Skip to content
/ Himitsu Public

Himitsu is a Online/Offline Red Team Tool focused on Password Cracking and Web Vulnerabilities

License

GPL-3.0 license
7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Lucksi/Himitsu

BranchesTags

Repository files navigation

Himitsu is a Online/Offline Red Team tool focused on Password Cracking and Web Vulnerabilities

DISCLAIMER

This tool is intented only for educational and testing purposes only. I do not assume any liability for any bad/illegal usage of this tool.

Password Folder

In order to make the password modules works is necessary to add to 'Passwords/Default' a wordlist with .txt extension ex (Example.txt)

File-Cracker

Before using this option make sure to add the file that you want to crack in the folder named 'Files'

Screenshot:

Installation:

git clone https://github.com/Lucksi/Himitsu
cd Himitsu
sudo apt-get update
sudo chmod +x install.sh
sudo bash install.sh
pip3 install -r requirements.txt

Installation (Venv):

if you encounter some errors in the python libraries installation use this method:

git clone https://github.com/Lucksi/Himitsu
sudo apt-get update
cd Himitsu
python3 -m venv .lib_venv
sudo chmod +x install.sh
sudo bash install.sh
source .lib_venv/bin/activate
pip3 install -r requirements.txt

Execution:

cd Himitsu
python3 main.py

Execution (Venv)

cd Himitsu
source .lib_venv/bin/activate
python3 main.py

Configuration Options:

Option name Type Description Default Value
USERAGENT_PATH String File path of the Useragent list Useragent/List.txt
TOR_PROXY True/False Making web request throught Tor network False
USERAGENT_CHANGE True/False Making your Useragent different after a certain number of requests False
BREAK_TIME Number Number of requests to reach in order to change Useragent 5

Features:

Option name Description
Algorithm Recognition Automatic recognition of the algorithm that have been used to hash or encode a password
Useragent changing After a certain number of request your useragent will change in to a new one
Tor Proxies Run your connections throught Tor
Html Forms Detection Gathering all the html forms in a webpage
Automated http request Creation of the url and setting the comunication method for making a web request

Current Form info Gathered:

Option name Description
Action Detection Recognition of the action url
Method Detection Recognition of the method used in order to transfer data (POST/GET)
Parameters Recognition of Parameter name (and description when possible)

Form Detecion Parameters Detection

Current Hashing and Encoding Algorithm Supported:

Name Recognition
BASE64 ✔️
BASE32 ✔️
MD5 ✔️
SHA1 ✔️
SHA224 ✔️
SHA3-224 ✔️
SHA256 ✔️
SHA3-256 ✔️
SHA384 ✔️
SHA3-384 ✔️
SHA512 ✔️
SHA3-512 ✔️

Current Offline Cracking Options:

Options
Password
Zip File
Rar File
7zip File
Pdf File

Current Attacks/Decoding:

Option name Mode
Password Cracking Offline/Online
Xss Injection Offline/Online
Base64 Decoding Offline

STARGAZERS OVER TIME

Stargazers over time


ORIGINAL CREATOR: LUCA GAROFALO (Lucksi)

LICENSE: GPL-3.0 License
COPYRIGHT: (C) 2024 Lucksi

About

Himitsu is a Online/Offline Red Team Tool focused on Password Cracking and Web Vulnerabilities

Topics

python xss password dictionary-attack red-team

Resources

Readme

License

GPL-3.0 license
Activity

Stars

7 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages