Hakku framework is an open-source penetration testing platform. It can be used to perform web and network-related penetration testing, like information gathering and vulnerabilities assessment tasks. The framework has multiple modules that are classified into the following groups.
1) Web Modules
2) Network Modules
3) Wireless & Bluetooth Modules
4) File Modules
5) Generator Modules
The Web and Network are the main modules in the Hakku framework. The web modules are mostly related to information gathering. The majority of the network modules can be used for network auditing (vulnerabilities assessments). The Wireless & Bluetooth contains a wifi jammer and Bluetooth attack modules. Moreover, the framework contains miscellaneous penetration testing tools; such as wordlist generators and (Zip, Rar) file cracking utilities.
How to Install the Hakku Framework?
Hakku Framework is a Python3 framework written for Linux operating systems. The framework can be cloned from Github using the following command.
git clone https://github.com/4shadoww/hakkuframework
After cloning the Hakku, navigate to the framework’s directory using the following command.
cd hakkuframework ls -l
The Hakku framework is a portable utility that does not require any installation to perform. However, the installation files are present in the core directory if the installation is necessary. The following commands can be used to install the framework.
chmod +x install # change file permission ./install
The modules folder contains scripts of preloaded modules. Make these script files executable using the following commands.
cd modules chmod +x *
The Hakku framework does not have any specific package requirements. Python3 provides all the necessary libraries required to run the framework. The following command shows all the (prefilled) dependencies required by different framework modules.
list dependencies
How to Run the Hakku Framework?
The following command opens the framework’s Command Line Interface (CLI).
python3 hakku
Type <help> in the terminal to explore all the important commands required to operate the framework.
help
The [show modules] command lists all the available modules in the following format.
show modules
As we can see in the above screenshot, the web, and network modules dominate the framework. We can use each module by typing the following syntax.
use <module name>
Web Module Example
Port_Scanner: Let’s assume we require a port scanning module to find the open ports for a web target (webscantest.com). We can select the port_scanner module using the following command.
use port_scanner
Type the <help> in the terminal to get a general overview of the module commands.
help
The <show options> command displays all the required and optional parameters.
show options
There are three parameters to configure before running the port scanner module. The [target] parameter defines the target domain. The [first] and [last] parameters show the range of ports to be scanned in the operation. We can set these parameters as shown in the following screenshot.
The <run> command triggers the port scanner module to scan the predefined range of ports. The results are displayed in the following format.
Although the port scanner module is associated with the web domains, we can also use the module to scan the network servers.
Network Module Example
Network_kill: Similarly, we can use the network_kill module to block communication between the router and the target network machine. Such attacks are launched to force the target machines to connect to a rogue access point. The module selection command is the same for all the operations.
use network_kill
The <show options> command displays the required parameters.
We require the target and router IP addresses to launch the network_kill attack. We can use different tools like Nmap to find the target IP addresses. On localhost, we can run the following command to find the router IP address.
route –n
After setting up the router and target IP address, execute the <run> command to block the communication between the router and target machine.
Conclusion
Hakku Framework has the tendency to meet the basic penetration testing requirements. The open-source framework allows customizing the available tools. The framework also allows developers to add new modules to the framework’s database.