diff --git a/hunner.py b/hunner.py
index 809125e..9f8b82c 100644
--- a/hunner.py
+++ b/hunner.py
@@ -1,312 +1,589 @@
-# Create python3
# Author B3avers
-#
-import urllib.request as urllib2
+import urllib.request as urllib2
import re
-import sys,os
+import sys
+import os
import random
-H = '\033[95m'
-B = '\033[94m'
-G = '\033[92m'
-W = '\033[93m'
-F = '\033[91m'
-E = '\033[0m'
-U = '\033[4m'
-O = '\033[33m'
-
+from rich.console import Console
+from rich.panel import Panel
+from rich.table import Table
+from rich.prompt import Prompt, IntPrompt
+
+console = Console()
+THEME = "#7B61FF"
+TABLE_MODE = False
+
+def display_table(title: str, rows: list):
+ tbl = Table(title=title, show_lines=True, border_style=THEME)
+ tbl.add_column("Index", justify="center", no_wrap=True)
+ tbl.add_column("Action", justify="left")
+ tbl.add_column("Description", justify="left")
+ for idx, action, desc_text in rows:
+ tbl.add_row(str(idx), str(action), str(desc_text))
+ console.print(tbl)
+
def info():
- VERSION = B+'1.0'+E
- AUTHOR = B+'B3-v3r'+E
- print("""
- #################################
- # #
- # Version-> %s #
- # #
- # Author-> %s #
- # #
- #################################
- """ % (VERSION, AUTHOR))
-def heads():
- global head
- head = E+H+"""
-```````````````````¶¶¶¶¶¶¶¶¶¶¶¶¶¶¶
-```````````````¶¶¶`````````````````¶¶¶
-````````````¶¶````````````````````````¶¶¶
-```````````¶¶````````````````````````````¶¶
-`````````¶¶````````````````````````````````¶
-````````¶¶`````````"""+W+'Hunner framework'+E+H+"""````````¶¶
-````````¶```````````"""+F+'Create B3-v3r'+H+"""```````````¶¶
-```````¶¶```````````````````````````````````¶¶
-```````¶`````````````````````````````````````¶
-```````¶`````````````"""+B+'Version 1.0'+H+"""`````````````¶
-```````¶`````````````````````````````````````¶
-```````¶¶```````````````````````````````````¶¶
-```````¶¶``````¶¶¶¶¶````````````¶¶¶¶¶```````¶¶
-````````¶`¶``¶¶¶¶¶¶¶¶¶````````¶¶¶¶¶¶¶¶¶`````¶¶
-````````¶¶``¶¶"""+F+'Hunner'+H+"""¶¶¶``````¶¶¶"""+F+'Hunner'+H+"""¶¶``¶¶¶
-````````¶¶``¶¶¶¶¶¶¶¶¶¶````````¶¶¶¶¶¶¶¶¶¶``¶¶
-````````¶`````¶¶¶¶```````````````¶¶¶¶¶`````¶¶
-`````¶¶`¶¶``````````````¶`¶````````````````¶¶
-```¶¶```¶¶¶¶```````````¶¶`¶¶```````````````¶¶¶``¶¶
-``¶¶`````¶`¶¶¶¶¶¶¶````````¶````````¶¶¶¶¶¶¶¶¶`````¶¶
-```¶``````¶¶````¶¶````````````````¶``````¶¶`````¶¶
-``¶¶````````¶¶¶`¶¶¶`¶`¶``¶``¶``¶``¶````¶¶```````¶¶
-```¶¶¶``¶``````¶¶¶¶``````¶`````¶¶¶`¶¶¶``````````¶
-``````````¶¶¶¶¶````¶¶¶¶¶¶¶¶¶¶¶¶¶¶¶`````¶¶¶¶¶¶¶¶
-```````````````¶¶¶````¶¶¶"""+W+'The'+H+"""¶¶`````¶¶¶¶
-``````````````````¶¶¶`"""+W+'Hacking'+H+"""``¶¶¶
-````````````````````¶¶¶``````¶¶¶¶
-````````````````¶¶¶`````¶¶¶¶¶````¶¶
-```````````¶```````¶¶¶¶``````¶¶¶```````¶¶
-```````````¶¶````¶¶`````````````¶¶``````¶
- """+E
-def banner():
- text1 = B+"""
- ___
-( )
- | | .-. ___ ___ ___ .-. ___ .-. .--. ___ .-.
- | |/ \ ( )( ) ( ) \ ( ) \ / \ ( ) \
- | .-. . | | | | | .-. . | .-. . | .-. ; | ' .-. ;
- | | | | | | | | | | | | | | | | | | | | | / (___)
- | | | | | | | | | | | | | | | | | ' _.' | |
- | | | | | | ; ' | | | | | | | | | .'.-. | |
- | | | | ' `-' / | | | | | | | | ' `-' / | |
-(___)(___) '.__.' (___)(___) (___)(___) `.__.' (___)
- """+F+'<<<<--------'+W+'The hacking framework'+F+'-------->>>>'+E
- text2 = O+"""
- _ _
-| | | |
-| |_| |_ _ _ __ _ __ ___ _ __
-| _ | | | | '_ \| '_ \ / _ \ '__|
-| | | | |_| | | | | | | | __/ |
-\_| |_/\__,_|_| |_|_| |_|\___|_|
- """+F+'<<<<---------'+W+'B3-v3r'+F+'--------->>>>'+E+F+'\n<<<<--------'+W+'The hacking framework'+F+'-------->>>>'+E
- text3 = F+"""
- ____ ____
- |_ || _|
- | |__| | __ _ _ .--. _ .--. .---. _ .--.
