HCX Toolkit v5.0.0: The Intelligence Engine

[adde88]

This is the most significant release in the history of the HCX Toolkit, representing a complete evolution from an automation framework into a true Intelligence Gathering Engine.

Where v4.0.9 taught the toolkit to automate workflows, v5.0.0 teaches it to think. This version moves beyond simple capture and conversion, introducing powerful new analysis modes that automatically discover vulnerabilities, provide forensic insights, and give you a complete, actionable picture of your target environment.

If you've ever wished your tools could not only capture data but also tell you what it means—identifying the weakest links, uncovering hidden attack paths, and mapping your findings—then this is the update for you!

---

✨ Headline Features in This Release:

This version is packed with major new analysis capabilities designed to automate security intelligence and reporting.

• 🧠 The Vulnerability Analysis Engine (--mode vulnerability): This is the new flagship feature. It's a powerful, one-touch vulnerability assessment that automatically:

  • Hunts for Low-Hanging Fruit: Tests for thousands of known default router passwords from common vendors like Netgear and Spectrum against your captured hashes.
  • Performs Intelligent Password Guessing: Generates custom wordlists based on the captured network names (ESSIDs) and immediately tests them, finding weak, guessable credentials.
  • Pivots Automatically: If a weak password is cracked, the analyzer will attempt to use that same password or the resulting PMK to attack other captured networks with the same ESSID, simulating a real-world pivot attack.

• 🗺️ Geotracking & Mapping (--mode geotrack): Transform your wardriving data into a visual intelligence map. This new mode leverages hcxnmealog to:

  • Generate Interactive HTML Maps: Creates a self-contained wardriving_map.html file with all your discovered networks pinned on an interactive map, perfect for at-a-glance analysis without needing external software.
  • Export Full Track Logs: Generates .nmea files for use in Google Earth and detailed .tsv logs for deep data analysis in spreadsheets.

• 🔬 Forensic & Network Insights (--mode insights): Go beyond hashes and understand the composition of your target environment. This mode provides deep forensic intelligence by:

  • Profiling Device Vendors: Automatically identifies the manufacturers of captured devices, helping you spot potentially vulnerable IoT hardware or determine if an environment is corporate or residential.
  • Identifying High-Value Targets: Groups devices by activity level, showing you the "noisiest" and most active Access Points and clients.
  • Uncovering Hidden Networks: Generates a clean list of all probed ESSIDs, revealing hidden networks that clients are searching for.

• 🎯 "Recon & Report" Fire-and-Forget Mode (--recon-and-report): The ultimate command for novices and professionals alike. When run with no arguments, the launcher now defaults to this mode:

  1. It automatically defaults to wlan2.
  2. It runs a 15-minute, maximum-intensity capture.
  3. It automatically triggers the full --mode vulnerability analysis upon completion.

• 🤫 Stealth & Efficiency Modes (--stealth-hunt, --exit-on-hash): New personas have been added for more nuanced operations, including a stealthy handshake hunter that avoids noisy deauthentication packets and an efficiency mode that automatically stops the capture the instant a valuable hash is found.

What This Means For Your Workflow:

This release transforms the toolkit from a capture utility into a proactive security analyst. You can now build incredibly powerful, intelligent one-liner commands:

# Example: Run a fully autonomous 15-minute security assessment.
# The script will capture everything possible, then automatically test for
# default passwords, pivot attacks, and report its findings.
hcxdumptool-launcher --recon-and-report -d 900

# Example: Go on a wardrive, then immediately visualize your results.
hcxdumptool-launcher --wardriving-loop 300 --enable-gps
# After stopping, run:
hcx-analyzer.sh --mode geotrack

This release is the culmination of a huge amount of collaborative work and rigorous testing. It is built to be the most powerful, flexible, and intelligent automation toolkit for hcxtools on the WiFi Pineapple MKVII.

For a full list of all changes, please see the CHANGELOG.md.

Full Changelog: v4.0.9...v5.0.0

Support This Project

If you find this project helpful, please consider supporting its continued development:

• Bitcoin: Scan the QR code below or use this BTC address:
  bc1qj85mvdr657nkzef4gppl9xy8eqerqga3suaqc3

  

• Contribute: Pull requests and bug reports are always welcome!

Your support helps keep this project maintained and improved. Thank you! ❤️

---

This discussion was created from the release HCX Toolkit v5.0.0: The Intelligence Engine.