HackBox is a multi-purpose cybersecurity and reconnaissance framework that combines different information gathering and web analysis tools into a single interface. It helps perform tasks such as subdomain discovery, WHOIS lookups, web header analysis, JavaScript URL extraction, and other reconnaissance activities. You can install and use HackBox in Termux to learn basic cybersecurity and OSINT techniques.
Here’s what you can do with HackBox in Termux:
- Find subdomains.
- Perform WHOIS lookups.
- Analyze web headers.
- Extract URLs from JavaScript files.
- Check network information.
- Learn cybersecurity and reconnaissance techniques.
How to Install HackBox in Termux
Below are the simple commands to install HackBox in Termux. Copy and run each command one by one to install the tool successfully on your Android device.
Update Termux packages.
pkg update && pkg upgrade -y
Install required packages.
pkg install python -y
Clone the HackBox repository.
git clone https://github.com/samhaxr/hackbox
Move into the HackBox directory.
cd hackbox
Install required Python packages.
pip install -r requirements.txt
Fix the urllib3 compatibility issue.
pip uninstall urllib3 -y
pip install urllib3==1.26.18
Install the six package.
pip install six
Start HackBox.
python hackbox.py
After completing the installation, HackBox will open inside the terminal and display the available options.
How to Use HackBox in Termux
Start HackBox using the following commands.
python hackbox.py
After running the tool, the following menu will appear inside the terminal:
[1] - Xss [2] - Exploits [3] - Subdomain scanner [4] - Whois Lookup [5] - SSRF Injection [6] - Nmap Auto banner [7] - Js Url parser [8] - Web Headers [9] - Listener [10] - Current Network Stats [11] - CORS Misconfig [12] - AWS S3 Misconfig [0] - Exit
- XSS : Performs cross-site scripting related testing tasks.
- Exploits : Displays available exploit-related resources and modules.
- Subdomain Scanner : Searches for subdomains associated with a target domain.
- Whois Lookup : Retrieves WHOIS information about a domain.
- SSRF Injection : Provides SSRF-related testing options.
- Nmap Auto Banner : Performs Nmap scans and gathers banner information.
- JS URL Parser : Extracts URLs from JavaScript files.
- Web Headers : Displays HTTP response headers from a website.
- Listener : Starts a listener for supported modules.
- Current Network Stats : Shows current network information and statistics.
- CORS Misconfig : Checks for potential CORS misconfigurations.
- AWS S3 Misconfig : Checks for common AWS S3 bucket misconfigurations.
- Exit : Closes HackBox and returns to the terminal.
Choose the option you want from the menu and enter the required target information when prompted. HackBox will automatically perform the selected reconnaissance or information gathering task and display the results.
Whenever you want to use HackBox again, run the following commands:
cd hackbox
python hackbox.py
HackBox provides a collection of useful reconnaissance and web analysis tools in a single package. It can help gather information about domains, websites, and networks while learning different cybersecurity concepts.