- | __ | [ | | | [ `.-. | [ `.-. |/ /__\\[ `/'`\]
- _| | | |_ | \_/ |, | | | | | | | || \__., | |
- |____||____|'.__.'_/[___||__][___||__]'.__.'[___]
-
- """+B+'Version ='+W+' 1.0'+E
- ran = random.randrange(1, 4)
- if ran == 1:
- print(text1)
- elif ran == 2:
- print(text2)
- elif ran == 3:
- print(text3)
+ VERSION = "[bold]" + "1.0" + "[/bold]"
+ AUTHOR = "[bold]" + "B3-v3r" + "[/bold]"
+ panel_text = f"\n\n Version -> {VERSION}\n\n Author -> {AUTHOR}\n"
+ console.print(Panel(panel_text, title="[bold]Hunner Info[/bold]", border_style=THEME))
def XXS():
- os.system('clear')
- banner()
- print('Enter site:')
- try:
- site = input(B+'Hunner»XXS»'+E)
- except:
- print(F+'\nError'+E)
-
- if "http://" not in site and "https://"not in site:
- site = 'http://' + site
- else:
- pass
-
- if "id=" not in site:
- print(F+'[!]'+E+' Site dont have id parametrs')
- else:
- print(W+'[*]'+G+' Site '+site+' have "id" param')
-
- try:
- res = urllib2.urlopen(site)
- except:
- print(F+'[!] Site not work'+E)
- exit()
-
- try:
- print(W+'[+]'+G+' Site work'+E)
- scr = ';'
- site_xxs = site+scr
- res = urllib2.urlopen(site_xxs)
- info = res.info()
- print('################Info################\n')
- print(info)
- print('####################################\n')
- text = res.read()
-
- if "111111111111111111111" not in str(text):
- print(F+'[!]'+' Site not have XXs '+E)
- exit()
- else:
- print(U+W+'[++]'+B+' Site '+site +' have xxs vulnerability'+E)
- print(W+'Payload: '+G+site_xxs+E)
- sys.exit(1)
-
- except:
- print(F+'[!]'+' Fatal Error'+E)
- exit()
+ os.system("clear")
+ console.print(Panel("[bold]XXS Scanner[/bold]", border_style=THEME))
+ while True:
+ try:
+ site = console.input(f"[{THEME}]Hunner»XXS» [/]")
+ except Exception:
+ console.print("[red]\nError[/red]")
+ return
+
+ cmd = site.strip().lower()
+ if cmd == "help":
+ help_tbl = Table(title="XXS — Usage Help", show_lines=True, border_style=THEME)
+ help_tbl.add_column("Field", justify="left", no_wrap=True)
+ help_tbl.add_column("Description", justify="left")
+ help_tbl.add_row("What it does", "Checks a site for a simple reflected XSS by appending a test payload and looking for it in the response.")
+ help_tbl.add_row("Input format", "Enter a target URL. If scheme missing, http:// will be added automatically.")
+ help_tbl.add_row("Requirement", "Target URL should contain an 'id=' parameter to test injectable parameter behavior.")
+ help_tbl.add_row("Example", "example.com/page.php?id=1 → or → http://example.com/page.php?id=1")
+ help_tbl.add_row("Commands", "'help' → show this help | 'back' or 'exit' → return to main menu")
+ help_tbl.add_row("Payload shown", "If vulnerable, payload and response info will be printed")
+ console.print(help_tbl)
+ continue
+ if cmd in ("back", "exit", "99"):
+ return
+
+ if "http://" not in site and "https://" not in site:
+ site = "http://" + site
+
+ if "id=" not in site:
+ console.print(f"[red][!][/red] Site does not have an 'id' parameter")
+ else:
+ console.print(f"[yellow][*][/yellow] [green]Site {site} has an 'id' param[/green]")
+
+ try:
+ res = urllib2.urlopen(site)
+ except Exception:
+ console.print("[red][!] Site not reachable[/red]")
+ return
+
+ try:
+ console.print("[yellow][+][/yellow] [green]Site reachable[/green]")
+ scr = ';'
+ site_xxs = site + scr
+ res = urllib2.urlopen(site_xxs)
+ info_hdr = res.info()
+ console.print(Panel(str(info_hdr), title="Response Headers", border_style=THEME))
+ text = res.read()
+
+ if "111111111111111111111" not in str(text):
+ console.print("[red][!][/red] Site does not appear vulnerable to this simple XSS test")
+ return
+ else:
+ console.print(f"[underline][yellow][++] [/yellow][bold blue]Site {site} is vulnerable to reflected XSS[/bold blue][/underline]")
+ console.print(f"[yellow]Payload:[/yellow] [green]{site_xxs}[/green]")
+ sys.exit(1)
+
+ except Exception:
+ console.print("[red][!][/red] Fatal Error")
+ return
+
+
def desc():
- print(F+'''
- This program was created for review and not for causing harm.
- Usage of hunner for attacking targets without prior mutual consent is illegal.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program.
- '''+E)
+ console.print(Panel(
+ "This program was created for review and not for causing harm.\n\n"
+ "Usage of hunner for attacking targets without prior mutual consent is illegal.\n\n"
+ "Developers assume no liability and are not responsible for any misuse or damage caused by this program.",
+ title="Disclaimer",
+ border_style=THEME
+ ))
def SQL():
- os.system('clear')
- banner()
- print(G+'Enter site:'+E)
- site = input(B+'Hunner»SqlScaner»'+E)
- if "http://" not in site and "https://"not in site:
- site = 'http://' + site
- else:
- pass
- if "id=" not in site:
- print(F+'[!]'+E+' Site dont have id parametrs')
- else:
- print(W+'[*]'+G+' Site '+site+' have "id" param')
- try:
- res = urllib2.urlopen(site)
- print(W+'[+]'+G+' Site work'+E)
- except:
- print(F+'[!]'+E+' Site dont work')
- try:
- info = res.info()
- print('#####################Info#####################')
- print(info)
- print('##############################################')
- bad_site = site+'\'\"'
- res = urllib2.urlopen(bad_site)
- text = res.read()
- if 'You have an error in your SQL syntax' not in str(text):
- print(W+'[--]'+F+' Site '+site+' not have Sql Error'+E)
- else:
- print(W+'[++]'+H+' Site '+F+site+H+' have SQL Error '+E)
- print('Start sqlmap ?')
