A highly customised CTF, bug bounty hunting & penetration testing environment based on the official kali-rolling docker image.
Haxtools provides a wrapper for the haxtools docker image (and any other docker image for that matter) by sourcing itself within your shell's rc file.
Installation is straightforward and doesn't require any prior experience with docker (though this will help if you wish to further customize Haxtools or add your own custom commands).
1. Install Docker
2. Clone this repository:
git clone https://github.com/0xC0FFEEEE/haxtools ~/.haxtools
3. Add the following to your shell's RC file:
# Haxtools
export HAXTOOLS_VERSION=cli # Set this to 'gui' to use the larger image equipped with GUI apps
export HAXTOOLS_DIR=$HOME/.haxtools
if [[ -s $HAXTOOLS_DIR/.haxrc ]]; then
source $HAXTOOLS_DIR/.haxrc
fi
Run the following command to launch the haxtools container within your terminal and start hacking:
hax
To keep your container and haxtools home environment up to date, run:
hax update
Additional resources such as seclists, priv-esc detection scripts, and other tools and frameworks intended to be dropped on a remote target are not included by default to keep the image size to a minimum.
You can install these optional extras into your haxtools instance's home directory by running:
hax [-ioe|--install-optional-extras]
This will occupy roughly an additional 2GB.
Connecting to OpenVPN at runtime is supported. Just rename your ovpn file to config.ovpn and place it in the .haxtools directory.
In order to keep the default image size as small as possible, the default image does not come with any GUI tools installed. To change this, replace HAXTOOLS_VERSION=cli with HAXTOOLS_VERSION=gui in your shell's RC file.
Try running a GUI application from the haxtools CLI, or by calling hax <app> from the host. On Linux & Windows via WSL it should 'Just work™'. For example:
hax burpsuite
For GUI apps on macOS; some setup using XQuartz to provide the X window system will be required. See macOS for more info.
You can customize the shell environment to your liking from within haxtools. The container's /home/hax directory is mounted to the $HOME/.haxtools/home directory on your host, so any changes to the Haxtools home directory are persistent.
Add additional volume mounts to the HAXTOOLS_VOLUMES environment variable within the .haxrc file to mount additional host directories in the container at runtime.
Haxtools has native support for the following architectures:
- amd64
- arm64
Docker will pull the appropriate build for whatever you're running, whether it's a Raspberry Pi 4, macOS (Intel or Apple Silicon), Windows, or Linux.
Fresh builds are produced on a weekly basis.
From time to time something breaks. Shit happens, I'll do my best to keep the wheels spinning.
Requests for tools and contributions to improve Haxtools and the associated docker container are welcome.