add this tool!! As i think its the great tool for pentesters!!
I dont own this project but this project is completely done by a single guy! The one who owns it! He is Mr.Ashish Mistry!
Would love to see this tool in backbox JAN release! It'be more powerfull!
What do u think Zerof about this to add??
Official Site:
http://www.hcon.in/Downloads:http://www.hcon.in/downloads.htmlSource:sourceforge.net/projects/hconframework/files/HconFramework-Fire/HconSTF_0.5_Prime/HconSTF_v0.5_Prime_Source.tar.bz2