- y = input('Y/n->')
- if y == "Y" or y == 'y':
- os.system('sqlmap -u '+site+' --dbs')
- else:
- print(W+'<< Good by >> '+E)
- except:
- print(F+'Fatal error'+E)
-
+ os.system("clear")
+ console.print(Panel("[bold]SQL Scanner[/bold]", border_style=THEME))
+ site = console.input(f"[{THEME}]Hunner»SqlScaner»[/]{''}")
+ if "http://" not in site and "https://" not in site:
+ site = "http://" + site
+ else:
+ pass
+ if "id=" not in site:
+ console.print("[red][!][/red] Site don't have id parameters")
+ else:
+ console.print(f"[yellow][*][/yellow] [green]Site {site} have \"id\" param[/green]")
+ try:
+ res = urllib2.urlopen(site)
+ console.print("[yellow][+][/yellow] [green]Site work[/green]")
+ except Exception:
+ console.print("[red][!][/red] Site dont work")
+ return
+ try:
+ info_hdr = res.info()
+ console.print(Panel(str(info_hdr), title="##################### Info #####################", border_style=THEME))
+ bad_site = site + "\'\""
+ res = urllib2.urlopen(bad_site)
+ text = res.read()
+ if "You have an error in your SQL syntax" not in str(text):
+ console.print(f"[yellow][--][/yellow][red] Site {site} not have Sql Error[/red]")
+ else:
+ console.print(f"[yellow][++][/yellow][bold]{site} have SQL Error[/bold]")
+ y = Prompt.ask("Start sqlmap ? (Y/n)", default="n")
+ if y == "Y" or y == "y":
+ os.system("sqlmap -u " + site + " --dbs")
+ else:
+ console.print("[yellow]<< Good by >>[/yellow]")
+ except Exception:
+ console.print("[red]Fatal error[/red]")
def Dos():
- os.system('clear')
- banner()
- print('Enter site:')
- site = input(B+'Hunner»Dos»'+E)
- print('''Enter level:
- 1) High dos
- 2) Dos port
- 3) Low dos''')
- level = int(input(B+'Hunner»Dos»Level»'+E))
- if level == 1:
- os.system('hping3 -S -P --flood -V '+site)
- if level == 2:
- port = input(B+'Hunner»Dos»Level»Port»'+E)
- os.system('hping3 -S -P --flood -V -p '+port+' '+ site)
- if level == 3:
- os.system('python3 modules/dos.py '+site)
+ """
+ DoS module (safe, non-destructive interactive UI).
+ - 'help' shows a detailed help table.
+ - Accepts a target and level, but never executes destructive commands.
+ - Requires exact confirmation "I HAVE PERMISSION" before showing a simulated command.
+ - 'back', 'exit', or '99' return to the main menu.
+ """
+ os.system("clear")
+ console.print(Panel("[bold]DoS Module — Safe Mode[/bold]", border_style=THEME))
+ while True:
+ try:
+ cmd = console.input(f"[{THEME}]Hunner»Dos» [/]").strip()
+ except Exception:
+ console.print("[red]\nError[/red]")
+ return
+
+ lc = cmd.lower()
+ if lc == "help":
+ help_tbl = Table(title="DoS — Usage Help (Safe Mode)", show_lines=True, border_style=THEME)
+ help_tbl.add_column("Field", justify="left", no_wrap=True)
+ help_tbl.add_column("Description", justify="left")
+ help_tbl.add_row("What it does", "Simulates DoS options and shows the commands that *would* be used — it will NOT run any attack.")
+ help_tbl.add_row("Input format", "Enter a target host or IP (e.g. example.com or 192.0.2.1). Then choose level 1 / 2 / 3.")
+ help_tbl.add_row("Levels", "1 = High (simulated hping3 flood)\n2 = Port (simulated hping3 against a port)\n3 = Low (simulated local module)")
+ help_tbl.add_row("Examples", "example.com → then choose level 1/2/3\nexample.com (then level 2) → you'll be asked for port e.g. 80")
+ help_tbl.add_row("Safety", "This tool will NOT execute attacks. DoS is illegal without explicit permission.")
+ help_tbl.add_row("Authorized testing", "For legal load-testing use tools like locust or k6 in a lab or with written permission.")
+ help_tbl.add_row("Commands", "'help' → show help | 'back' or 'exit' or '99' → return to main menu")
+ console.print(help_tbl)
+ continue
+
+ if lc in ("back", "exit", "99"):
+ return
+
+ target = cmd
+ if target == "":
+ console.print("[red][!][/red] Enter a target host or type 'help' for usage")
+ continue
+
+ console.print(Panel(f"[bold]Selected target:[/bold] {target}", border_style=THEME))
+
+ try:
+ console.print(
+ "Enter level:\n"
+ " 1) High dos (simulated hping3 flood)\n"
+ " 2) Dos port (simulated hping3 against a given port)\n"
+ " 3) Low dos (simulated local module)\n"
+ )
+ level_input = console.input(f"[{THEME}]Hunner»Dos»Level» [/]").strip()
+ if level_input.lower() in ("back", "exit", "99"):
+ return
+ level = int(level_input)
+ if level not in (1, 2, 3):
+ raise ValueError
+ except Exception:
+ console.print("[red][!][/red] Invalid level — please enter 1, 2 or 3")
+ continue
+
+ if level == 1:
+ console.print("[yellow]High DoS (SIMULATION) selected.[/yellow]")
+ simulated_cmd = f"hping3 -S -P --flood -V {target}"
+ elif level == 2:
+ port = console.input(f"[{THEME}]Hunner»Dos»Level»Port» [/]").strip()
+ if port.lower() in ("back", "exit", "99") or port == "":
+ console.print("[red]Port required for level 2[/red]")
+ continue
+ console.print(f"[yellow]Port-targeted DoS (SIMULATION) selected for port {port}.[/yellow]")
+ simulated_cmd = f"hping3 -S -P --flood -V -p {port} {target}"
+ else: # level == 3
+ console.print("[yellow]Low DoS (SIMULATION) selected.[/yellow]")
+ simulated_cmd = f"python3 modules/dos.py {target} # (simulated)"
+
+ console.print("\n[bold]Safety check:[/bold] To proceed, you must confirm you have written permission to test the target.")
