🇫🇷 Français | 🇬🇧 English | 🇪🇸 Español
Follow these steps to set up and launch HACKER-SUITE+2000. Termux Preparation (Android) If you're using Termux on Android, you can run the included setup script to facilitate installation of necessary tools:
- Open Termux.
- Clone the repository (if not already done):
git clone https://github.com/karim93160/hacker-suite-2000.git
cd hacker-suite-2000
- Run the script:
setup_termux.sh:
chmod +x setup_termux.sh
./setup_termux.sh
This script will install python, pip, and other system tools if needed.
To start the HACKER-SUITE+2000 control interface, navigate to the project's main directory and run:
python3 control_panel.py
We recommend running it in the background so you can close your terminal without stopping the application (Make sure you're in the project root directory):
cd exfiltration_agent/
nohup python3 -u control_panel.py > control_panel.log 2>&1 &
-
nohup: Prevents the process from stopping if the terminal is closed.
-
python3 -u: Runs Python in unbuffered mode, useful for real-time logging.
-
control_panel.log 2>&1: Redirects standard output and error to control_panel.log for later debugging.
-
&: Runs the process in the background. Once launched, you'll see messages in your terminal indicating the application is ready. Access the interface via your web browser at:
http://127.0.0.1:8050
Welcome to HACKER-SUITE+2000, an advanced toolkit for cyber operations, designed for data exfiltration, system profiling, and payload management, all through an intuitive web interface. This tool is developed with Python and Dash, offering a smooth user experience for controlling local or remote agents.
🤝 Contributions
Contributions are welcome! If you'd like to improve hacker-suite+2000, fix bugs, or add new features, please check out our Contribution Guide.
hacker-suite+2000 is distributed under the MIT License
Questions, suggestions, or want to discuss the hacker-suite-2000 project? Join the community on GitHub Discussions!
For any questions or suggestions, feel free to open a GitHub issue or contact us by email:
We are committed to creating a welcoming and respectful environment for all contributors. Please take a moment to read our Code of Conduct. By participating in this project, you agree to abide by its terms.
Encountering an issue with hacker-suite+2000? Help us improve the project by reporting bugs! Click the button below to directly open a new pre-filled bug report.
- Overview
- Features
- Project Structure
- Prerequisites
- Installation
- Termux Preparation (Android)
- Python Dependencies Installation
- Launching the Application
- Using the Interface
- "DYNAMIC DISPLAY" Tab
- "DASHBOARD" Tab
- "AGENT CONTROL" Tab
- "FILE EXPLORER" Tab
- "SYSTEM PROFILER" Tab
- "PAYLOADS & PERSISTENCE" Tab
- "STEALTH & EVASION" Tab
- "LOGS & STATUS" Tab
- Configuration
- Contributing
- License
- Code of Conduct
HACKER-SUITE+2000 is a centralized cyber-operations environment that lets you deploy, configure, and monitor an exfiltration agent. Whether you need to collect specific files, obtain detailed information about a target system, manage malicious payloads, or maintain operational stealth, this suite gives you the necessary control through a web browser-based graphical interface. Designed for flexibility, it supports exfiltration via HTTPS and DNS, and includes advanced filtering mechanisms to precisely target data. The interface offers a real-time dashboard, an interactive file explorer, system profiling capabilities, and controls for stealth and evasion.
- Interactive Web Interface: Control the agent through a Dash user interface accessible from any web browser.
- Versatile Exfiltration Agent:
- Exfiltration Methods: Supports HTTPS (recommended) and DNS (for stealthy scenarios).
- Advanced Filtering: File scanning by type (inclusion/exclusion), min/max size, keywords, and regular expressions.
- AES256 Encryption: Encrypts exfiltrated data and logs to ensure confidentiality.
- Target File Explorer: Navigate through local or remote (web) file systems of the target system, view file contents, and download files.
- Detailed System Profiling: Collects comprehensive information about the target system (OS, CPU, memory, disks, network, users, running processes).
- Payload Management: Deploy, execute, and remove custom payloads on the target system.
- Stealth & Evasion: Options for process hiding, anti-debugging, and sandbox detection bypass.
- Built-in Logging: Displays agent logs in real-time and allows reading/downloading encrypted logs.
- Status Dashboard: Monitors key agent metrics (scanned files, exfiltrated files, etc.) in real-time.
- Configuration Persistence: Settings are saved in shared_config.json for easy reloading.