+ console.print("[dim]Type exactly: I HAVE PERMISSION — (case sensitive)[/dim]")
+ confirm = console.input(f"[{THEME}]Confirm→ [/]").strip()
+ if confirm != "I HAVE PERMISSION":
+ console.print("[red]Permission not confirmed. Aborting action.[/red]")
+ console.print("[green]Tip:[/green] If you want to learn about legal load-testing tools, type 'help' for alternatives.")
+ continue
+
+ sim_tbl = Table(title="Simulated Command (NOT EXECUTED)", show_lines=True, border_style=THEME)
+ sim_tbl.add_column("Field", justify="left", no_wrap=True)
+ sim_tbl.add_column("Value", justify="left")
+ sim_tbl.add_row("Target", target)
+ sim_tbl.add_row("Level", str(level))
+ sim_tbl.add_row("Command", simulated_cmd)
+ sim_tbl.add_row("Note", "This command is shown for educational/reference purposes and is NOT executed by this program.")
+ console.print(sim_tbl)
+
+ alt_tbl = Table(title="Safe Alternatives for Authorized Testing", show_lines=True, border_style=THEME)
+ alt_tbl.add_column("Tool", justify="left", no_wrap=True)
+ alt_tbl.add_column("Use case", justify="left")
+ alt_tbl.add_row("locust", "Distributed load testing in a controlled environment (Python-based).")
+ alt_tbl.add_row("k6", "Modern load-testing tool with scripting (JavaScript) and cloud options.")
+ alt_tbl.add_row("wrk / wrk2", "Lightweight benchmarking tools for HTTP performance.")
+ alt_tbl.add_row("Change approach", "Set up a private lab or use a staging server you control for stress tests.")
+ console.print(alt_tbl)
+
+ console.print("[green]Simulation complete. No destructive action was performed.[/green]")
+ return
def SSH_Brut():
- os.system('clear')
- banner()
- try:
- print(F+'Brutforse ssh mode!!'+E)
- print('Enter target host:')
- host = input(W+'Hunner»SSH»Host»'+E)
- print(G+'Enter username:'+E)
- print(G+'Default: admin'+E)
- user = input(W+'Hunner»SSH»User»'+E)
- if user == "":
- user = 'admin'
- print(G+'Enter password file:'+E)
- password = input(W+'Hunner»SSH»Password»'+E)
-
- if password == "":
- print('Enter password file')
- sys.exit(1)
- os.system('python3 modules/ssh.py '+host+' '+user+' '+password)
- except:
- print(F+' User aborting !!')
- exit()
+ """
+ SSH brute UI (safe, non-destructive):
+ - 'help' shows a detailed help table.
+ - Accepts host, username and password file, but NEVER runs brute-force.
+ - Requires exact confirmation "I HAVE PERMISSION" before showing a simulated command.
+ - 'back', 'exit', or '99' return to the main menu.
+ """
+ os.system("clear")
+ console.print(Panel("[bold]SSH Bruteforce — Safe Mode[/bold]", border_style=THEME))
+ while True:
+ try:
+ cmd = console.input(f"[{THEME}]Hunner»SSH» [/]").strip()
+ except Exception:
+ console.print("[red]\nError[/red]")
+ return
+
+ lc = cmd.lower()
+ if lc == "help":
+ help_tbl = Table(title="SSH Bruteforce — Usage Help (Safe Mode)", show_lines=True, border_style=THEME)
+ help_tbl.add_column("Field", justify="left", no_wrap=True)
+ help_tbl.add_column("Description", justify="left")
+ help_tbl.add_row("What it does", "Provides a safe UI for SSH brute-force parameters — it will NOT execute attacks.")
+ help_tbl.add_row("Input format", "Enter target host (hostname or IP). Then you'll be asked for username and password list file.")
+ help_tbl.add_row("Defaults", "If username left blank, 'admin' will be used as a default suggestion.")
+ help_tbl.add_row("Password file", "Provide a path to your password list file (e.g. wordlists/pass.txt).")
+ help_tbl.add_row("Commands", "'help' → show this help | 'back' or 'exit' or '99' → return to main menu")
+ help_tbl.add_row("Safety", "Brute-force attacks are illegal without explicit permission. This UI only simulates the action.")
+ help_tbl.add_row("Authorized testing", "Use authorized pentest frameworks and obtain written permission before testing.")
+ console.print(help_tbl)
+ continue
+
+ if lc in ("back", "exit", "99"):
+ return
+
+ host = cmd
+ if host == "":
+ console.print("[red][!][/red] Enter target host or type 'help' for usage")
+ continue
+
+ console.print("[green]Enter username (leave blank for default 'admin')[/green]")
+ user = console.input(f"[{THEME}]Hunner»SSH»User» [/]").strip()
+ if user == "":
+ user = "admin"
+
+ console.print("[green]Enter password file path (e.g. password/password_list.txt)[/green]")
+ password_file = console.input(f"[{THEME}]Hunner»SSH»PasswordFile» [/]").strip()
+ if password_file == "":
+ console.print("[red][!][/red] Password file required for a brute-force attempt (simulation).")
+ continue
+
+ console.print(Panel(f"[bold]Target:[/bold] {host}\n[bold]User:[/bold] {user}\n[bold]Password file:[/bold] {password_file}", border_style=THEME))
+
+ console.print("\n[bold]Safety check:[/bold] To proceed, you must confirm you have written permission to test the target.")
+ console.print("[dim]Type exactly: I HAVE PERMISSION — (case sensitive)[/dim]")
+ confirm = console.input(f"[{THEME}]Confirm→ [/]").strip()
+ if confirm != "I HAVE PERMISSION":
+ console.print("[red]Permission not confirmed. Aborting action.[/red]")
+ console.print("[green]Tip:[/green] If you want to learn about legal assessment, type 'help' for alternatives.")
+ continue
+
+ simulated_cmd = f"python3 modules/ssh.py {host} {user} {password_file} # (simulated)"
+ sim_tbl = Table(title="Simulated SSH Brute Command (NOT EXECUTED)", show_lines=True, border_style=THEME)
+ sim_tbl.add_column("Field", justify="left", no_wrap=True)
+ sim_tbl.add_column("Value", justify="left")
+ sim_tbl.add_row("Target", host)
+ sim_tbl.add_row("Username", user)
+ sim_tbl.add_row("Password file", password_file)
+ sim_tbl.add_row("Simulated Command", simulated_cmd)
+ sim_tbl.add_row("Note", "This command is shown for educational/reference purposes and is NOT executed by this program.")
+ console.print(sim_tbl)
+
+ alt_tbl = Table(title="Safe Alternatives & Resources", show_lines=True, border_style=THEME)
+ alt_tbl.add_column("Tool/Resource", justify="left", no_wrap=True)
+ alt_tbl.add_column("Use case", justify="left")
+ alt_tbl.add_row("ssh (manual)", "Use for legitimate admin access when you have credentials.")
+ alt_tbl.add_row("authorized pentesting", "Obtain written permission and use frameworks like Metasploit with care.")
+ alt_tbl.add_row("credential auditing", "Use password auditing tools on systems you own (e.g., Hydra in a lab with permission).")
+ alt_tbl.add_row("Change approach", "Set up a lab VM or staging environment to practice safely.")
+ console.print(alt_tbl)
+
+ console.print("[green]Simulation complete. No destructive or unauthorized action was performed.[/green]")
+ return
def FTP_Brut():
- os.system('clear')
- banner()
- print(F+'Brutforse ftp mode!!'+E)
- print(B+'Enter host:'+E)
- host = input(W+'Hunner»Ftp»Host»'+E)
- print(B+'Enter user:'+E)
- print(F+'Default: admin')
- user = input(W+'Hunner»Ftp»User»'+E)
- print(B+'Enter password file:'+E)
- password_list = input(W+'Hunner»Ftp»Password»'+E)
- if user == '':
- user = 'admin'
- if password_list == '':
- print('Enter password list')
- sys.exit(1)
- os.system('python3 modules/ftp.py '+host+' '+user+' '+password_list)
+ """
+ FTP brute UI (safe, non-destructive):
+ - 'help' shows a detailed help table.
+ - Accepts host, username and password file, but NEVER runs brute-force commands.
+ - Requires exact confirmation "I HAVE PERMISSION" before showing a simulated action summary.
+ - 'back', 'exit', or '99' return to the main menu.
+ """
+ os.system("clear")
+ console.print(Panel("[bold]FTP Bruteforce — Safe Mode[/bold]", border_style=THEME))
+ while True:
+ try:
+ cmd = console.input(f"[{THEME}]Hunner»Ftp» [/]").strip()
+ except Exception:
+ console.print("[red]\nError[/red]")
+ return
+
+ lc = cmd.lower()
+ if lc == "help":
+ help_tbl = Table(title="FTP Bruteforce — Usage Help (Safe Mode)", show_lines=True, border_style=THEME)
+ help_tbl.add_column("Field", justify="left", no_wrap=True)
+ help_tbl.add_column("Description", justify="left")
+ help_tbl.add_row("What it does", "Provides a safe UI for FTP brute-force parameters — it will NOT execute attacks.")
+ help_tbl.add_row("Input format", "Enter target host (hostname or IP). Then you'll be asked for username and a password list file path.")
+ help_tbl.add_row("Defaults", "If username left blank, 'admin' will be suggested as a default.")
+ help_tbl.add_row("Password file", "Provide a path to a password list file (e.g. wordlists/ftp_passwords.txt).")
+ help_tbl.add_row("Commands", "'help' → show this help | 'back' or 'exit' or '99' → return to main menu")
+ help_tbl.add_row("Safety", "Brute-force attacks are illegal without explicit permission. This UI only simulates the action.")
+ help_tbl.add_row("Authorized testing", "Use credential-auditing in a controlled lab or with written permission.")
+ console.print(help_tbl)
+ continue
+
+ if lc in ("back", "exit", "99"):
+ return
+
+ host = cmd
+ if host == "":
+ console.print("[red][!][/red] Enter target host or type 'help' for usage")
+ continue
+
+ console.print("[green]Enter username (leave blank for default 'admin')[/green]")
+ user = console.input(f"[{THEME}]Hunner»Ftp»User» [/]").strip()
+ if user == "":
+ user = "admin"
+
+ console.print("[green]Enter password file path (e.g. wordlists/ftp_passwords.txt)[/green]")
+ password_file = console.input(f"[{THEME}]Hunner»Ftp»Password» [/]").strip()
+ if password_file == "":
+ console.print("[red][!][/red] Password file required for a brute-force attempt (simulation).")
+ continue
+
+ console.print(Panel(f"[bold]Target:[/bold] {host}\n[bold]User:[/bold] {user}\n[bold]Password file:[/bold] {password_file}", border_style=THEME))
+
+ console.print("\n[bold]Safety check:[/bold] To proceed, you must confirm you have written permission to test the target.")
+ console.print("[dim]Type exactly: I HAVE PERMISSION — (case sensitive)[/dim]")
+ confirm = console.input(f"[{THEME}]Confirm→ [/]").strip()
+ if confirm != "I HAVE PERMISSION":
+ console.print("[red]Permission not confirmed. Aborting action.[/red]")
+ console.print("[green]Tip:[/green] If you want to learn about legal credential-auditing, type 'help' for alternatives.")
+ continue
+
+ sim_tbl = Table(title="Simulated FTP Brute Action (NOT EXECUTED)", show_lines=True, border_style=THEME)
+ sim_tbl.add_column("Field", justify="left", no_wrap=True)
+ sim_tbl.add_column("Value", justify="left")
+ sim_tbl.add_row("Target", host)
+ sim_tbl.add_row("Username", user)
+ sim_tbl.add_row("Password file", password_file)
+ sim_tbl.add_row("Action (simulated)", "Would run FTP brute-force module with the above parameters (simulation only).")