Here's an overview of the project's file and directory organization:
├── CODE_OF_CONDUCT.md
├── LICENSE
├── README.md
├── README_EN.md
├── README_ES.md
├── control_panel.py
├── display
│ ├── index.html
│ ├── script.js
│ └── style.css
├── exf_agent.py
├── modules
│ ├── __pycache__
│ │ ├── aes256.cpython-312.pyc
│ │ ├── file_explorer.cpython-312.pyc
│ │ ├── log_streamer.cpython-312.pyc
│ │ ├── logger.cpython-312.pyc
│ │ ├── system_profiler.cpython-312.pyc
│ │ └── web_explorer.cpython-312.pyc
│ ├── aes256.py
│ ├── anti_evasion.py
│ ├── compression.py
│ ├── config.py
│ ├── exfiltration_dns.py
│ ├── exfiltration_http.py
│ ├── file_explorer.py
│ ├── file_scanner.py
│ ├── log_streamer.py
│ ├── logger.py
│ ├── payload_dropper.py
│ ├── retry_manager.py
│ ├── stealth_mode.py
│ ├── system_profiler.py
│ └── web_explorer.py
├── requirements.txt
├── setup_termux.sh
└── shared_config.json
4 directories, 34 files
Make sure you have the following installed on your system (recommended: Linux or Termux for Android):
- Python 3.x (3.8 or newer recommended)
- pip (Python package manager)
The interface is organized into several tabs, each dedicated to a specific aspect of agent management. "DYNAMIC DISPLAY" Tab This tab serves as a visual and dynamic dashboard, potentially for displaying aggregated information or real-time visualizations of agent activity. It loads content from display/index.html. "DASHBOARD" Tab Monitor the agent's status in real-time.
- Key Statistics: Displays number of files scanned, matches found, amount of data exfiltrated, exfiltration success/failure, agent status, and timestamps.
- Live System Activity: A real-time log stream from the agent, giving you instant insight into its operations. "AGENT CONTROL" Tab Configure agent settings and start/stop its operations.
- Deployment & Configuration:
- Target URL (HTTPS/DNS): The URL or IP address where exfiltrated data will be sent.
- Scan Path: The local directory on the target system to scan.
- AES Key (32 bytes): Encryption key used for exfiltration and logs. Required.
- Exfiltration Method: Choose between HTTPS (recommended) or DNS. If DNS is selected, you'll need to specify a DNS server and domain.
- Filtering Settings: Define criteria for file scanning: file types to include/exclude, minimum/maximum size, keywords and regular expressions to search in file contents.
- Operational Settings:
- Payload URL (Optional): URL to download a payload.
- Payload Path (Optional): Path where the payload will be saved on the target system.
- Processing Threads: Number of threads to use for scanning and uploading.
- Debugging & Evasion Options: Enable debug mode (verbose logging, no cleanup), disable trace cleanup, or disable anti-evasion checks.
- Actions:
- [ SAVE ALL CONFIG ]: Saves current configuration to shared_config.json.
- [ LAUNCH AGENT ]: Starts the agent with the applied configuration.
- [ STOP AGENT ]: Stops the running agent. "FILE EXPLORER" Tab Explore the target's file system.
- Target Host: The URL or IP address of the target for exploration.
- Base Path: The path on the target system from which to start exploration (leave empty for full web exploration).
- Maximum Depth: Limits the recursion depth of exploration.
- Actions:
- [ LAUNCH EXPLORATION ]: Starts exploration based on parameters.
- [ STOP EXPLORATION ]: Stops ongoing exploration.
- Exploration Results: Displays found files and directories in a table. You can "READ" (view content) or "DOWNLOAD" files identified.
- Explorer Live Logs: Displays explorer operations in real-time. "SYSTEM PROFILER" Tab Get detailed information about the target system.
- [ REQUEST SYSTEM INFO ]: Triggers system information collection from the agent.
- Information Display: Data is presented in collapsible sections:
- Operating system information
- CPU information
- Memory usage
- Disk partitions
- Network interfaces
- Connected users
- Running processes "PAYLOADS & PERSISTENCE" Tab Manage payload deployment and execution.
- Payload Source (URL): URL from which the payload will be downloaded.
- Target Path on Agent: Location on the target system where the payload will be stored.
- Actions:
- [ DEPLOY PAYLOAD ]: Deploys payload to target.
- [ EXECUTE PAYLOAD ]: Executes deployed payload.
- [ REMOVE PAYLOAD ]: Removes payload from target. "STEALTH & EVASION" Tab Configure agent stealth and anti-evasion features.
- ACTIVATE PROCESS HIDING: Attempts to hide the agent process.
- ENABLE ANTI-DEBUGGING: Enables mechanisms to detect and hinder debugging.
- BYPASS SANDBOX DETECTION: Activates techniques to bypass sandbox detection.
- [ APPLY STEALTH SETTINGS ]: Applies selected stealth settings to the agent. "LOGS & STATUS" Tab View and manage agent logs.
- Agent Live Log Stream: A display of agent logs in real-time, similar to the dashboard.
- Encrypted Log Archive:
- [ REFRESH ENCRYPTED LOGS ]: Loads and decrypts agent logs stored locally (agent_logs.enc). Make sure the AES key in the "AGENT CONTROL" tab is correct for decryption.
- [ DOWNLOAD RAW LOGS ]: Downloads the encrypted log file (agent_logs.enc). ⚙️ Configuration The shared_config.json file is automatically generated (if absent) when first launching the application. It stores default settings and the AES key.
https://webhook.site/YOUR_UNIQUE_URL_HERE
It is imperative to replace this URL with your own data reception service URL (for example, a custom webhook.site) via the interface or by manually editing the shared_config.json file before launching the agent.