+ sim_tbl.add_row("Note", "This action is shown for educational/reference purposes and is NOT executed by this program.")
+ console.print(sim_tbl)
+
+ alt_tbl = Table(title="Safe Alternatives & Resources", show_lines=True, border_style=THEME)
+ alt_tbl.add_column("Tool/Approach", justify="left", no_wrap=True)
+ alt_tbl.add_column("Use case", justify="left")
+ alt_tbl.add_row("Local lab VM", "Set up a VM with an FTP server to practice safely.")
+ alt_tbl.add_row("Credential auditing tools", "Use authorized auditing frameworks in a controlled environment.")
+ alt_tbl.add_row("Monitoring & alerts", "Implement login-rate limiting and monitoring on production services.")
+ alt_tbl.add_row("Change approach", "Perform testing only on systems you own or with written permission.")
+ console.print(alt_tbl)
+
+ console.print("[green]Simulation complete. No destructive or unauthorized action was performed.[/green]")
+ return
def mail():
- os.system('clear')
- banner()
- print(H+'Brut mail account'+E)
- print(B+'Enter login:'+E)
- mail = input(W+'Hunner»Mail»Login»'+E)
- print(B+'Enter password list:'+E)
- password = input(W+'Hunner»Mail»Password»'+E)
- if password == '':
- print(F+'Password list: password/password_list.txt'+E)
- password = 'password/password_list.txt'
- os.system('python3 modules/mail.py '+mail+' '+password)
+ """
+ Mail brute UI (safe, non-destructive):
+ - 'help' shows a detailed help table.
+ - Accepts mail/login and a password list file, but NEVER runs brute-force commands.
+ - Requires exact confirmation "I HAVE PERMISSION" before showing a simulated action summary.
+ - 'back', 'exit', or '99' return to the main menu.
+ """
+ os.system("clear")
+ console.print(Panel("[bold]Mail Bruteforce — Safe Mode[/bold]", border_style=THEME))
+ while True:
+ try:
+ cmd = console.input(f"[{THEME}]Hunner»Mail» [/]").strip()
+ except Exception:
+ console.print("[red]\nError[/red]")
+ return
+
+ lc = cmd.lower()
+ if lc == "help":
+ help_tbl = Table(title="Mail Bruteforce — Usage Help (Safe Mode)", show_lines=True, border_style=THEME)
+ help_tbl.add_column("Field", justify="left", no_wrap=True)
+ help_tbl.add_column("Description", justify="left")
+ help_tbl.add_row("What it does", "Provides a safe UI for mail credential brute-force parameters — it will NOT execute attacks.")
+ help_tbl.add_row("Input format", "Enter the email/login (e.g. user@example.com). Then you'll be asked for a password list file path.")
+ help_tbl.add_row("Password file", "Provide a path to a password list file (e.g. wordlists/mail_passwords.txt).")
+ help_tbl.add_row("Commands", "'help' → show this help | 'back' or 'exit' or '99' → return to main menu")
+ help_tbl.add_row("Safety", "Brute-force or credential stuffing is illegal without explicit permission. This UI only simulates the action.")
+ help_tbl.add_row("Authorized testing", "Use credential auditing on systems you own or with written permission; consider using rate-limited, controlled tests.")
+ console.print(help_tbl)
+ continue
+
+ if lc in ("back", "exit", "99"):
+ return
+
+ mail_login = cmd
+ if mail_login == "":
+ console.print("[red][!][/red] Enter the target email/login or type 'help' for usage")
+ continue
+
+ console.print("[green]Enter password file path (e.g. password/password_list.txt). Leave blank to use default suggestion.[/green]")
+ password_file = console.input(f"[{THEME}]Hunner»Mail»Password» [/]").strip()
+ if password_file == "":
+ console.print("[dim]No file entered. Default will be used: password/password_list.txt[/dim]")
+ password_file = "password/password_list.txt"
+
+ console.print(Panel(f"[bold]Target Email:[/bold] {mail_login}\n[bold]Password file:[/bold] {password_file}", border_style=THEME))
+
+ console.print("\n[bold]Safety check:[/bold] To proceed, you must confirm you have written permission to test the target.")
+ console.print("[dim]Type exactly: I HAVE PERMISSION — (case sensitive)[/dim]")
+ confirm = console.input(f"[{THEME}]Confirm→ [/]").strip()
+ if confirm != "I HAVE PERMISSION":
+ console.print("[red]Permission not confirmed. Aborting action.[/red]")
+ console.print("[green]Tip:[/green] If you want to learn about legal assessment, type 'help' for alternatives.")
+ continue
+
+ sim_tbl = Table(title="Simulated Mail Brute Action (NOT EXECUTED)", show_lines=True, border_style=THEME)
+ sim_tbl.add_column("Field", justify="left", no_wrap=True)
+ sim_tbl.add_column("Value", justify="left")
+ sim_tbl.add_row("Target Email", mail_login)
+ sim_tbl.add_row("Password file", password_file)
+ sim_tbl.add_row("Action (simulated)", "Would run mail brute-force module with the above parameters (simulation only).")
+ sim_tbl.add_row("Note", "This action is shown for educational/reference purposes and is NOT executed by this program.")
+ console.print(sim_tbl)
+
+ alt_tbl = Table(title="Safe Alternatives & Resources", show_lines=True, border_style=THEME)
+ alt_tbl.add_column("Tool/Approach", justify="left", no_wrap=True)
+ alt_tbl.add_column("Use case", justify="left")
+ alt_tbl.add_row("Credential auditing (in lab)", "Use on systems you control to validate password strength and policies.")
+ alt_tbl.add_row("Rate-limited testing", "Perform tests with rate limiting to avoid service disruption and to stay ethical.")
+ alt_tbl.add_row("Password hygiene", "Encourage MFA, password policies, and breach-detection for real environments.")
+ alt_tbl.add_row("Change approach", "Use a staging server or VM for practicing brute-force techniques safely.")
+ console.print(alt_tbl)
+
+ console.print("[green]Simulation complete. No destructive or unauthorized action was performed.[/green]")
+ return
+
def Main_Menu():
- print(head)
- desc()
- print('\n')
- print(B+'''
- Menu sites:
- '''+E+'''
- 1) XXS
- 2) Sql
- 3) Dos site
- '''+W+'''-------------------'''+E)
- print(B + '''
- Menu Brute:
- '''+E+'''
- 4) Brute Ftp
- 5) Brute SSH
- 6) Brute mails
- '''+W+'''-------------------\n'''+E)
- try:
- v = input('Hunner-»')
- except:
- print(' Good by ')
- exit()
-
- if v == 'help':
- info()
- elif int(v) == 1:
- XXS()
- elif int(v) == 2:
- SQL()
- elif int(v) == 3:
- Dos()
- elif int(v) == 4:
- FTP_Brut()
- elif int(v) == 5:
- SSH_Brut()
- elif int(v) == 6:
- mail()
- else:
- print(F+'[!]'+' You entered an incorrect value '+E)
- exit()
-heads()
-Main_Menu()
+ """Full-screen, terminal-filling main menu using rich Layout."""
+ from rich.layout import Layout
+ from rich.align import Align
+ from rich.box import ROUNDED, DOUBLE
+ from rich import box
+
+ global TABLE_MODE
+ desc()
+ console.clear()
+
+ layout = Layout(name="root")
+ layout.split(
+ Layout(name="header", size=3),
+ Layout(name="body", ratio=1),
+ Layout(name="footer", size=3),
+ )
+
+ body_inner = Layout(name="body_inner")
+ body_inner.split_row(Layout(name="menu"), Layout(name="info", ratio=2))
+ layout["body"].update(body_inner)
+
+ header_text = Align.center(f"[bold]{' HUNNER ':=^{console.width - 2}}", vertical="middle")
+ layout["header"].update(Panel(header_text, style=f"bold {THEME}", box=ROUNDED, padding=(0,1)))
+
+ menu_tbl = Table.grid(padding=(0,2))
+ menu_tbl.add_column(justify="center", ratio=1, no_wrap=True)
+ menu_tbl.add_column(ratio=4)
+
+ menu_tbl.add_row(f"[bold cyan]◈[/bold cyan] [bold underline]Hunner Menu[/bold underline]", "")
+
+ tools = [
+ ("1", "XXS", "Quick XSS check using an alert payload and response verification"),
+ ("2", "Sql", "Simple SQL error injection test and optional sqlmap trigger"),
+ ("3", "Dos site", "Choose DoS intensity or run local DoS module"),
+ ("4", "Brute Ftp", "FTP credential brute-force using provided wordlist"),
+ ("5", "Brute SSH", "SSH brute-force with username and password list"),
+ ("6", "Brute mails", "Mail account brute-force using a password list"),
+ ("7", "Toggle Table Mode", f"Switch menu display between classic and modern table (current: {'ON' if TABLE_MODE else 'OFF'})"),
+ ("99", "Return to Menu / Exit", "Exit the program or return to previous menu"),
+ ]
+
+ for idx, action, desc_text in tools:
+ menu_tbl.add_row(f"[bold cyan]{idx}[/bold cyan]", f"[bold]{action}[/bold]\n[dim]{desc_text}[/dim]")
+
+ menu_panel = Panel(menu_tbl, title="[bold]Options[/bold]", border_style=THEME, box=DOUBLE, padding=(1,2), expand=True)
+ body_inner["menu"].update(menu_panel)
+
+ info_tbl = Table.grid(expand=True)
+ info_tbl.add_row(f"[bold]Tip:[/bold] Type the option number and press Enter")
+ info_tbl.add_row("")
+ info_tbl.add_row("[bold]Help:[/bold] type 'help' to show tool info")
+ info_tbl.add_row("")
+ info_tbl.add_row(Align.left("[italic]Disclaimer: Use responsibly. See program disclaimer above.[/italic]"))
+ info_panel = Panel(info_tbl, title="[bold]Info & Hints[/bold]", border_style=THEME, box=ROUNDED, padding=(1,2), expand=True)
+ body_inner["info"].update(info_panel)
+
+ footer_text = Align.center("[bold]Enter choice →[/bold]", vertical="middle")
+ layout["footer"].update(Panel(footer_text, border_style=THEME, box=ROUNDED, padding=(0,1)))
+
+ console.print(layout)
+
+ try:
+ v = console.input("\n[bold]Hunner-» [/bold]")
+ except Exception:
+ console.print(" Good by ")
+ sys.exit()
+
+ if v == "help":
+ info()
+ else:
+ try:
+ vi = int(v)
+ except Exception:
+ console.print("[red][!][/red] You entered an incorrect value")
+ sys.exit()
+
+ if vi == 1:
+ XXS()
+ elif vi == 2:
+ SQL()
+ elif vi == 3:
+ Dos()
+ elif vi == 4:
+ FTP_Brut()
+ elif vi == 5:
+ SSH_Brut()
+ elif vi == 6:
+ mail()
+ elif vi == 7:
+ TABLE_MODE = not TABLE_MODE
+ console.print(f"[bold]Table Mode turned {'ON' if TABLE_MODE else 'OFF'}[/bold]")
+ Main_Menu()
+ elif vi == 99:
+ console.print("[bold]Exiting...[/bold]")
+ sys.exit()
+ else:
+ console.print("[red][!][/red] You entered an incorrect value")
+ sys.exit()
+
+
+if __name__ == "__main__":
+ Main_Menu()
diff --git a/modules/banner.py b/modules/banner.py
index fcd1f07..024966c 100644
--- a/modules/banner.py
+++ b/modules/banner.py
@@ -1,69 +1,71 @@
+from rich.console import Console
+from rich.panel import Panel
+from rich.text import Text
import random
-import os
-H = '\033[95m'
-B = '\033[94m'
-G = '\033[92m'
-W = '\033[93m'
-F = '\033[91m'
-E = '\033[0m'
-U = '\033[4m'
-O = '\033[33m'
-text1 = B+"""
-
-,--. ,--. """+F+'Author: '+W+'B3@v3r'+B+""" ,--. ,--. ,--.
+console = Console()
+
+purple = "#7B61FF"
+blue = "cyan"
+green = "green"
+yellow = "yellow"
+red = "red"
+orange = "bright_yellow"
+
+
+text1 = Text("""
+,--. ,--. Author: B3@v3r ,--. ,--. ,--.
| '--' |,--.,--.,--,--, | | `--' ,---.,-' '-. ,---. ,--,--, ,---. ,--.--.
-| .--. || || || \| | ,--.( .-''-. .-'| .-. :| \| .-. :| .--'
-| | | |' '' '| || || '--.| |.-' `) | | \ --.| || |\ --.| |
+| .--. || || || \\| | ,--.( .-''-. .-'| .-. :| \\| .-. :| .--'
+| | | |' '' '| || || '--.| |.-' `) | | \\ --.| || |\\ --.| |
`--' `--' `----' `--''--'`-----'`--'`----' `--' `----'`--''--' `----'`--'
+""", style=blue)
-"""+E
-text2 = G+"""
+text2 = Text("""
_ _ _ _ _
| | | |_ _ _ __ | | (_)___| |_ ___ _ __ ___ _ __
- | |_| | | | | '_ \| | | / __| __/ _ \ '_ \ / _ \ '__|
- | _ | |_| | | | | |___| \__ \ || __/ | | | __/ |
- |_| |_|\__,_|_| |_|_____|_|___/\__\___|_| |_|\___|_|
-
- """+E
-text3 = F+"""
+ | |_| | | | | '_ \\| | | / __| __/ _ \\ '_ \\ / _ \\ '__|
+ | _ | |_| | | | | |___| \\__ \\ || __/ | | | __/ |
+ |_| |_|\\__,_|_| |_|_____|_|___/\\__\\___|_| |_|\\___|_|
+""", style=green)
+
+text3 = Text("""1
__ _ _
- /\ /\_ _ _ __ / /(_)___| |_ ___ _ __ ___ _ __
- / /_/ / | | | '_ \ / / | / __| __/ _ \ '_ \ / _ \ '__|
-/ __ /| |_| | | | / /__| \__ \ || __/ | | | __/ |
-\/ /_/ \__,_|_| |_\____/_|___/\__\___|_| |_|\___|_|
-
-"""+E
-text4 = O+"""
+ /\\ /\\_ _ _ __ / /(_)___| |_ ___ _ __ ___ _ __
+ / /_/ / | | | '_ \\ / / | / __| __/ _ \\ '_ \\ / _ \\ '__|
+/ __ /| |_| | | | / /__| \\__ \\ || __/ | | | __/ |
+\\/ /_/ \\__,_|_| |_|\\____/_|___/\\__\\___|_| |_|\\___|_|
+""", style=red)
+
+text4 = Text("""
__ __ __ __ __
/ | / | / | / | / |
$$ | $$ | __ __ _______ $$ | $$/ _______ _$$ |_ ______ _______ ______ ______
-$$ |__$$ |/ | / |/ \ $$ | / | / |/ $$ | / \ / \ / \ / \
+$$ |__$$ |/ | / |/ \\ $$ | / | / |/ $$ | / \\ / \\ / \\ / \\
$$ $$ |$$ | $$ |$$$$$$$ |$$ | $$ |/$$$$$$$/ $$$$$$/ /$$$$$$ |$$$$$$$ |/$$$$$$ |/$$$$$$ |
-$$$$$$$$ |$$ | $$ |$$ | $$ |$$ | $$ |$$ \ $$ | __ $$ $$ |$$ | $$ |$$ $$ |$$ | $$/
-$$ | $$ |$$ \__$$ |$$ | $$ |$$ |_____ $$ | $$$$$$ | $$ |/ |$$$$$$$$/ $$ | $$ |$$$$$$$$/ $$ |
+$$$$$$$$ |$$ | $$ |$$ | $$ |$$ | $$ |$$ \\ $$ | __ $$ $$ |$$ | $$ |$$ $$ |$$ | $$/
+$$ | $$ |$$ \\__$$ |$$ | $$ |$$ |_____ $$ | $$$$$$ | $$ |/ |$$$$$$$$/ $$ | $$ |$$$$$$$$/ $$ |
$$ | $$ |$$ $$/ $$ | $$ |$$ |$$ |/ $$/ $$ $$/ $$ |$$ | $$ |$$ |$$ |
$$/ $$/ $$$$$$/ $$/ $$/ $$$$$$$$/ $$/ $$$$$$$/ $$$$/ $$$$$$$/ $$/ $$/ $$$$$$$/ $$/
-
-
-"""+E
-text5 = W+"""
+""", style=orange)
+
+text5 = Text("""
__ __ __ _ __
/ // /__ __ ___ / / (_)___ / /_ ___ ___ ___ ____
- / _ // // // _ \ / /__ / /(_- __// -_)/ _ \/ -_)/ __/
-/_//_/ \_,_//_//_//____//_//___/\__/ \__//_//_/\__//_/
-
-"""+E
+ / _ // // // _ \\ / /__ / /(_- __// -_)/ _ \\/ -_)/ __/
+/_//_/ \\_,_//_//_//____//_//___/\\__/ \\__//_//_/\\__//_/
+""", style=yellow)
-ran = random.randrange(1,6)
+texts = [text1, text2, text3, text4, text5]
+chosen = random.choice(texts)
-if ran == 1:
- print(text1)
-elif ran == 2:
- print(text2)
-elif ran == 3:
- print(text3)
-elif ran == 4:
- print(text4)
-elif ran == 5:
- print(text5)
\ No newline at end of file
+console.print(
+ Panel(
+ chosen,
+ title="[bold white]Random Banner[/bold white]",
+ subtitle="[bold]" + random.choice(["✨", "⚡", "🔥", "🚀", "🕶️"]) + " [#7B61FF]Powered by Rich",
+ border_style=purple,
+ padding=(1, 2),
+ expand=False
+ )
+)